Configuring TransUnion (formerly iovation) FraudForce

TransUnion (formerly iovation) FraudForce is a data provider that enables you to run the Device fraud detection check.

How it works

This is the default behaviour for a variant of the Device fraud detection check with TransUnion FraudForce as the data provider.

When an individual starts a transaction from their mobile or webpage, you should capture the individual's device token (a.k.a. the blackbox) using TransUnion FraudForce's SDK or embedded JavaScript.

To run the check, send the blackbox to PassFort.

If you're unable to retrieve the blackbox, you can still run the check to capture the anomaly.

PassFort asks TransUnion FraudForce's fraud service to perform the check.

The check's result is returned as follows:

  • Passed: Returned when TransUnion FraudForce's recommendation is Allow.
  • Review: Returned when TransUnion FraudForce's recommendation is Review.
  • Fail: Returned when TransUnion FraudForce's recommendation is Deny.

The result details display:

  • The device information used to run the check, including whether a token (blackbox) was provided. If no token was provided, it may be because the transaction was made by a fraudster attempting to evade TransUnion detection.
  • The overall result and transaction score TransUnion FraudForce has assigned.
  • The rules TransUnion FraudForce used to determine the result and transaction score.
  • Any information TransUnion FraudForce has discovered about the device and the IP location. It may include the device type, real IP, real IP city, real IP region, and real IP country.

If a problem occurs when the check is run, an error is displayed.

This check can only be performed via the API.

Configuration options

There are no configuration options for this check variant.

What we'll need

Let us know that you'd like to add a variant of the Device fraud detection check with TransUnion FraudForce. We'll set it up for you.

We'll also need your TransUnion FraudForce credentials that you use to make API calls:

  • Subscriber ID
  • Subscriber Account
  • Subscriber Passcode

For help getting your TransUnion FraudForce credentials, please contact your TransUnion account manager.

Testing your configuration

Once the check variant is configured, follow these steps in your demo environment to test whether it's working as expected.

Tests:

  1. Does the check pass when TransUnion FraudForce's recommendation is to allow the transaction? Create an individual profile and make a request to the endpoint below, sending any string as the token. If the decision in the check response is PASS, it's working as expected.
  2. Does the check return Review when TransUnion FraudForce's recommendation is to review the transaction? Create an individual profile and make a request to the endpoint below, sending "refer" as the token. If the decision in the check response is WARN, it's working as expected.
  3. Does the check fail when TransUnion FraudForce's recommendation is to deny the transaction? Create an individual profile and make a request to the endpoint below, sending "fail" as the token. If the decision in the check response is FAIL, it's working as expected.
  4. Does the check pass when an empty token is sent to TransUnion FraudForce? Create an individual profile and make a request to the endpoint below, sending an empty string ("") as the token. If the decision in the check response is PASS and the device_metadata.token is "", it's working as expected.
Test words are not case sensitive.

Request endpoint:

POST https://api.passfort.com/4.0/profiles/{profile_id}/checks

Request body:

{
"check_type": "DEVICE_FRAUD_DETECTION",
"device_metadata": {
"token": "aLr1ShhpzPGuX69BtmrXqp/aVeFFfHSU14LFYbVQ==",
"action": "transaction",
"reference_id": "12345678",
"stated_ip": "203.0.113.10"
}
}
To learn more about the request parameters and to get step-by-step instructions for running this check, see Run a Device fraud detection check.


How did we do?


Powered by HelpDocs (opens in a new tab)