Webhooks inform your server ofĀ payment events,Ā modifications, and newly availableĀ reports. Webhooks can also inform you when payment requests trigger risk rules.
You can include risk information, such as whether a payment was sent to case management, and which risk rules triggered in these webhooks, as well as in the payment response.
Returning fraud results is not turned on by default. When you configure your account to include risk information, it will affect the format of both webhooks and the payment response.
Requirements
Before you begin, take into account the following requirements and limitations.
| Requirement | Description |
|---|---|
| Customer Area roles | To manage webhooks and what is returned in the API response, make sure that you have the following role(s):
|
| Limitations | The information that is returned in the API response and webhooks is different depending on whether you use RevenueProtect, the classic risk engine or Protect, the latest risk engine. Returning information about custom risk rules (both engines) and the fraud risk level for Protect requires that you enable premium features. |
| Setup steps | Before you begin:
|
How it works
- Determine which risk engine you are using, the classic risk engine (RevenueProtect) or the latest risk engine (Protect).
- Enable risk results in the API response and webhooks.
- Decide in which format you want to return fraud results.
Enable risk results in the API response and webhooks
To get risk information and fraud results in the API response and in webhooks:
In your Customer Area:
- Go to Developers > Additional data.
- Check the box under Risk > Fraud result.
- Select Save configuration.
When enabled:
- In the API response, the
additionalDataobject contains risk information, and thefraudResultobject shows which risk rules triggered. - In the webhook, the
additionalDataobject contains both risk information and the fraud results.
The following list contains the most important similarities and differences between the classic (RevenueProtect) and latest risk engine (Protect):
- For both Protect and RevenueProtect, the possible
fraudResultTypevalues areGREEN,AMBER, andRED. - For Protect premium, the
fraudRiskLevelvalue shows the risk level classification by the Machine learning: fraud risk rule. Possible values areveryLow,low,medium,highorveryHigh. - For Protect, possible risk scores values can be
-100,0, or200. - For RevenueProtect, possible risk score values range from
-100to100.
Overview of options
| Category | Customer Area | Setting | Description | Comment |
|---|---|---|---|---|
| Fraud results | Developers > Additional data > Risk > Fraud result | ON OFF |
Return / Do not return risk information in additionalData and fraudResult object of the API response and webhook. |
ON: Required for option 1 and option 2. |
| Custom rules format | Revenue & risk > Settings > Change risk result format for custom rules | ON OFF |
Return / Do not return each custom risk checks that triggered separately in the fraudResult object of the API response and webhook. |
ON: Required for option 2. |
| Standard webhook | Developers > Webhooks > Webhook settings > Additional settings > Risk > Include Risk Data | ON OFF |
Include / Do not include risk data sent in the request, such as custom fields, as riskdata in the webhook. |
ON: Required for option 3. |
Option 1
If you want to return all risk rule result lines in one format in the API response and webhooks, including any custom rules, enabling Fraud result in Additional data is all you need to do.
Option 2
If you want to break down custom risk rules separately in the API response and webhooks, you also have to enable the following risk setting:
In your Customer Area:
- Go to Revenue & risk > Settings.
- Enable Change risk result format for custom rules.
- Select Save configuration.
Option 3
This setting is optional and only affects webhooks.
If you want to return any custom risk fields that were included in the request in webhooks:
- Log in to your Customer Area.
- Go to Developers > Webhooks.
- Next toĀ Standard webhook, select the edit webhook icon .
- UnderĀ Additional SettingsĀ >Ā Risk, select the edit icon .
- Select Include Risk Data.
- Select Apply.
Option 1: One format for all risk checks
Webhooks
All risk rule result lines in webhooks will be in the format:Ā
fraudCheck-[risk rule ID]-[risk rule name]
For a list of the risk rule names, see the risk rule name reference.
Example webhook - one format for all checks
The following webhook examples include more than one custom risk rule that triggered. When you choose option 1, if one or more custom rules trigger, all custom risk rules are grouped under one fraud check.
API response
The following API response examples include more than one custom risk rules that triggered. When you choose option 1, if one or more custom rules trigger, all custom risk rules are grouped under one fraud check result when you use RevenueProtect.
Example API response - one format for all checks
For more information on the fields returned in the API response, see ourĀ API Explorer.
Option 2: Return custom risk rules in a different format
Webhooks
You can break custom risk rules into separate, more specific, rules. This lets you track when specific custom risk rules triggered.
