My Profile_


Response Fields

Handling Response Information

When reviewing the response information and determining how to handle the transaction, it is recommended that you (either manually or through automated logic on your site) use the following pieces of information:

  • Risk score
  • Rules triggered (such as Rule Codes, Rule Names, Rule Messages)
  • Results obtained from Verified by Visa, MasterCard Secure Code, AVS, CVD and the financial transaction authorization
  • Response codes for the Transaction Risk Management Transaction that are included by automated processes

Session Query – Transaction Values

SessionQuery sq = new SessionQuery();

HttpsPostRequest mpgReq = new HttpsPostRequest();

mpgReq.setTransaction(sq);

TRMT Response Fields

Value Type Limits Get Method Description
Response Code String 3-character alphanumeric receipt.getResponseCode() 001 – Success
981 – Data error
982 – Duplicate Order ID
983 – Invalid Transaction
984 – Previously asserted
985 – Invalid activity description
986- Invalid impact description
987 – Invalid Confidence description
988 - Cannot find Previous
Session ID String TBD CODE HERE Temporary identifier unique to the visitor will be returned in the return request.
Summary risk score String TBD CODE HERE Based on all of the returned values in the range [-100 … 100]
Transaction ID String TBD CODE HERE This is the transaction identifier and will always be returned in the response when supplied as input.
Unknown session String TBD CODE HERE If present, the value is "yes". It indicates the session ID that was passed was not found.
ITD Enhanced AVS Response Code String 1-character alphabetic CODE HERE The ITD (Internet Transaction Data) reviews several methods for performing a credit card transaction online. The ITDReponse indicates the AmEx ITD validation results. Applicable for AmEx and JCB only.
Y = data matches
N = data does not match
U = data not checked
R = retry
S = Service not allowed [space] = data not sent

Request result values and descriptions

Value Definition
fail_incomplete ThreatMetrix was unable to process the request due to incomplete or incorrect input data
fail_invalid_telephone_number Format of the supplied telephone number was invalid
fail_access ThreatMetrix was unable to process the request because of API verification failing
fail_internal_error ThreatMetrix encountered an error while processing the request
fail_invalid_device_id Format of the supplied device_id was invalid
fail_invalid_email_address Format of the supplied email address was invalid
fail_invalid_ip_address_parameter Format of a supplied ip_address parameter was invalid
fail_temporarily_unavailable Request failed because the service is temporarily unavailable
fail_verification API query limit reached
success ThreatMetrix was able to process the request successfully

Risk Score

For each Session Query or Attribute Query, a score with a value between -100 and +100 is returned based on the rules that were triggered for the transaction.

Risk Score Definition
100 to -1 A lower score indicates a higher probability that the transaction is fraudulent.
0 Neutral transaction
1 to 100 A higher score indicates a lower probability that the transaction is fraudulent.

Note: All e-commerce transactions have some level of risk associated with them. Therefore, it is rare to see risk score in the high positive values.

When evaluating the risk of a transaction, the risk score gives an initial indicator of the potential risk that the transaction is fraudulent. Because some of the rules that are evaluated on each transaction may not be relevant to your business scenario, review the rules that were triggered for the transaction before determining how to handle the transaction.


Rules

The rule codes, rule names and rule messages provide details about what rules were triggered during the assessment of the information provided in the Session or Attribute Query. Each rule code has a rule name and rule message. The rule name and rule message are typically similar. Table 115 provides additional information on each rule.

When evaluating the risk of a transaction, it is recommended that you review the rules that were triggered for the transaction and assess the relevance to your business. (That is, how does it relate to the typical buying habits of your customer base?)

If you are automating some or all of the decision-making processes related to handling the responses, you may want to use the rule codes. If you are documenting manual processes, you may want to refer to the more user-friendly rule name or rule message.

Rule names, numbers and messages
Rule Name Rule Number Rule Message Rule Explanation
Whitelists
DeviceWhitelisted WL001 Device White Listed Device is on the white list. This indicates that the device has been flagged as always "ok". NOTE: This rule is currently not in use.
IPWhitelisted WL002 IP White Listed IP Address is on the white list. This indicates the device has been flagged as always "ok".

