{"title":"Fraud results in API responses and webhooks","category":"default","creationDate":1779620071,"content":"<p><a href=\"\/development-resources\/webhooks\/\">Webhooks<\/a> inform your server of\u00a0<a href=\"\/account\/payments-lifecycle\">payment events<\/a>,\u00a0<a href=\"\/online-payments\/modify-payments\">modifications<\/a>, and newly available\u00a0<a href=\"\/reporting\">reports<\/a>. Webhooks can also inform you when payment requests trigger risk rules.<\/p>\n<p>You can include risk information, such as whether a payment was sent to case management, and which risk rules triggered in these webhooks, as well as in the payment response.<\/p>\n<div class=\"notices yellow\">\n<p>Returning fraud results is not turned on by default. When you configure your account to include risk information, it affects the format of both webhooks and the payment response.<\/p>\n<\/div>\n<h2>Requirements<\/h2>\n<p>Before you begin, take into account the following requirements and limitations.<\/p>\n<table>\n<thead>\n<tr>\n<th style=\"text-align: left;\">Requirement<\/th>\n<th style=\"text-align: left;\">Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td style=\"text-align: left;\"><strong>Integration type<\/strong><\/td>\n<td style=\"text-align: left;\">Make sure that you have built an <a href=\"\/online-payments\/build-your-integration\/\">online payments integration<\/a> and that <a href=\"\/risk-management\/configure-risk-settings\/\">risk is enabled<\/a>.<\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\"><strong><a href=\"\/account\/user-roles\/#risk\">Customer Area roles<\/a><\/strong><\/td>\n<td style=\"text-align: left;\">To manage webhooks and what is returned in the API response, make sure that you have the following role(s): <ul><li markdown=\"1\"><strong>Merchant technical integrator<\/strong><\/li><\/ul>To manage risk settings, make sure that you have one of the following role(s): <ul><li markdown=\"1\"><strong>Merchant change risk settings<\/strong><\/li><li markdown=\"1\"><strong>Risk admin<\/strong><\/li><\/ul><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\"><strong>Limitations<\/strong><\/td>\n<td style=\"text-align: left;\">You can only return information about custom risk rules and the fraud risk level when you have enabled <a href=\"\/risk-management\/configure-risk-settings#risk-general\">premium features<\/a>.<\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\"><strong>Setup steps<\/strong><\/td>\n<td style=\"text-align: left;\">Before you begin: <ul><li markdown=\"1\">Set up <a href=\"\/risk-management\/\">risk management<\/a>.<\/li><li markdown=\"1\">Configure and enable <a href=\"\/development-resources\/webhooks\/\">webhooks<\/a>.<\/li><\/ul><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>How it works<\/h2>\n<ol>\n<li><a href=\"#risk-result-enable\">Enable<\/a> risk results in the API response and webhooks.<\/li>\n<li>Decide in <a href=\"#risk-result-options\">which format<\/a> you want to return fraud results.<\/li>\n<\/ol>\n<h2 id=\"risk-result-enable\">Enable risk results in the API response and webhooks<\/h2>\n<p>To get risk information and fraud results in the API response and in webhooks, in your <a href=\"https:\/\/ca-test.adyen.com\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" class=\"external-link no-image\">Customer Area<\/a>:<\/p>\n<ol>\n<li>Go to <strong>Developers<\/strong> &gt; <strong>Additional data<\/strong>.<\/li>\n<li>Check the box under <strong>Risk<\/strong> &gt; <strong>Fraud result<\/strong>.<\/li>\n<li>Select <strong>Save configuration<\/strong>.<\/li>\n<\/ol>\n<p>When enabled:<\/p>\n<ul>\n<li>In the API response, the <code>additionalData<\/code> object contains risk information, and the <code>fraudResult<\/code> object shows which risk rules triggered.<\/li>\n<li>In the webhook, the <code>additionalData<\/code> object contains both risk information and the fraud results.