# Evaluates a Transaction for Risk Scoring Purposes Perform a request to evaluate a transaction for risk scoring purposes. This endpoint uses a valid Basic Authentication username and password for authentication. Endpoint: POST /score Version: 2025.04.03.0 Security: basicAuth ## Request fields (application/json): - `billing` (object, required) Object: billing information - `billing.firstName` (string) Customer first name Example: "John" - `billing.address1` (string) Building number and street address Example: "230 17th St" - `billing.address2` (string) Apartment/suite/unit number, if both address1 and address2 are not provided, this will be set to be 'Not Provided' Example: "apt 1a" - `billing.company` (string) Company name, for business addresses Example: "Nelnet" - `billing.city` (string) Address city Example: "Omaha" - `billing.region` (string) Two or three digit state or province code, according to ISO3166 Example: "NE" - `billing.postalCode` (string) Zip or postal code Example: "68154" - `billing.country` (string) Two or three digit country code, according to ISO3166-1 alpha 2 or 3 Example: "US" - `billing.email` (string) Email address Example: "jessica@ngilang.com" - `billing.phone` (string) Phone number. If the phone provided is in not a US number, precede the number with Example: "212-289-1293" - `billing.lastName` (string) Customer last name Example: "Smith" - `device` (object) Object: information about the device used for the transaction - `device.ipAddress` (string) String or null Example: "127.32.32.1" - `device.userAgent` (string) String or null Example: "MOZILLA/5.0 (IPHONE; CPU IPHONE OS 7_1 LIKE MAC OS X) APPLEWEBKIT/537.51.2" - `device.sessionId` (string) String or null - `device.fingerprintId` (string) String or null Example: "Id1234" - `device.ipType` (string) String or null Enum: "v4", "v6" - `device.pluginHash` (string) The hash from the Device Fingerprint for browser plugins - `device.timeZone` (string) String or null - `device.language` (string) String or null - `device.isProxy` (boolean) Flag that tells about a used proxy - `device.httpReferer` (string) String or null Example: "https://www.google.com" - `device.numMimeTypes` (string) String or null - `device.mimeTypesHash` (string) String or null - `device.numFonts` (integer) Integer or null - `device.fontsHash` (string) String or null - `device.numPlugins` (integer) Integer or null - `device.pluginsHash` (string) String or null - `device.colorDepth` (integer) Integer or null - `device.fontSmoothing` (boolean) - `device.javaSupport` (boolean) - `device.touchSupport` (boolean) - `device.cookieSupport` (boolean) - `device.canvasFingerprintId` (string) - `device.canvasHeight` (integer) - `device.canvasWidth` (integer) - `device.screenHeight` (integer) - `device.screenWidth` (integer) - `device.isTor` (boolean) - `device.geo` (string) - `device.city` (string) - `device.country` (string) Two or three digit country code , according to ISO3166-1 alpha 2 or 3 Example: "US" - `device.postalCode` (string) - `device.proxyType` (string) Enum: "VPN", "TOR", "DCH", "PUB", "WEB", "SES" - `payment` (object, required) Object: information about the payment - `payment.cardStatus` (string) Enum: "ACTIVE", "CANCELLED", "DECLINED", "DELETED", "INACTIVE", "LOST", "NEW", "PICK_UP", "REQUEST", "RESTRICTED", "STOLEN", "SUSPENDED", "DELINQUENCY", "DAMAGED", "EXPIRED" - `payment.isActive` (boolean) Is the card for this transaction active - `payment.paymentStatus` (string) The current payment status associated with the order Enum: "AUTH", "PAID", "PARTIALLY_PAID", "INVOICED", "REFUNDED", "PARTIALLY_REFUNDED", "DEFAULT", "PARTIALLY_DEFAULT", "CHARGEBACK", "VOID" - `payment.chargebackStatus` (string) Status of a customer request for chargeback Enum: "OPENED", "WON", "LOST" - `payment.paymentId` (string) Credit card/account token or identifier of payment Example: "4teSTtkN123456" - `payment.threeDSeci` (string) Indicates the outcome of the authentication attempted on transactions enforced by 3DS - `payment.threeDSvid` (string) 28 character authentication value - `payment.threeDSxid` (string) Transaction Identifier from 3DS - `payment.actualAmt` (number) Transaction amt in the currency the transaction was actually conducted in Example: 150 - `payment.actualCcy` (string) The currency of the transaction occurred in (ISO4127 currency code like USD), if it is