Example webhook - split custom risk rules
The following webhook examples include more than one custom risk rules that triggered. When you choose option 2, all custom risk rules that triggered are shown as separate fraud checks.
API response
The following API response examples include two custom risk rules.
When you choose option 2, all custom risk rules that triggered are shown as separate fraud check results.
Example API response - split custom risk rules
For more information on the fields returned in the API response, see our API Explorer.
Option 3: Return risk data in webhooks
When you turn on the optional setting Include Risk Data in your webhook configuration, if you use custom risk rules, the webhook also contains the custom riskdata fields sent in the request, and their values.
Here is an example webhook where all fraud checks are returned in one format (option 1), and custom risk rules with custom fields triggered.
Example webhook including risk data
Risk rule name reference
Use the following tables as a reference for risk rules that can appear in your API response or webhooks for Protect or RevenueProtect.
Protect reference
Names of Adyen-provided rules contain spaces. Names of any custom rules that you create cannot contain spaces.
Both Adyen-provided and custom rules are categorized as CustomFieldCheck.
| Risk rule type | Risk rule | Action | Requires premium |
|---|---|---|---|
| Machine learning | Machine learning rule: bot attack risk | Block | |
| Machine learning | Machine learning rule: fraud risk | Block |  |
| Custom rules | The rule name, without spaces, as used in the custom rule configuration. | Block | |
| Refund abuse risk | Refund abuse risk | Review | |
| Refund abuse risk | Refund abuse risk - high risk | Block | |
| Risk list | Bank identification number allow list | Allow | |
| Risk list | Bank identification number block list | Block | |
| Risk list | Card number or bank account number allow list | Allow | |
| Risk list | Card number or bank account number block list | Block | |
| Risk list | Issuing Country block list | Block | |
| Risk list | Non-fraudulent card number or bank account number block list | Block | |
| Risk list | Phone number allow list | Allow | |
| Risk list | Phone number block list | Block | |
| Risk list | Shopper Address allow list | Allow | |
| Risk list | Shopper Address block list | Block | |
| Risk list | Shopper IP Address allow list | Allow | |
| Risk list | Shopper IP Address block list | Block | |
| Risk list | Shopper IP Country block list | Block | |
| Risk list | Shopper email allow list | Allow | |
| Risk list | Shopper email block list | Block | |
| Risk list | Shopper email domain allow list | Allow | |
| Risk list | Shopper email domain block list | Block | |
| Risk list | Shopper name allow list | Allow | |
| Risk list | Shopper name block list | Block | |
| Risk list | Shopper reference allow list | Allow | |
| Risk list | Shopper reference block list | Block | |
| Risk list | Social Security Number allow list | Allow | |
| Risk list | Social Security Number block list | Block |
RevenueProtect reference
Use the following table to reference risk rule IDs to their corresponding names.
| Risk rule ID | Name | Name displayed in your Customer Area |
|---|---|---|
| 1 | PaymentDetailRefCheck | Card/bank account number |
| 2 | CardChunkUsage | Card number chunk used more than {times} times within {timespan} {units} |
| 3 | PaymentDetailUsage | Card/bank account number used more than {times} times within {timespan} {units} |
| 4 | HolderNameUsage | Card/bank account holder name used more than {times} times within {timespan} {units} |
| 5 | IPCountryReferral | Shopper IP originates from high-risk country |
| 6 | ShopperIpRefCheck | Shopper IP |
| 7 | ShopperIpUsage | Shopper IP used more than {times} times within {timespan} {units} |
| 8 | ShopperEmailUsage | Shopper email used more than {times} times within {timespan} {units} |
| 9 | ShopperIpIssuingCountry | Shopper country differs from issuing country |
| 10 | HolderNameContainsNumber | Card/bank account holder name contains a non-alphabetic character |
| 11 | HolderNameIsOneWord | Card/bank account holder name is only one word |
| 13 | IssuerRefCheck | Bank identification number (BIN) |
| 15 | IssuingCountryReferral | Issuing country |
| 20 | AVSAuthResultCheck | Billing address does not match cardholder address (AVS) |