<\/li>\n<\/ul>\n<p>The following are important values that you can get in the API response or webhooks:<\/p>\n<ul>\n<li>The possible <code>fraudResultType<\/code> values are <strong>GREEN<\/strong>, <strong>AMBER<\/strong>, or <strong>RED<\/strong>. For Protect premium, <strong>AMBER<\/strong> means that the transaction has been sent to <a href=\"\/risk-management\/case-management\">case management<\/a> for manual review.<\/li>\n<li>The possible <code>fraudRiskLevel<\/code> values are <strong>veryLow<\/strong>, <strong>low<\/strong>, <strong>medium<\/strong>, <strong>high<\/strong> or <strong>veryHigh<\/strong>. For Protect premium, the risk level shows the classification by the <strong><a href=\"\/risk-management\/configure-your-risk-profile\/machine-learning-rules\/\">Machine learning: fraud risk<\/a><\/strong> rule.<\/li>\n<li>For any field that shows a fraud score, for example <code>accountScore<\/code> or <code>totalFraudScore<\/code>, the possible values are <strong>-100<\/strong>, <strong>0<\/strong>, <strong>100<\/strong> or <strong>200<\/strong>.<\/li>\n<\/ul>\n<h3 id=\"risk-result-options\">Overview of options<\/h3>\n<table>\n<thead>\n<tr>\n<th>Category<\/th>\n<th>Customer Area<\/th>\n<th>Setting<\/th>\n<th>Description<\/th>\n<th>Comment<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Fraud results<\/td>\n<td><strong>Developers<\/strong> &gt; <strong>Additional data<\/strong> &gt; <strong>Risk<\/strong> &gt; <strong>Fraud result<\/strong><\/td>\n<td>ON <br> OFF<\/td>\n<td>Return \/ Do not return risk information in <code>additionalData<\/code> and <code>fraudResult<\/code> object of the API response and webhook.<\/td>\n<td>ON: Required for <a href=\"#version-1\">option 1<\/a> and <a href=\"#version-2\">option 2<\/a>.<\/td>\n<\/tr>\n<tr>\n<td>Custom rules format<\/td>\n<td><strong>Revenue &amp; risk<\/strong> &gt; <strong>Settings<\/strong> &gt; <strong>Change risk result format for custom rules<\/strong><\/td>\n<td>ON <br> OFF<\/td>\n<td>Return \/ Do not return each custom risk checks that triggered separately in the <code>fraudResult<\/code> object of the API response and webhook.<\/td>\n<td>ON: Required for <a href=\"#version-2\">option 2<\/a>.<\/td>\n<\/tr>\n<tr>\n<td>Standard webhook<\/td>\n<td><strong>Developers<\/strong> &gt; <strong>Webhooks<\/strong> &gt; <strong>Webhook settings<\/strong> &gt; <strong>Additional settings<\/strong> &gt; <strong>Risk<\/strong> &gt; <strong>Include Risk Data<\/strong><\/td>\n<td>ON <br> OFF<\/td>\n<td>Include \/ Do not include risk data sent in the request, such as custom fields, as <code>riskdata<\/code> in the webhook.<\/td>\n<td>ON: Required for <a href=\"#version-3\">option 3<\/a>.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3>Option 1<\/h3>\n<p>If you want to return all <a href=\"#version-1\">risk rule result lines in one format<\/a> in the <a href=\"#api-response-example\">API response<\/a> and <a href=\"#notification-example\">webhooks<\/a>, including any custom rules, <a href=\"#risk-result-enable\">enabling<\/a> the <strong>Fraud result<\/strong> in <strong>Additional data<\/strong> is all you need to do.<\/p>\n<h3>Option 2<\/h3>\n<p>If you want to break down <a href=\"#version-2\">custom risk rules separately<\/a> in the <a href=\"#api-response-example-1\">API response<\/a> and <a href=\"#notification-example-1\">webhooks<\/a>, you also have to enable the following risk setting in your <a href=\"https:\/\/ca-test.adyen.com\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" class=\"external-link no-image\">Customer Area<\/a>:<\/p>\n<ol>\n<li>Go to <strong>Revenue &amp; risk<\/strong> &gt; <strong>Settings<\/strong>.<\/li>\n<li>Enable <strong>Change risk result format for custom rules<\/strong>.<\/li>\n<li>Select <strong>Save configuration<\/strong>.<\/li>\n<\/ol>\n<h3>Option 3<\/h3>\n<p>This setting is optional and only affects webhooks.