Risk Assessment
Risk Check
Implement a custom risk assessment service
The risk check feature is meant to be used in combination with the Rule Engine. Your risk assessment results will be made available on the order and customer models, so that you can configure the Rule Engine to deny certain or even all payment methods depending on your own custom rule sets.
SCAYLE will activate this feature for you on request. Please contact your SCAYLE Account Manager for further information.
Once you have configured the API Credentials for this service and SCAYLE activated the feature, checkout will execute calls to the given endpoint. The response of those calls will be stored as the customData.score
property on the order object.
Risk evaluation
SCAYLE supports the passive risk check approach:
- The customer has already provided a billing & shipping address, selected a delivery and shipping options and selected a payment method.
- The customer proceeds to close the order (after clicking on Buy now):
- if the feedback is negative, the customer is redirected to the confirmation page, , leading to limited payment methods and notifying the customer to change the selected payment method
- if the feedback is positive it redirects the customer to the order success page.
The Checkout will store the last risk check result for future interactions within the customer object.
How to implement
You need to provide a http service that can handle the usual load of your shop and which accepts requests from the SCAYLE networks.
If you want to limit incoming traffic by IP address, your SCAYLE Account Manager can provide more information about our networks.
This service needs to implement a POST
endpoint according to the following schema:
Request
Your endpoint needs to be able to serve the following request.
Authentication
Basic auth according to SCAYLE Panel configuration.
Headers
Parameter | Details |
---|---|
X-Shop-Id | Integer The current shop-country id |
Body
Request example
Request schema
id
integeraddress
object (optional)billing
objectid
integeradditional
string ([!-ɏ0-9 ]
) (optional)city
string ([!-ɏ0-9 ]
)collectionPoint
object (optional)countryCode
string (minimum length: ) (maximum length: 3)houseNumber
string ([!-ɏ0-9 ]
)isDefault
objectrecipient
objectreferenceKey
string (^[0-9a-zA-Z\-\\_\.\@]*$
) (optional) (minimum length: ) (maximum length: 100)street
string ([!-ɏ0-9 ]
)title
string ([!-ɏ0-9 ]
) (optional)zipCode
string ([A-z0-9\- ]{1,12}
)
forward
object (optional)additional
string ([!-ɏ0-9 ]
) (optional)city
string ([!-ɏ0-9 ]
) (optional)collectionPoint
object (optional)countryCode
string (optional) (minimum length: ) (maximum length: 3)houseNumber
string ([!-ɏ0-9 ]
) (optional)recipient
object (optional)street
string ([!-ɏ0-9 ]
) (optional)zipCode
string ([A-z0-9\- ]{1,12}
) (optional)createdAt
string (date-time
validation) (optional)updatedAt
string (date-time
validation) (optional)
shipping
objectid
integeradditional
string ([!-ɏ0-9 ]
) (optional)city
string ([!-ɏ0-9 ]
)collectionPoint
object (optional)countryCode
string (minimum length: ) (maximum length: 3)houseNumber
string ([!-ɏ0-9 ]
)isDefault
objectrecipient
objectreferenceKey
string (^[0-9a-zA-Z\-\\_\.\@]*$
) (optional) (minimum length: ) (maximum length: 100)street
string ([!-ɏ0-9 ]
)title
string ([!-ɏ0-9 ]
) (optional)zipCode
string ([A-z0-9\- ]{1,12}
)
basketKey
string
campaignKey
string (optional)
client
**** (optional)
confirmedAt
string (date-time
validation) (optional)
cost
objectwithoutTax
integerwithTax
integer
currencyCode
string (^([A-Z]{3})$
)
customData
object (optional) (object is extensible as desired)
customer
object (optional)id
integerauthentication
object (optional)data
object (optional)type
enum (facebook
password
)
birthDate
string (^((19|20)[0-9]{2}\-[0-9]{2}\-[0-9]{2})$
) (optional)customData
object (optional) (object is extensible as desired)email
string (email
validation) (optional) (maximum length: 50)firstName
string ([!-ɏ0-9 ]
)gender
enum (m
f
d
) (optional)groups
array (optional)item
string (^[0-9a-zA-Z\-\\_]*$
) (optional) (minimum length: ) (maximum length: 60)
lastName
string ([!-ɏ0-9 ]
)phone
string (00[0-9]{1,3}/[0-9]{1,20}
) (optional)publicKey
string (^[0-9a-zA-Z\-\\_]*$
) (optional) (minimum length: ) (maximum length: 100)referenceKey
