Configuring TransUnion TruValidate
TransUnion TruValidate is a data provider that enables you to run the Device fraud detection check.
How it works
This is the default behavior for a variant of the Device fraud detection check with TransUnion TruValidate as the data provider.
When an individual starts a transaction from their mobile or web page, you should capture the individual's device token, also known as the blackbox, using TransUnion TruValidate's SDK or embedded JavaScript.
To run the check, send the blackbox to Passfort.
If you're unable to retrieve the blackbox, you can still run the check to capture the anomaly.
Passfort asks TransUnion TruValidate's fraud service to perform the check.
The check's result is returned as follows:
Passed: Returned when TransUnion TruValidate's recommendation is Allow.
Review: Returned when TransUnion TruValidate's recommendation is Review.
Fail: Returned when TransUnion TruValidate's recommendation is Deny.
The result details display:
The device information used to run the check, including whether a token, or blackbox, was provided. If no token was provided, it may be because the transaction was made by a fraudster attempting to evade TransUnion detection.
The overall result and transaction score TransUnion TruValidate has assigned.
The rules TransUnion Device Risk used to determine the result and transaction score.
Any information TransUnion TruValidate has discovered about the device and the IP location. It may include the device type, real IP, real IP city, real IP region, real IP country, latitude, and longitude.
If a problem occurs when the check is run, an error is displayed.
This check can only be performed via the API.
Configuration options
There are no configuration options for this check variant.
What we'll need
Let us know that you'd like to add a variant of the Device fraud detection check with TransUnion TruValidate. We'll set it up for you.
We'll also need your TransUnion TruValidate credentials that you use to make API calls:
Subscriber ID
Subscriber Account
Subscriber Passcode
For help getting your TransUnion TruValidate credentials, please contact your TransUnion account manager.
Testing your configuration
Once the check variant is configured, follow these steps in your demo environment to test whether it's working as expected.
Tests:
Does the check pass when TransUnion TruValidate's recommendation is to allow the transaction?
Create an individual profile and make a request to the following endpoint, sending any string as the
token. If thedecisionin the check response isPASS, it's working as expected.Does the check return Review when TransUnion TruValidate's recommendation is to review the transaction? Create an individual profile and make a request to the following endpoint, sending
"refer"as thetoken. If thedecisionin the check response isWARN, it's working as expected.Does the check fail when TransUnion TruValidate's recommendation is to deny the transaction?
Create an individual profile and make a request to the following endpoint, sending
"fail"as thetoken. If thedecisionin the check response isFAIL, it's working as expected.Does the check pass when an empty token is sent to TransUnion TruValidate?
Create an individual profile and make a request to the following endpoint, sending an empty string
""as thetoken. If thedecisionin the check response isPASSand thedevice_metadata.tokenis"", it's working as expected.
Test words are not case-sensitive.
Request endpoint:
POST https://api.passfort.com/4.0/profiles/{profile_id}/checksRequest body:
{
"check_type": "DEVICE_FRAUD_DETECTION",
"device_metadata": {
"token": "aLr1ShhpzPGuX69BtmrXqp/aVeFFfHSU14LFYbVQ==",
"action": "transaction",
"reference_id": "12345678",
"stated_ip": "203.0.113.10"
}
}To learn more about the request parameters and to get step-by-step instructions for running this check, see Run a Device fraud detection check using the API.