> ## Documentation Index > Fetch the complete documentation index at: https://docs.greip.io/llms.txt > Use this file to discover all available pages before exploring further. # Payment Fraud Detection > Prevent financial losses and protect your business by deploying AI-powered modules that analyze transaction patterns in real-time. This method helps identify and block suspicious activities, mitigating the risk of fraudulent payments and ensuring a secure experience for both you and your customers. export const MCPCallout = () => { return

Want to skip the docs? Use the{" "} MCP Server

; }; export const Availability = ({plan, color}) => { const colorMap = { green: "text-green-700 dark:text-green-400", blue: "text-blue-700 dark:text-blue-400", purple: "text-purple-700 dark:text-purple-400" }; return

Endpoint availability:{" "} {plan} Learn more

; }; ## Overview Detecting and preventing fraudulent payments is a critical task for any business that accepts online payments. This AI-based module is designed to help you do that by analysing a range of data points related to each transaction. Using sophisticated machine learning algorithms, this method can detect and flag potentially fraudulent transactions by analysing user data, user behaviour, user device, and other factors. For example, if a transaction appears to be coming from an unusual location or device, or if the user's behaviour is inconsistent with their past transactions, this method can flag the transaction for further review or rejection. One of the key advantages of this AI-based module is its ability to adapt and learn over time. As it analyses more data and detects more fraud, it can improve its accuracy and efficiency, making it a highly effective tool for preventing financial losses due to fraud. By implementing this method in your payment processing system, you can help protect your business and your customers from fraudulent activity, while providing a seamless and secure payment experience. "ECOMMERCE LOSSES TO ONLINE PAYMENT FRAUD TO **EXCEED \$48 BILLION** GLOBALLY IN 2023, AS FRAUD INCURSIONS EVOLVE", according to a recent report by Juniper Research. ## Integration Workflow Greip Payment Fraud Module - Workflow