string (^[0-9a-zA-Z\-\\_\.\@]*$
) (optional) (minimum length: ) (maximum length: 100)status
objectisActive
booleanisGuestCustomer
booleanisTestCustomer
boolean
title
string ([!-ɏ0-9 ]
) (optional) (minimum length: ) (maximum length: 100)type
enum (personal
retail
organization
family
) (optional)createdAt
string (date-time
validation)updatedAt
string (date-time
validation)
invoicedAt
string (date-time
validation) (optional)
items
array (optional)availableQuantity
integer (optional)customData
object (optional) (object is extensible as desired)deliveryForecast
object (optional)deliverable
objectsubsequentDelivery
object
itemGroup
**** (optional)key
stringpackageId
integerprice
objectappliedReductions
array (optional)reference
object (optional)tax
object (object is extensible as desired)withoutTax
integerwithTax
integer
product
objectid
integeradvancedAttributes
object (optional) (object is extensible as desired)attributes
object (optional) (object is extensible as desired)categories
array (optional)definingAttributes
array (optional)images
arraymasterKey
string (optional)name
stringcreatedAt
string (date-time
validation)updatedAt
string (date-time
validation)
reservationKey
string (optional)status
enum (available
unavailable
deliverable
undeliverable
cancelled
)variant
objectid
integeradvancedAttributes
object (optional) (object is extensible as desired)attributes
object (optional) (object is extensible as desired)referenceKey
string (optional)stock
object (optional)createdAt
string (date-time
validation)updatedAt
string (date-time
validation)
warehouseId
integer (optional)createdAt
string (date-time
validation)updatedAt
string (date-time
validation)
loyaltyCard
object (optional)cardNumber
stringpoints
integerprovider
string ([A-Za-z]
)
packages
array (optional)id
integercarrierKey
stringdeliveryDate
objectmaximum
string ([0-9]{4}\-[0-9]{2}\-[0-9]{2}
)minimum
string ([0-9]{4}\-[0-9]{2}\-[0-9]{2}
)
deliveryStatus
enum (open
shipment_pending
delegation_pending
shipment_completed
cancellation_completed
)returnIdentCode
null,string (optional)shipmentKey
string (optional)tracking
object (optional)id
string (optional) (minimum length: )url
string (uri
validation) (optional)
payment
array (optional)amount
integer (optional)data
object (optional) (object is extensible as desired)installment
array (optional)amount
integer (optional)type
enum (annualInterest
firstInstallment
installmentAddition
paymentMethodCosts
subsequentInstallments
valutaAddition
) (optional)
key
string (optional)options
object (optional)countOfInstallments
integer (optional)hasPaybreak
boolean (optional)
transactionKey
string (optional)
preferred
object (optional)carrierKey
string (optional)deliveryPolicy
enum (least_packages
highest_stocks
fastest_shipping
) (optional)
publicKey
string (^[0-9a-zA-Z\-\\_]*$
) (optional) (minimum length: ) (maximum length: 100)
referenceKey
string (^[0-9a-zA-Z\-\\_\.\@]*$
) (optional) (minimum length: ) (maximum length: 100)
shipping
object (optional)deliveredOn
string ([0-9]{4}\-[0-9]{2}\-[0-9]{2}
) (optional)deliveryCosts
integer (optional)expressDeliveryCosts
integer (optional)policy
string (^[0-9a-zA-Z\-\\_]*$
) (minimum length: )
shop
object (optional)id
integercountry
string (^([A-Z]{3})$
)language
string (^([a-z]{2})$
)
status
enum (order_open
payment_pending
payment_reserved
invoice_completed
cancellation_pending
cancellation_completed
invoice_partially_completed
)
vouchers
array (optional)id
integerapplicableItems
array (optional)isApplied
boolean (optional)key
string (optional)
code
string ([A-z0-9]{0,12}
)type
enum (absolute
relative
)value
number
createdAt
string (date-time
validation)
updatedAt
string (date-time
validation)
Response
Your service needs to follow this specification when handling the checkout request.
Response body
Parameter | Details |
---|---|
result | Any enum,object,array,number,string |
The response body will be written to the order.customData.score
property. Additionally, you may define a custom value set and use this as a reference via the rule engine rules.
Examples
green/red based
value based
request failed
Properties:
result
enum,object,array,number,string,… (optional)
Status Codes:
Code | Description | Response Body |
---|---|---|
201 | request was successful | |
401 | authentication failed | empty |