<\/p>\n<p>If you want to <a href=\"#version-3\">return any custom risk fields<\/a> that were included in the request in <a href=\"#notification-example-2\">webhooks<\/a>, in your <a href=\"https:\/\/ca-test.adyen.com\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" class=\"external-link no-image\">Customer Area<\/a>.<\/p>\n<ol>\n<li>Go to <strong>Developers<\/strong> &gt; <strong>Webhooks<\/strong>.<\/li>\n<li>Next to\u00a0<strong>Standard webhook<\/strong>, select the edit webhook icon <i class=\"adl-icon-edit\"><\/i>.<\/li>\n<li>Under\u00a0<strong>Additional Settings<\/strong>\u00a0&gt;\u00a0<strong>Risk<\/strong>, select the edit icon <i class=\"adl-icon-edit\"><\/i>.<\/li>\n<li>Select <strong>Include Risk Data<\/strong>.<\/li>\n<li>Select <strong>Apply<\/strong>.<\/li>\n<\/ol>\n<h2 id=\"version-1\">Option 1: One format for all risk checks<\/h2>\n<h3>Webhooks<\/h3>\n<p>All risk rule result lines in webhooks will be in the format:\u00a0<\/p>\n<p>fraudCheck-<em>[risk rule ID]<\/em>-<em>[<\/em>risk rule name<em>]<\/em><\/p>\n<p>For a list of the risk rule names, see the <a href=\"#risk-rule-name-reference\">risk rule name reference<\/a>.<\/p>\n<h4 id=\"notification-example\">Example webhook - one format for all checks<\/h4>\n<p>The following webhook example includes more than one custom risk rule that triggered. When you choose option 1, if one or more custom rules trigger, all custom risk rules are grouped under one fraud check.<\/p>\n<div data-component-wrapper=\"code-sample\">\n    <code-sample :title=\"'Example webhook - one format for all checks'\" :id=\"'option-1-protect-webhook'\" :code-data='[{\"language\":\"json\",\"tabTitle\":\"\",\"content\":\"{\\n   \\\"live\\\":\\\"false\\\",\\n   \\\"notificationItems\\\":[\\n      {\\n         \\\"NotificationRequestItem\\\":{\\n            \\\"additionalData\\\":{\\n               \\\"fraudResultType\\\":\\\"RED\\\",\\n               \\\"fraudRiskLevel\\\":\\\"high\\\",\\n               \\\"fraudManualReview\\\": \\\"false\\\",\\n               \\\"fraudCheck-82-CustomFieldCheck\\\": \\\"100\\\"\\n               \\\"totalFraudScore\\\":\\\"100\\\"\\n            },\\n            \\\"amount\\\":{\\n               \\\"currency\\\":\\\"EUR\\\",\\n               \\\"value\\\":30\\n            },\\n            \\\"eventCode\\\":\\\"AUTHORISATION\\\",\\n            \\\"eventDate\\\":\\\"2025-03-31T13:41:00+01:00\\\",\\n            \\\"merchantAccountCode\\\":\\\"YOUR_MERCHANT_ACCOUNT\\\",\\n            \\\"merchantReference\\\":\\\"YOUR_REFERENCE\\\",\\n            \\\"paymentMethod\\\":\\\"visa\\\",\\n            \\\"pspReference\\\":\\\"NC6HT9CRT65ZGN82\\\",\\n            \\\"reason\\\":\\\"FRAUD-CANCELLED\\\",\\n            \\\"success\\\":\\\"false\\\"\\n         }\\n      }\\n   ]\\n}\"}]' :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>\n<h3>API response<\/h3>\n<p>The following API response example includes more than one risk rules that triggered. When you choose option 1, if one or more (custom) rules trigger, all results are shown in the same way.<\/p>\n<h4 id=\"api-response-example\">Example API response - one format for all checks<\/h4>\n<div data-component-wrapper=\"code-sample\">\n    <code-sample :title=\"'Example API response - one format for all checks'\" :id=\"'option-1-api-protect'\" :code-data='[{\"language\":\"json\",\"tabTitle\":\"\",\"content\":\"{\\n    \\\"additionalData\\\": {\\n        \\\"paymentMethod\\\": \\\"visa\\\",\\n        \\\"fraudResultType\\\": \\\"RED\\\",\\n        \\\"fraudRiskLevel\\\":\\\"high\\\",\\n        \\\"fraudManualReview\\\": \\\"false\\\"\\n    },\\n    \\\"fraudResult\\\": {\\n        \\\"accountScore\\\": 100,\\n        \\\"results\\\": [\\n            {\\n                \\\"accountScore\\\": -100,\\n                \\\"checkId\\\": 82,\\n                \\\"name\\\": \\\"CustomFieldCheck\\\"\\n            },\\n            {\\n                \\\"accountScore\\\": 200,\\n                \\\"checkId\\\": 82,\\n                \\\"name\\\": \\\"CustomFieldCheck\\\"\\n            }\\n        ]\\n    },\\n    \\\"pspReference\\\": \\\"NC6HT9CRT65ZGN82\\\",\\n    \\\"refusalReason\\\": \\\"FRAUD-CANCELLED\\\",\\n    \\\"resultCode\\\": \\\"Cancelled\\\",\\n    \\\"amount\\\": {\\n        \\\"currency\\\": \\\"EUR\\\",\\n        \\\"value\\\": 30\\n    },\\n    \\\"merchantReference\\\": \\\"YOUR_REFERENCE\\\"\\n}\"}]' :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>\n<p>For more information on the fields returned in the API response, see our\u00a0<a href=\"https:\/\/docs.adyen.com\/api-explorer\/\" class=\"codeLabel external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">API Explorer<\/a>.<\/p>\n<h2 id=\"version-2\">Option 2: Return custom risk rules in a different format<\/h2>\n<h3>Webhooks<\/h3>\n<p>You can break custom risk rules into separate, more specific, rules. This lets you track when specific custom risk rules triggered.<\/p>\n<h4 id=\"notification-example-1\">Example webhook - split custom risk rules<\/h4>\n<p>The following webhook example includes more than one custom risk rules that triggered. When you choose option 2, all custom risk rules that triggered are shown as separate fraud checks.<\/p>\n<p>Risk rule result lines will be in this format:\u00a0<\/p>\n<p>fraudCheck-82-CustomFieldCheck-<em>[Rule name]<\/em><\/p>\n<p>For a list of the risk rule names, see the <a href=\"#risk-rule-name-reference\">risk rule name reference<\/a>.<\/p>\n<div data-component-wrapper=\"code-sample\">\n    <code-sample :title=\"'Example webhook  - split custom risk rules'\" :id=\"'option-2-protect-webhook'\" :code-data='[{\"language\":\"json\",\"tabTitle\":\"\",\"content\":\"{\\n   \\\"live\\\":\\\"false\\\",\\n   \\\"notificationItems\\\":[\\n      {\\n         \\\"NotificationRequestItem\\\":{\\n            \\\"additionalData\\\":{\\n               \\\"fraudResultType\\\":\\\"RED\\\",\\n               \\\"fraudRiskLevel\\\":\\\"high\\\",\\n               \\\"fraudManualReview\\\": \\\"false\\\",\\n               \\\"fraudCheck-82-CustomFieldCheck-YOUR_CUSTOM_RULE_1\\\": \\\"-100\\\"\\n               \\\"fraudCheck-82-CustomFieldCheck-YOUR_CUSTOM_RULE_2\\\": \\\"200\\\"\\n               \\\"fraudCheck-82-CustomFieldCheck-Card number or bank account number block list\\\": \\\"0\\\"\\n               \\\"totalFraudScore\\\":\\\"100\\\"\\n            },\\n            \\\"amount\\\":{\\n               \\\"currency\\\":\\\"EUR\\\",\\n               \\\"value\\\":30\\n            },\\n            \\\"eventCode\\\":\\\"AUTHORISATION\\\",\\n            \\\"eventDate\\\":\\\"2025-03-31T13:41:00+01:00\\\",\\n            \\\"merchantAccountCode\\\":\\\"YOUR_MERCHANT_ACCOUNT\\\",\\n            \\\"merchantReference\\\":\\\"YOUR_REFERENCE\\\",\\n            \\\"paymentMethod\\\":\\\"visa\\\",\\n            \\\"pspReference\\\":\\\"NC6HT9CRT65ZGN82\\\",\\n            \\\"reason\\\":\\\"FRAUD-CANCELLED\\\",\\n            \\\"success\\\":\\\"false\\\"\\n         }\\n      }\\n   ]\\n}\"}]' :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>\n<h3>API response<\/h3>\n<p>The following API response example includes two custom risk rules.<br \/>\nWhen you choose option 2, all custom risk rules that triggered are shown as separate fraud check results.<\/p>\n<h4 id=\"api-response-example-1\">Example API response - split custom risk rules<\/h4>\n<div data-component-wrapper=\"code-sample\">\n    <code-sample :title=\"'Example API response - split custom risk rules'\" :id=\"'option-2-api-protect'\" :code-data='[{\"language\":\"json\",\"tabTitle\":\"\",\"content\":\"{\\n    \\\"additionalData\\\": {\\n        \\\"paymentMethod\\\": \\\"visa\\\",\\n        \\\"fraudResultType\\\": \\\"RED\\\",\\n        \\\"fraudRiskLevel\\\":\\\"high\\\",\\n        \\\"fraudManualReview\\\": \\\"false\\\"\\n    },\\n    \\\"fraudResult\\\": {\\n        \\\"accountScore\\\": 100,\\n        \\\"results\\\": [\\n            {\\n                \\\"accountScore\\\": -100,\\n                \\\"checkId\\\": 82,\\n                \\\"name\\\": \\\"CustomFieldCheck-YOUR_CUSTOM_RULE_1\\\"\\n            },\\n            {\\n                \\\"accountScore\\\": 200,\\n                \\\"checkId\\\": 82,\\n                \\\"name\\\": \\\"CustomFieldCheck-YOUR_CUSTOM_RULE_2\\\"\\n            },\\n            {\\n                \\\"accountScore\\\": 0,\\n                \\\"checkId\\\": 82,\\n                \\\"name\\\": \\\"CustomFieldCheck-Card number or bank account number block list\\\"\\n            }\\n        ]\\n    },\\n    \\\"pspReference\\\": \\\"NC6HT9CRT65ZGN82\\\",\\n    \\\"refusalReason\\\": \\\"FRAUD-CANCELLED\\\",\\n    \\\"resultCode\\\": \\\"Cancelled\\\",\\n    \\\"amount\\\": {\\n        \\\"currency\\\": \\\"EUR\\\",\\n        \\\"value\\\": 30\\n    },\\n    \\\"merchantReference\\\": \\\"YOUR_REFERENCE\\\"\\n}\"}]' :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>\n<p>For more information on the fields returned in the API response, see our <a href=\"https:\/\/docs.adyen.com\/api-explorer\/\" class=\"codeLabel external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">API Explorer<\/a>.<\/p>\n<h2 id=\"version-3\">Option 3: Return risk data in webhooks<\/h2>\n<p>When you turn on the optional setting <strong>Include Risk Data<\/strong> in your webhook configuration, if you use custom risk rules, the webhook also contains the custom <code>riskdata<\/code> fields sent in the request, and their values.<\/p>\n<p>Here is an example webhook where all fraud checks are returned in one format (<a href=\"#version-1\">option 1<\/a>), and custom risk rules with custom fields triggered.<\/p>\n<h4 id=\"notification-example-2\">Example webhook including risk data<\/h4>\n<div data-component-wrapper=\"code-sample\">\n    <code-sample :title=\"'Example webhook including risk data'\" :id=\"'option-3-protect-webhook'\" :code-data='[{\"language\":\"json\",\"tabTitle\":\"\",\"content\":\"{\\n   \\\"live\\\":\\\"false\\\",\\n   \\\"notificationItems\\\":[\\n      {\\n         \\\"NotificationRequestItem\\\":{\\n            \\\"additionalData\\\":{\\n               \\\"fraudResultType\\\":\\\"RED\\\",\\n               \\\"fraudRiskLevel\\\":\\\"high\\\",\\n               \\\"fraudManualReview\\\": \\\"false\\\",\\n               \\\"fraudCheck-82-CustomFieldCheck\\\":\\\"100\\\",\\n               \\\"riskdata.userType\\\":\\\"Guest\\\",\\n               \\\"riskdata.basket.item1.productTitle\\\":\\\"Golden shoes\\\",\\n               \\\"riskdata.basket.item1.quantity\\\":\\\"3\\\",\\n               \\\"riskdata.basket.item2.productTitle\\\":\\\"Silver shoes\\\",\\n               \\\"riskdata.basket.item2.quantity\\\":\\\"5\\\",\\n               \\\"totalFraudScore\\\":\\\"100\\\"\\n            },\\n            \\\"amount\\\":{\\n               \\\"currency\\\":\\\"EUR\\\",\\n               \\\"value\\\":30\\n            },\\n            \\\"eventCode\\\":\\\"AUTHORISATION\\\",\\n            \\\"eventDate\\\":\\\"2025-03-31T13:41:00+01:00\\\",\\n            \\\"merchantAccountCode\\\":\\\"YOUR_MERCHANT_ACCOUNT\\\",\\n            \\\"merchantReference\\\":\\\"YOUR_REFERENCE\\\",\\n            \\\"paymentMethod\\\":\\\"visa\\\",\\n            \\\"pspReference\\\":\\\"NC6HT9CRT65ZGN82\\\",\\n            \\\"reason\\\":\\\"FRAUD-CANCELLED\\\",\\n            \\\"success\\\":\\\"false\\\"\\n         }\\n      }\\n   ]\\n}\"}]' :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>\n<h2 id=\"risk-rule-name-reference\">Risk rule name reference<\/h2>\n<p>Use the following table as a reference for risk rules that can appear in your API response or webhooks.<\/p>\n<h3 id=\"risk-rule-name-reference-protect\">Protect risk rules<\/h3>\n<div class=\"notices yellow\">\n<p>Names of Adyen-provided rules contain spaces. Names of any custom rules that you create cannot contain spaces.