| 22 | RegisteredShopperPaymentDetails | Card/bank account number already used by another shopper |
| 25 | CVCAuthResultCheck | Card Verification Code (CVC2/CVV2/CID) does not match |
| 26 | ShopperEmailRefCheck | Shopper email |
| 27 | PmOwnerRefCheck | Shopper name |
| 29 | LiabilityShiftCheck | Liability shift status |
| 33 | AirlineOneWayTicketCheck | Airline data one way ticket |
| 34 | AirlineLegCheck | Airline data leg |
| 35 | TimeToDeliveryCheck | Time to delivery |
| 36 | ShopperDistinctPaymentDetailsUsage | Different cards/bank accounts used by the same shopper |
| 37 | ShopperDetailsUsage | Shopper initiated a transaction more than {times} times within {timespan} {units} |
| 38 | PersistentCookieRefCheck | Persistent cookie |
| 40 | ShopperAddressRefCheck | Shopper address |
| 41 | PaymentDetailNonFraudRefCheck | Card/bank account number non-fraud |
| 46 | DistinctCountryUsageByShopper | Different countries used by shopper more than {times} times within {timespan} {units} |
| 47 | BlockedCardsUsageByShopper | Issuer blocked (previous) card used by shopper |
| 48 | ChargebackCountByShopper | Shopper has a previous fraud chargeback or notification of fraud |
| 49 | DistinctShopperIpUsageByShopper | Multiple distinct IP addresses used by shopper more than {times} times within {timespan} {units} |
| 50 | DistinctShopperEmailUsageByShopper | Multiple distinct email addresses used by shopper more than {times} times within {timespan} {units} |
| 51 | DistinctShopperReferenceUsageByShopper | Multiple distinct shopper references used by shopper more than {times} times within {timespan} {units} |
| 52 | DistinctPaymentDetailUsageByShopper | Multiple distinct cards/bank accounts used by shopper more than {times} times within {timespan} {units} |
| 53 | DistinctSharedShopperIpUsageByShopper | Shopper used shared IP address |
| 54 | DistinctSharedPaymentDetailUsageByShopper | Shopper used shared card/bank account more than {times} times within {timespan} {units} |
| 55 | ShopperAuthorisedFrequency | Shopper authorised velocity exceeds {times} times within {timespan} {units} |
| 56 | ShopperReferenceCheck | Shopper reference |
| 57 | BillingAddressDeliveryAddress | Billing address differs from delivery address |
| 62 | DeliveryMethodCheck | Delivery method |
| 63 | TransactionAmountCheck | Transaction amount |
| 64 | TransactionAmountVelocity | Authorised transaction amount velocity |
| 65 | EmailDomainRefCheck | Email domain |
| 66 | PhoneNumberRefCheck | Telephone number |
| 67 | SocialSecurityNumberRefCheck | Social Security Number |
| 68 | TxVariantShopperReferenceRefCheck | PayPal Payer ID |
| 69 | AutomatedReferralCheck | Shopper automated referral |
| 70 | ShopperConsecutiveRefusalsCheck | Shopper consecutive refusals exceeds {times} times within {timespan} {units} |
| 71 | LoyalShopperTrustCheck | Trust loyal shoppers |
| 72 | TransactionTimeCheck | Transaction time |
| 73 | PaymentMethodReferralCheck | Payment method |
| 74 | EmailNameCheck | Email address and shopper name comparison |
| 75 | PaymentDetailCarteBancaireRefCheck | Carte Bancaire scheme blocked cards |
| 77 | EmailSyntaxCheck | Email is likely to be fake or automatically generated |
| 78 | ShopperBehaviorCheck | Fraudulent behavior on payment page |
| 79 | BinAttackRefCheck | BIN attack |
| 80 | ShopperAccountAgeCheck | Shopper account age |
| 82 | CustomFieldCheck | Name is defined in custom rules setup |
| 83 | DistinctAddressUsageByShopper | Multiple distinct delivery addresses used by shopper more than {times} times within {timespan} {units} |
| 84 | PaymentDetailCUPRefCheck | CUP scheme blocked cards |
| 85 | ShopperFraudRefusalsCheck | Fraud refusals exceed {times} times within {timespan} {units} |
| 86 | PaymentDetailAmexRefCheck | American Express scheme blocked cards |
| 87 | AcquirerResultEmailCheck | PayPal auth-result email |
| 88 | AcquirerVerifiedShopperCheck | PayPal verified shopper |
| 89 | AcquirerProtectionCheck | PayPal protection eligibility |
| 90 | TxVariantCountryRefCheck | PayPal account creation blocked country |
| 91 | ShopperStrongAuthenticationCheck | Strong authentication confirmed {times} times in {timespan} {units} |
| 92 | TransactionHighAmountVelocityCheck | High amount velocity |
| 93 | ShopperDeliveryAddressUsage | Shopper delivery address used more than {times} times within {timespan} {units} |