open menu
axerve docs
Fraud prevention/External TRA

External TRA

Transactions Risk Analysis

Fabrick allows for transactions to be processed through external transaction risk analyses (TRA).

This occurs when a merchant integrates directly a fraud prevention engine capable of providing a PSD2 compliant risk analysis and wishes to leverage such analysis to request an exemption from applying the regular 3DS flow.

As a consequence, the merchant will be able to access a valuable tool to exempt transactions from being declined during the authentication step and thus, improve both the UX for their customers and the overall conversion rates.

Available features
attivaAPI (Rest, Soap)
attivaPAGAM
attivaLightbox
attivaiFrame
non attivaPlugin

In order to process transactions with an “external TRA” request, the following requirements must be met:

  • the acquirer has reviewed and approved the request to process transactions via TRA for the merchant, after an evaluation based on, but not limited to, past fraud rates, merchant’s industry, terms and conditions, product/service features and fraud prevention measures that are implemented.

    In case fraud rates rise above the thresholds that the acquirer deems reasonable, the approval to process transactions as TRA might be revoked

  • the merchant has updated their integration in order to mark transactions with the correct exemption request parameter

When a transaction is marked as external TRA, it will be processed directly to authorization with a ‘TRA’ exemption request. Successfully exempted transactions will not be protected by security protocols, therefore in case of frauds the liability is the merchant’s.

The issuer can, in some cases, request authentication anyway. In this case the process will be the same as a 3D Secure transaction’s, so the merchant will receive a soft error 8006 (for more information on 3D Secure transactions, click here).

For any further detail and/or to request the feature to be enabled on your account, please contact your account manager.

Technical guidelines

In order to process a transaction as an external TRA, it is necessary to send Fabrick authenticationLevel = "TR" in the transDetails object.

S2S integration example

SOAP
REST
copy
full screen
1<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ecom="https://ecomms2s.sella.it/">
2 <soapenv:Header/>
3 <soapenv:Body>
4  <ecom:callPagamS2S>
5   <ecom:shopLogin>testrisk</ecom:shopLogin>
6   <ecom:uicCode>242</ecom:uicCode>
7   <ecom:amount>1</ecom:amount>
8   <ecom:shopTransactionId>tra_esterna</ecom:shopTransactionId>
9   <ecom:cardNumber>4012000000003010</ecom:cardNumber>
10   <ecom:expiryMonth>05</ecom:expiryMonth>
11   <ecom:expiryYear>27</ecom:expiryYear>
12    <ecom:transDetails>
13       <ecom:threeDsContainer>
14         <ecom:transTypeReq></ecom:transTypeReq>
15       </ecom:threeDsContainer>
16       <ecom:type></ecom:type>
17       <ecom:threeDSAuthResult>
18       <ecom:authenticationLevel>TR</ecom:authenticationLevel>
19       <ecom:authenticationStatus></ecom:authenticationStatus>
20       <ecom:XID></ecom:XID>
21       <ecom:AV></ecom:AV>
22       <ecom:ECI></ecom:ECI>
23       <ecom:AVAlgorithm></ecom:AVAlgorithm>
24       <ecom:threeDsVersion></ecom:threeDsVersion>
25       </ecom:threeDSAuthResult>
26     </ecom:transDetails>
27  </ecom:callPagamS2S>
28 </soapenv:Body>
29</soapenv:Envelope>

REST /submit

REST
copy
full screen
1{ 
2  "shopLogin":"testrisk",
3  "paymentTypeDetails":{ 
4    "creditcard":{
5      "number":"4775718800002026",
6      "token":"",
7      "expMonth":"05",
8      "expYear":"27",
9      "CVV":"390",
10      "requestToken":"",
11      "DCC": "FALSE"
12    }
13  },
14  "responseURLs":{ 
15    "buyerOK":"",
16    "buyerKO":"",
17    "serverNotificationURL":""
18  }
19}