NOTE: This rule is currently not in use.
EmailWhitelisted WL003 Email White Listed Email address is on the white list. This indicates that the device has been flagged as always "ok".

NOTE: This rule is currently not in use.
Event Velocity
2DevicePayment EV003 2 Device Payment Velocity Multiple payments were detected from this device in the past 24 hours.
2IPPaymentVelocity EV006 2 IP Payment Velocity Multiple payments were detected from this IP within the past 24 hours.
2ProxyPaymentVelocity EV008 2 Proxy Payment Velocity The device has used 3 or more different proxies during a 24 hour period. This could be a risk or it could be someone using a legitimate corporate proxy.
Email
3EmailPerDeviceDay EM001 3 Emails for the Device ID in 1 Day This device has presented 3 different email ids within the past 24 hours.
3EmailPerDeviceWeek EM002 3 emails for the Device ID in 1 week This device has presented 3 different email ids within the past week.
3DevciePerEmailDay EM003 3 Device Ids for email address in 1 day This email has been presented from three different devices in the past 24 hours.
3DevciePerEmailWeek EM004 3 Device Ids for email address in 1 week This email has been presented from three different devices in the past week.
EmailDistanceTravelled EM005 Email Distance Travelled This email address has been associated with different physical locations in a short period of time.
3EmailPerSmartIDHour EM006 3 Emails for SmartID in 1 Hour The SmartID for this device has been associated with 3 different email addresses in 1 hour.
GlobalEMailOverOneMonth EM007 Global Email over 1 month The e-mail address involved in the transaction over 30 days ago. This generally indicates that the transaction is less risky. Note: This rule is currently set currently set so it does not impact the policy score or risk rating.
ComputerGeneratedEmailAddress EM008 Computer Generated Email Address This transaction used a computer generated email address.
Account Number
3AccountNumberPerDeviceDay AN001 3 Account Numbers for device in 1 day This device has presented 3 different user accounts within the past 24 hours.
3AccountNumberPerDeviceWeek AN002 3 Account Numbers for device in 1 week This device has presented 3 different user accounts within the past week.
3DevicePerAccountNumberDay AN003 3 Device IDs for account number in 1 day This user account been used from three different devices in the past 24 hours.
3DevicePerAccountNumberWeek AN004 3 Device Ids for email address in 1 week This card number has been used from three different devices in the past week.
AccountNumberDistanceTravelled AN005 Account Number distance travelled This card number has been used from a number of physically different locations in a short period of time.
Credit Card / Payments
3CreditCardPerDeviceDay CP001 3 credit cards for device in 1 day This device has used three credit cards within 24 hours.
3CreditCardPerDeviceWeek CP002 3 credit cards for device in 1 week This device has used three credit cards within 1 week
3DevicePerCreditCardDay CP003 3 device ids for credit card in 1 day This credit card has been used on three different devices in 24 hours.
3DevicePerCreditCardWeek CP004 3 device ids for credit card in 1 week This credit card has been used on three different devices in 1 week.
CredtCardDistanceTravelled CP005 Credit Card has travelled The credit card has been used at a number of physically different locations in a short period of time.
CreditCardShipAddressGeoMismatch CP006 Credit Card and Ship Address do not match The credit card was issued in a region different from the Ship To Address information provided.
CreditCardBillAddressGeoMismatch CP007 Credit Card and Billing Address do not match The credit card was issued in a region different from the Billing Address information provided.
CreditCardDeviceGeoMismatch CP008 Credit Card and device location do not match The device is located in a region different from where the card was issued.
CreditCardBINShipAddressGeoMismatch CP009 Credit Card issuing location and Shipping address do not match The credit card was issued in a region different from the Ship To Address information provided.
CreditCardBINBillAddressGeoMismatch CP010 Credit Card issuing location and Billing address do not match The credit card was issued in a region different from the Billing Address information provided.
CreditCardBINDeviceGeoMismatch CP011 Credit Card issuing location and location of the device do not match The device is located in a region different from where the card was issued.
TransactionValueDay CP012 Daily Transaction Value Threshold The transaction value exceeds the daily threshold.
