No momento, esta página não está disponível em português
Risk-team icon

Required risk field reference

Learn which fields to include in your payments request to trigger risk checks

You include a variety of fields when you send in a payment request. Some of these fields are mandatory to make a payment, for example amount and reference. Other fields such as shopperIP, shopperReference and shopperEmail are not always required, but strongly recommended to include.

To get the most benefit out of your risk configuration, we recommend that you collect and then send in as many fields as possible in your payment request. Doing this ensures that you trigger the risk checks, as these checks depend on specific fields being present in the request. Sending in more fields will also help our risk engine to make intelligent decisions based on properties connected to a payment.

For Web Drop-in/Components integrations, we collect additional shopper data that you send when the shopper pays, with the option for more data collection outside of the checkout page.

Fields required for risk checks

The following is a list of API fields that are required for some of our risk checks:

Field Required for API reference
billingAddress

Block and trust lists

  • Shopper address referral list

Consistency rules

  • Billing address differs from delivery address
  • Billing address does not match cardholder address (AVS)

/sessions
/payments
/authorise
deliveryAddress

Block and trust lists

  • Shopper address referral list

Consistency rules

  • Billing address differs from delivery address

ShopperDNA rules

  • Multiple distinct delivery addresses used by shopper

Custom

  • Custom rules
  • Custom lists

/sessions
/payments
/authorise
shopperEmail

Block and trust lists

  • Email domain referral check
  • Shopper email referral check

Consistency rules

  • PayPal auth-result email
  • Email address and shopper name comparison
  • Email is likely to be fake or automatically generated

ShopperDNA rules

  • Multiple distinct email addresses used by shopper

Velocity rules

  • Shopper initiated a transaction more than X times within a time period
  • Shopper email used more than X times within a time period

Custom

  • Custom rules
  • Custom lists

/sessions
/payments
/authorise
shopperIP

Block and trust lists

  • Shopper IP referral check

Consistency rules

  • Shopper IP originates from high-risk country
  • Shopper country differs from issuing country

ShopperDNA rules

  • Multiple distinct IP addresses used by shopper
  • Shopper used shared IP address

Velocity rules

  • Shopper initiated a transaction more than X times within a time period
  • Shopper IP used more than X times within a time period

Custom

  • Custom rules
  • Custom lists

The shopperIP is retrieved automatically if you are using our simplified Web Drop-in or Web Components integration.
/sessions
/payments
/authorise
shopperName

Block and trust lists

  • Shopper name referral check

Consistency rules

  • Email address and shopper name comparison

Custom

  • Custom rules
  • Custom lists

/sessions
/payments
/authorise
shopperReference

Block and trust lists

  • Shopper reference referral check

ShopperDNA rules

  • Multiple distinct shopper references used by shopper

Velocity rules

  • Card/Bank account number already used by another shopper
  • Different cards/bank accounts used by the same shopper

Custom

  • Custom lists

/sessions
/payments
/authorise
telephoneNumber

Block and trust lists

  • Telephone number referral check

Consistency rules

  • Email address and shopper name comparison

Custom

  • Custom rules
  • Custom lists

/sessions
/payments
/authorise

Extra fields for specific cases

The following table shows a number of API fields that you can use for specific risk checks or your own, custom risk setup.

Field Required for API reference
accountInfo.accountCreationDate Required if you want to use the creation date option as the source for the shopper account age consistency check, or in custom rules.
To use this field, you must provide the account creation date as part of the payment request.
Although the accountInfo object is used for 3D Secure transactions, you can also use this object to include the accountCreationDate in your payment request.
/sessions
/payments
/authorise
additionalData.riskdata.deliveryMethod Required if you want to use the delivery method consistency check.
You can configure the values for the deliveryMethod field in the risk rule configuration for the delivery method check.
/payments
/authorise
browserInfo Required for 3D Secure transactions, but you can also use this field in your custom rules or lists. /payments
/authorise
deliveryDate Required if you want to use the time to delivery consistency check, or if you want to use the field hoursToDelivery in a custom risk rule. /payments
/authorise

Collect additional risk data

For Web Drop-in/Components integrations, we collect additional data to detect fraud.

In addition to the data that you send when the shopper checks out, you can also optionally collect data to detect fraud outside of the checkout page. We recommend that you collect data about the shopper's activity on every page of your site.

To do this, add the following script to any of your web pages.

When the shopper checks out, Drop-in or the Component sends all of the data collected by the script to Adyen. This includes the data from the checkout page as well as any data collected from other web pages that contain the script.

If your integration uses the Advanced flow, you must include the following in the /payments request.

Field Required for API reference
riskData Required to send device characteristics and other data that we use to detect fraudulent payment activity, and mitigate fraud. If you collect additional data from other pages on your website, that data is also included in this object. /payments