Encrypt - online pagam example

SOAP
copy
full screen
1<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ecom="https://ecomm.sella.it/">
2<soapenv:Header/>
3<soapenv:Body>
4<ecom:Encrypt>
5   <ecom:shopLogin>testrisk</ecom:shopLogin>
6   <ecom:uicCode>242</ecom:uicCode>
7   <ecom:amount>20</ecom:amount>
8   <ecom:shopTransactionId>tra_risk</ecom:shopTransactionId>
9   <ecom:buyerName/>
10   <ecom:buyerEmail/>
11   <ecom:languageId/>
12   <ecom:transDetails>
13    <ecom:threeDsContainer>
14      <ecom:transTypeReq></ecom:transTypeReq>
15    </ecom:threeDsContainer>
16    <ecom:type></ecom:type>
17    <ecom:threeDSAuthResult>
18      <ecom:authenticationLevel>TR</ecom:authenticationLevel>
19      <ecom:authenticationStatus></ecom:authenticationStatus>
20      <ecom:XID></ecom:XID>
21      <ecom:AV></ecom:AV>
22      <ecom:ECI></ecom:ECI>
23      <ecom:AVAlgorithm></ecom:AVAlgorithm>
24      <ecom:threeDsVersion></ecom:threeDsVersion>
25    </ecom:threeDSAuthResult>
26    <ecom:previousTransDetails>
27      <ecom:authData></ecom:authData>
28      <ecom:authMethod></ecom:authMethod>
29      <ecom:authTimestamp></ecom:authTimestamp>
30      <ecom:acsID></ecom:acsID>
31      <ecom:bankTransactionID></ecom:bankTransactionID>
32      <ecom:XID></ecom:XID>
33    </ecom:previousTransDetails>
34   </ecom:transDetails>
35</ecom:Encrypt>
36</soapenv:Body>
37</soapenv:Envelope>

SOAP Encrypt - iFrame example

Check SOAP Encrypt - online pagam example; then proceed with js of iFrame flow integration

Fabrick Pay By Link integration example

REST
copy
full screen
1{ 
2 "shopLogin":"testrisk",
3 "amount":"1",
4 "currency":"242",
5 "languageID":"1",
6 "shopTransactionID":"test",
7  "buyerEmail":mymail@mail.com,
8 "paymentChannel":{     "channelType":["EMAIL"]   },
9  "transDetails": {
10    "threeDSAuthResult": {
11      "authenticationLevel":"TR",
12      "authenticationStatus":"",
13      "XID":"",
14      "AV":"",
15      "ECI":"",
16      "AVAlgorithm":"",
17      "threeDsVersion":""
18    }
19  }
20}

Lightbox integration example

REST
copy
full screen
1{ 
2  "shopLogin":"testrisk",
3  "amount":"1",
4  "currency":"242",
5  "languageID":"1",
6  "shopTransactionID":"test",
7  "transDetails": {
8    "threeDSAuthResult": {
9      "authenticationLevel":"TR",
10      "authenticationStatus":"",
11      "XID":"",
12      "AV":"",
13      "ECI":"",
14      "AVAlgorithm":"",
15      "threeDsVersion":""
16    }
17  }
18}

Then proceed with lightbox integration.

Specific errors

Error
Description / Action

8008 - Function not available

Shop_Login configurations are incomplete or incorrect.
Contact your account manager or Fabrick’s customer care.

8006 - Verify By Visa

The transaction has been soft-declined.
Authentication of the cardholder is requested.

1182 - Wrong parameter value authenticationLevel

authenticationLevel field has been filled with an unaccepted value.
It is necessary to inspect/correct the integration in order to avoid systematic/recurring errors of this type.

1147 - Amount too high

The amount of the transaction for which an exemption is requested exceeds the amount limit set by the acquirer.

Previous
prevFabrick Advice
Next
Banca Sella Risk Based Authentication on Fabrick gatewaynext