### Body Parameters The action your customer try to implement. Accepts: `purchase`, `deposit`, or `withdrawal`. The domain name of the website the customer trying to purchase from. Sample value: `domain.com` The name of the website the customer trying to purchase from. Sample value: `Nike Store, California` If your a service provider with "sub-websites" (like Shopify), then provide a unique identification code indicating the website the customer trying to purchase from. Sample values: `12330098`, `01as-aowq-029jd`, or `abcdefg`. The identification code of the shipment. The identification code of the transaction in your system. The total amount of the transaction. The currency in which the customer pay with. Sample value: `GBP` Set this to true if the customer is purchasing a digital product. The promo code used by the customer to complete the checkout. The identification number of the customer in your system. The first name of the customer. The last name of the customer (Family Name). The Place of Birth of the customer. The IP address of the customer. The `ISO 3166-1 alpha-2` code format of the country where the customer live. [Learn more](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) The name of the region where the customer live. The name of the city where the customer live. The name of the zip code of customer location. The "address line 1" of the customer. The "address line 2" of the customer. The customer latitude on the map (GPS Coordinates). The customer longitude on the map (GPS Coordinates). The device identification code of the customer. The phone number of the customer (international format). The registration date of the customer (UNIX Timestamp). If you offer a Wallet feature in your website, then pass the user balance to this pararmeter. The customer's date of birth. Sample value: '1985-12-27\` The email address of the customer. Set this to true if the customer has 2FA enabled in his/her account. Pass the [User Agent](https://en.wikipedia.org/wiki/User_agent) of the customer to this parameter. The shipping country code of the customer (in `ISO 3166-1 alpha-2` format). The shipping region name of the customer. The shipping city name of the customer. The zip code of the customer's shipping address. The shipping "address 1" of the customer. The shipping "address 2" of the customer. The latitude of the customer's shipping address (GPS Coordinates). The longitude of the customer's shipping address (GPS Coordinates). The billing country code of the customer (in `ISO 3166-1 alpha-2` format). The billing region name of the customer. The billing city name of the customer. The zip code of the customer's billing address. The billing "address 1" of the customer. The billing "address 2" of the customer. The latitude of the customer's billing address (GPS Coordinates). The longitude of the customer's billing address (GPS Coordinates). The payment method used to complete this transaction. Accepted values: `cards`, `cards_mada`, `applepay`, `stcpay`, `bank`, `crypto`, `wallet`, or `cod`. The name on the card (Cardholder Name). The card number (min: 6 digits). The expiry date of the customer debit/credit card. Sample value: 29/05 Set this to true if the customer passed the CVV/CSV verification process. The format command is used to get a response in a specific format. Expected values: `JSON`, `XML`, `CSV`, or `Newline` For more information please refer to [Response Format](/options/response-format). The mode command is used to in the development stage to simulate the integration process before releasing it to the production environment. Expected values: `live`, or `test`. For more information please refer to [Development Environment](/options/development-environment). The userID command can be used to identify requests sent by specific users to monitor in the [Events Page](/dashboard-guides/monitoring-capabilities/real-time-threat-monitoring). Expected values: email address, phone number, user id, name, etc. For more information please refer to [User Identifier](/options/user-identifier). ```json Success theme={null} { "data": { "score": 82, "rules": [ { "id": "PF10003", "description": "Customer IP Address is probably VPN/Proxy/Bot/Hosting/Cloud." }, { "id": "PF10004", "description": "Customer Email Address is probably invalid or spam." }, { "id": "PF10001", "description": "High purchase rate, according to `customer_ip`." }, { "id": "PF10002", "description": "High purchase rate, according to `customer_id`." }, { "id": "PF10013", "description": "Customer device might not be a real device (according to `customer_useragent`)." }, { "id": "PF10014", "description": "Customer device is registered as a high-risk device (according to `customer_useragent`)." } ], "rulesChecked": 21, "rulesDetected": 6, "custom_rules_applied": { "total": 0, "rules": [] } }, "status": "success", "executionTime": 5 } ``` ```json Error theme={null} { "status": "error", "code": 101, "type": "invalid_key", "description": "The API Key is missing or invalid." } ``` ### Response properties A risk-score from 0 to 100 indicating how risky this transaction is (`10.5` means it's `10.5% risky` to pass this transaction). The Id of the detected rule. (`10.5` means it's `10.5% risky` to pass this transaction). Sample value: `PF10003` The full description of the detected rule. Sample value: `High purchase rate, according to "customer_id".` Total rules checked against the transaction. Total rules detected in the transaction. The custom rules applied to this request, [learn more](/knowledge-base/custom-rules/overview). The total number of custom rules applied to this request. The custom rules applied to this request, [learn more](/knowledge-base/custom-rules/overview). The rule ID as shown in the dashboard (e.g: `CR104`). The rule title you set when creating the rule. The response status. Expected values: `success`, or `error`. Time spent in milliseconds to process the data. ## Possible Rules | Id | Description | | ------- | --------------------------------------------------------------------------------------------------------------------------------------- | | PF1001 | High purchase rate, according to `customer_ip`. | | PF1002 | High purchase rate, according to `customer_id`. | | PF1003 | Customer IP Address is probably VPN/Proxy/Bot/Hosting/Cloud. | | PF1004 | Customer Email Address is probably invalid, disposable or spam. | | PF1005 | Customer Phone Number is probably invalid or spam. | | PF1006 | Customer Latitude/Longitude is invalid. | | PF1007 | Customer card number (BIN/IIN) is invalid. | | PF1008 | Customer debit/credit card issued by a brand different from the one exist in `payment_type` parameter. | | PF1009 | Customer country is a high-fraud country. | | PF1010 | Customer debit/credit card issued in a high-risk country. | | PF1011 | Customer is purchasing multiple times from multiple locations within the past 30 days. | | PF1012 | Customer debit/credit card is being used multiple times from multiple customer accounts (according to `customer_id` and `card_number`). | | PF1013 | Customer device might not be a real device (according to `customer_useragent`). | | PF1014 | Customer device is registered as a high-risk device (according to `customer_useragent`). | | PF1015 | AI flagged the transaction as potentially fraudulent. | | PF1016 | AI flagged the transaction as potentially fraudulent due to high transaction amount. | | PF1017 | Mismatch between billing address and IP geolocation. | | PF1018 | Customer has multiple fraudulent transactions in the past 30 days. | | PF1019 | Unusual purchase amount compared to customer’s history. | | PF1020 | Transaction initiated from a newly created account. | | PF10021 | Multiple payment cards used by a single account within a short timeframe. | | PF10022 | Customer IP address were found in one of your blacklists. | | PF10023 | Customer email address were found in one of your blacklists. | | PF10024 | Customer phone number were found in one of your blacklists. | | PF10025 | Customer card number were found in one of your blacklists. | | PF10026 | Customer Id were found in one of your blacklists. |