not set, it will be set by the value of currency Merchant configuration Example: "USD" - `payment.arn` (string) Unique tracking code for transaction (aqcuirer reference number) - `payment.authAttempts` (integer) Number of authorization attempts - `payment.authFlag` (string) Indicates whether authorisation was performed and if so, what was the result Enum: "APPROVED", "DECLINE", "NA" - `payment.authResCode` (string) User defined code representing auth response - `payment.authResSource` (string) User defined code indicating the entity responding to the authorization request - `payment.billedAmt` (number) The amount the transaction occurred in - `payment.billedCcy` (string) The ISO4127 currency code the transaction is billed in Example: "USD" - `payment.bin` (string) the credit card number's first 6 to 11 digits - `payment.cardAccountId` (string) Merchant generated. Unique identifier for the Card - `payment.cardPresent` (string) Code indicating cardholder presence during transaction Enum: "YES", "NO", "NA" - `payment.cardProductType` (string) Card Product Type - `payment.chAuth` (string) User defined code indicating cardholder authentication method Enum: "SIGNATURE", "ONLINE_PIN", "OFFLINE_ENCIPHERED_PIN", "OFFLINE_PLAIN_TEXT_PIN", "MANUAL", "MAG_STRIPE", "CHIP_AND_PIN", "CONTACTLESS", "CARD_NOT_PRESENT", "ON_FILE", "E_WALLET", "NONE" - `payment.chPresent` (string) User defined code indicating cardholder presence during transaction Enum: "YES", "NO", "NA" - `payment.eci` (string) User defined code indicating type of Mail/Telephone or Electronic Commerce transaction - `payment.emvAid` (string) Application Identifier for the EMV - `payment.emvChipId` (string) The EMV chip application ID selected for the transaction - `payment.eposRec` (string) Electronic point of sale receipt number - `payment.expDate` (string) The credit card's 4-digit expiration date (MMYY) - `payment.giftCards` (array) Single or list of gift card numbers used with order - `payment.giftCardNumbers` (string) String or null - `payment.inputCapabilities` (string) Code indicating card read capabilities - `payment.issueNumber` (string) An additional number that can seperate cards with the same PAN - `payment.method` (string, required) What method is the customer using for payment. If you would like to add other payment methods, please contact your customer success team member for instructions. Enum: "ACH", "CREDIT_CARD", "DIRECT_DEBIT", "GOOGLE_WALLET", "APPLE_PAY", "ANDROID_PAY", "MASTERPASS", "BITCOIN", "CASH", "CHECK", "ECHECK", "INVOICE", "PAYPAL", "OTHER", "SEPA", "NPP", "FASTER", "BCAS", "CHAPS", "SWIFT" - `payment.pinStatus` (string) Status as to whether the pin was verified Enum: "PASS", "FAIL", "UNCHECKED" - `payment.serviceCode` (string) Service code for the payment, for Ach payment,if it is empty, it could be set by Ach Standard Entry Class Code - `payment.terminalId` (string) Unique Identifier of terminal or ATM - `payment.terminalMethod` (string) Method used to read the card - `payment.terminalOption` (string) Code indicating terminal read capabilities - `payment.terminalType` (string) User defined code specifying the type of Terminal at the Point of transaction - `payment.tokenId` (string) Token Requestor ID used for mobile payments - `payment.transactionLabel` (string) User defined label that categorizes the transaction Example: "tuition" - `payment.transactionType` (string) User defined code specifying the type of Terminal at the Point of transaction - `payment.type` (string) If by credit card, which card network like VISA Enum: "AMEX", "DISCOVER", "MC", "OTHER", "VISA", "DINERS_CLUB" - `payment.last4` (string) The credit card number's or Account's last 4 digits Example: "1234" - `payment.avsResultCode` (string) The payment gateway's AVS response code - `payment.cvvResulCode` (string) The payment gateway's CVV response code - `payment.merchantAccount` (string) Unique identifier of acquirer bank receiving the funds - `payment.gatewayMessage` (string) User Defined entity providing authorization - `payment.authCode` (string) Authorization code of the payment - `payment.activeOn` (string) The payment is activated on - `payment.direction` (string) Internal use. Direction of the transaction. "in" means a deposit, "out" means a withdrawal, This will be set based on PaymentSpring ACH or Credit Card payment type Enum: "IN", "OUT" - `payment.paymentTypeByPaymentMethod` (string) Example: "22" - `payment.psAchPaymentType` (string) Enum: "22", "23", "27", "28", "32", "33", "37", "38", "11" - `payment.psCreditCardPaymentType` (string) Enum: "PreAuth", "PostAuth", "Auth", "Refund", "Reversal", "Return", "Cancel", "Void", "Verify", "Timeout" - `payment.achStandardEntryCode` (string) Enum: "ACK", "ADV", "ARC", "ATX", "BOC", "CCD", "CIE", "COR", "CTX", "DNE", "ENR", "IAT", "MTE", "POP", "POS", "PPD", "RCK", "SHR", "TEL", "TRC", "TRX", "WEB", "XCK" - `transaction` (object) Object: information about the payment transaction - `transaction.orderedOn` (string) Date and time of the order, in ISO 8601 format, UTC timezone, default to current time Example: "2017-02-13T21:27:45Z" - `transaction.type` (string) Type of query that is being requested (usually sale, registration, payment, or authentication), if it has no value, it might be set by payment PsCreditCardPaymentType, if PsCreditCardPaymentType is verification or pre auth, it will be Registration, otherwise it is Payment Enum: "SALE", "REGISTRATION", "PAYMENT", "AUTHENTICATION" - `transaction.orderIsDigital` (boolean) Whether the order is for a digital product or service (digital payments, online games, airline tickets, etc) - `transaction.orderTotal` (number) Amount spent for this order Example: 150 - `transaction.orderCurrency` (string) Currency in which the transction was paid (it is ISO4127 currency code like USD), if it is not set, it will be set by the value of currency Merchant configuration Example: "USD" - `transaction.status` (string) Status of transaction (usually NEW, QUEUED, APPROVED, CANCELLED, or FULFILLED), default to NEW Enum: "NEW", "HOLD", "QUEUED", "APPROVED", "CANCELLED", "FULFILLED", "RETURNED" - `transaction.event` (string) Your order status or order event that you would like to track. This list can be as detailed and numerous as you would like, but each will generally need to be mapped to one of backend service provider statuses. - `transaction.userId` (string) Your unique ID for the user Example: "A1234" - `transaction.orderSource` (string) Marketing channel that delivered the user to your site. If you would like to track detailed marketing channels, campaigns and media, please contact your customer success team member for instructions Example: "Google PPC" - `transaction.orderCount` (integer) User's aggregate (lifetime) number of orders - `transaction.totalSpent` (integer) User's aggregate (lifetime) amount spent Example: 99 - `transaction.sessionId` (string) User's current session ID. Use this to link your website and cart events to your post transaction orders Example: "A123445" - `transaction.firstPurchaseDate` (string) Date the user first made a purchase. - `transaction.lastPurchaseDate` (string) Date the user last made a purchase - `transaction.userLocale` (string) Two or three character region code for the transaction location, according to ISO 3166-1 alpha 2 Example: "NE" - `transaction.couponCode` (string) Coupon code, if a coupon was used - `transaction.orderDiscount` (number) Amount of discount - `transaction.orderShipping` (number) Cost of shipping the order - `transaction.orderSubtotal` (number) Order subtotal before taxes - `transaction.orderTax` (number) Amount of taxes - `transaction.shippedOn` (string) Date and time the order was shipped, in ISO 8601 YYYY-MM-DD format - `transaction.agentCode` (string) Code for an internal agent who has made changes to the order - `transaction.agentDept` (string) Department of internal agent - `transaction.identId` (string) Identification that the customer provided - `transaction.identCountry` (string) Country where the customer identification comes from (Two or three digit country code , according to ISO3166-1 alpha 2 or 3) Example: "US" - `transaction.identType` (string) Type of identification Enum: "SSN", "DRIVERS_LIC", "NATION_ID" - `transaction.iban` (string) Customer's International Bank Account Number (IBAN) - `transaction.transactionId` (string) Your ID for the transaction, such as the cart ID - `transaction.fee` (integer) Amount of fee - `transaction.geo` (string) point of purchase [lat, lon] - `seller` (object) Object: information about the seller - `psd` (object) Object: extra information - `psd.clientId` (string) Your client id Example: "Gateway" - `psd.applicationId` (string) Id for your application, such