TransactionValueWeek CP013 Weekly Transaction Value Threshold The transaction value exceeds the weekly threshold.
Proxy Rules
3ProxyPerDeviceDay PX001 Proxy Rules 3 Proxy Ips in 1 day This device has used three different proxy servers in the past 24 hours.
AnonymousProxy PX002 Anonymous Proxy IP This device is using an anonymous proxy
UnusualProxyAttributes PX003 Unusual Proxy Attributes This transaction is coming from a source with unusual proxy attributes.
AnonymousProxy PX004 Anonymous Proxy This device is connecting through an anonymous proxy connection.
HiddenProxy PX005 Hidden Proxy This device is connecting via a hidden proxy server.
OpenProxy PX006 Open Proxy This transaction is coming from a source that is using an open proxy.
TransparentProxy PX007 Transparent Proxy This transaction is coming from a source that is using a transparent proxy.
DeviceProxyGeoMismatch PX008 Proxy and True GEO Match This device is connecting through a proxy server that didn’t match the devices geolocation.
ProxyTrueISPMismatch PX009 Proxy and True ISP Match This device is connecting through a proxy server that doesn’t match the true IP address of the device.
ProxyTrueOrganizationMismatch PX010 Proxy and True Org Match The Proxy information and True ISP information for this source do not match.
DeviceProxyRegionMismatch PX011 Proxy and True Region Match The proxy and device region location information do not match.
ProxyNegativeReputation PX012 Proxy IP Flagged Risky in Reputation Network This device is connecting from a proxy server with a known negative reputation.
SatelliteProxyISP PX013 Satellite Proxy This transaction is coming from a source that is using a satellite proxy.
GEO
DeviceCountriesNotAllowed GE001 True GEO in Countries Not Allowed blacklist This device is connecting from a high-risk geographic location.
DeviceCountriesNotAllowed GE002 True GEO in Countries Not Allowed (negative whitelist) The device is from a region that is not on the whitelist of regions that are accepted.
DeviceProxyGeoMismatch GE003 True GEO different from Proxy GEO The true geographical location of this device is different from the proxy geographical location.
DeviceAccountGeoMismatch GE004 Account Address different from True GEO This device has presented an account billing address that doesn't match the devices geolocation.
DeviceShipGeoMismatch GE005 Device and Ship Geo mismatch The location of the device and the shipping address do not match.
DeviceShipGeoMismatch GE006 Device and Ship Geo mismatch The location of the device and the shipping address do not match.
Device
SatelliteISP DV001 Satellite ISP This transaction is from a source that is using a satellite ISP.
MidsessionChange DV002 Session Changed Mid-session This device changed session details and identifiers in the middle of a session.
LanguageMismatch DV003 Language Mismatch The language of the user does not match the primary language spoken in the location where the True IP is registered.
NoDeviceID DV004 No Device ID No device ID was available for this transaction.
Dial-upConnection DV005 Dial-up connection This device uses a less identifiable dial-up connection.
DeviceNegativeReputation DV006 Device Blacklisted in Reputational Network This device has a known negative reputation as reported to the fraud network.
DeviceGlobalBlacklist DV007 Device on the Global Black List This device has been flagged on the global blacklist of known problem devices.
DeviceCompromisedDay DV008 Device compromised in last day This device has been reported as compromised in the last 24 hours.
DeviceCompromisedHour DV009 Device compromised in last hour This device has been reported as compromised in the last hour.
FlashImagesCookiesDisabled DV010 Flash Images Cookies Disabled Key browser functions/identifiers have been disabled on this device.
FlashCookiesDisabled DV011 Flash Cookies Disabled Key browser functions/identifiers have been disabled on this device.
FlashDisabled DV012 Flash Disabled Key browser functions/identifiers have been disabled on this device.
ImagesDisabled DV013 Images Disabled Key browser functions/identifiers have been disabled on this device.
CookiesDisabled DV014 Cookies Disabled Key browser functions/identifiers have been disabled on this device.
DeviceDistanceTravelled DV015 Device Distance Travelled The device has been used from multiple physical locations in a short period of time.
PossibleCookieWiping DV016 Cookie Wiping This device appears to be deleting cookies after each session.
PossibleCookieCopying DV017 Possible Cookie Copying This device appears to be copying cookies.
PossibleVPNConnection DV018 Possibly using a VPN Connection This device may be using a VPN connection