as PaymentSpring AppId Example: "Enterprise" - `psd.productId` (string) Id for your product Example: "Forms" - `psd.appKey` (string) Key for your application if available Example: "appKey" - `psd.appKey1` (string) Another Key for your application if available Example: "appKey1" - `psd.appKey2` (string) Another Key for your application if available Example: "appKey2" - `psd.appKey3` (string) Another Key for your application if available Example: "appKey3" - `psd.appKey4` (string) Another Key for your application if available Example: "appKey4" - `psd.appKey5` (string) Another Key for your application if available Example: "appKey5" - `psd.appKey6` (string) Another Key for your application if available Example: "appKey6" - `psd.appKey7` (string) Another Key for your application if available Example: "appKey7" - `psd.acctHolderId` (string) The account id for the bussiness Example: "123456" - `psd.feeType` (string) If the payment is fee, and indicate which type the fee is if available Example: "Fee" - `psd.recurringId` (string) If it is recurring payment, what the id is if it is available, such as PlanId in the Payment API Example: "ABC123456" - `psd.recurringType` (string) If it is recurring, you define a value for the type Example: "RC1" - `psd.refundType` (string) If it is refund, you define a value for the type, this might be set to be RF1 if PsAchPaymentType is credit and Merchant is Remittance Only Example: "RF1" - `psd.remittanceType` (string) If it is remittance, you define a value for the type, this might be set to be RM1 if Merchant is Remittance Only Example: "RM1" - `shipping` (object) Object: information about the shipping - `products` (array) Array[Object]: production information - `products.productId` (string, required) Your unique product ID Example: "392434-1A" - `products.title` (string, required) Name of product Example: "Nike Mens Air Max Audacity 2016 White/Rflct Silver Blk Wlf Gry Basketball Shoe 12 Men US" - `products.upc` (string) UPC of product, if available Example: "4011200296908" - `products.sku` (string) Your SKU number Example: "N658765" - `products.brandId` (string) Your unique ID for the brand Example: "N65678" - `products.brand` (string) Your brand name Example: "Nike" - `products.category` (string) Item's category Example: "Men's Basketball Shoes" - `products.price` (number, required) Item price - `products.quantity` (integer, required) Quantity ordered - `products.url` (string) External link to view product details - `products.img` (string) External link to view product details - `products.tags` (string) Comma-deliminted list of tags about the product - `products.sellerId` (string) Unique ID of the seller Example: "123455-1A" - `products.options` (array) array[object] or null - `products.discount` (number) Amount of discount - `products.productIsDigital` (boolean) If the product is degital - `createdDate` (string) ## Response 200 fields (*/*): - `success` (boolean) Whether the request was successful Example: true - `uuid` (string) Unique ID for request which is generated by risk service Example: "e4ef2a10-20b1-4caa-8db0-60b2a3d68070" - `code` (string) The code if there is an error, such as 900 for internal error Example: "900" - `messages` (array) Array[object], messages if there is any error - `messages.keyword` (string) Keyword related to the message Example: "Internal Error" - `messages.message` (string) Content of the message such as Internal Error Example: "Internal Server Error" - `messages.dataPath` (string) Path to the data file Example: "payment" - `data` (object) - `data.id` (string) UUID of the request Example: "e4ef2a10-20b1-4caa-8db0-60b2a3d68070" - `data.riskScore` (integer) Risk score, on a scale from 0 (low risk) to 100 (high risk) Example: 50 - `data.mostSevereAction` (string) Applied action, according to risk assessment Example: "cancelled" - `data.tags` (array) - `data.tags.id` (string) Unique ID of your tag - `data.tags.action` (string) Action name related to rule Example: "cancelled" - `data.tags.name` (string) Name of your tag Example: "Rule Cancelled" - `data.tags.type` (string) Action that you would like your tag to have associated. 'label' will simply tag your order, while 'queue' will cause the order to be placed in a queue for later retrieval and review Example: "rule" - `data.tags.state` (string) Rule set Example: "Global Rule Set"