<\/p>\n<\/div>\n<p>Both Adyen-provided and custom rules are categorized as <code>CustomFieldCheck<\/code>.<\/p>\n<table>\n<thead>\n<tr>\n<th style=\"text-align: left;\">Risk rule type<\/th>\n<th style=\"text-align: left;\">Risk rule<\/th>\n<th style=\"text-align: left;\">Action<\/th>\n<th style=\"text-align: center;\">Requires premium<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td style=\"text-align: left;\">Machine learning<\/td>\n<td style=\"text-align: left;\">Machine learning rule: bot attack risk<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Machine learning<\/td>\n<td style=\"text-align: left;\">Machine learning rule: fraud risk<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><img title=\"-white_check_mark-\" alt=\"-white_check_mark-\" class=\"smileys\" src=\"\/user\/data\/smileys\/emoji\/white_check_mark.png\" \/><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Custom rules<\/td>\n<td style=\"text-align: left;\">The rule name, without spaces, as used in the custom rule configuration.<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><img title=\"-white_check_mark-\" alt=\"-white_check_mark-\" class=\"smileys\" src=\"\/user\/data\/smileys\/emoji\/white_check_mark.png\" \/><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Refund abuse risk<\/td>\n<td style=\"text-align: left;\">Refund abuse risk<\/td>\n<td style=\"text-align: left;\">Review<\/td>\n<td style=\"text-align: center;\"><img title=\"-white_check_mark-\" alt=\"-white_check_mark-\" class=\"smileys\" src=\"\/user\/data\/smileys\/emoji\/white_check_mark.png\" \/><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Refund abuse risk<\/td>\n<td style=\"text-align: left;\">Refund abuse risk - high risk<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><img title=\"-white_check_mark-\" alt=\"-white_check_mark-\" class=\"smileys\" src=\"\/user\/data\/smileys\/emoji\/white_check_mark.png\" \/><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Bank identification number allow list<\/td>\n<td style=\"text-align: left;\">Allow<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Bank identification number block list<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Card number or bank account number allow list<\/td>\n<td style=\"text-align: left;\">Allow<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Card number or bank account number block list<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Issuing Country block list<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Non-fraudulent card number or bank account number block list<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Phone number allow list<\/td>\n<td style=\"text-align: left;\">Allow<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Phone number block list<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Shopper Address allow list<\/td>\n<td style=\"text-align: left;\">Allow<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Shopper Address block list<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Shopper IP Address allow list<\/td>\n<td style=\"text-align: left;\">Allow<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Shopper IP Address block list<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Shopper IP Country block list<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Shopper email allow list<\/td>\n<td style=\"text-align: left;\">Allow<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Shopper email block list<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Shopper email domain allow list<\/td>\n<td style=\"text-align: left;\">Allow<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Shopper email domain block list<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Shopper name allow list<\/td>\n<td style=\"text-align: left;\">Allow<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Shopper name block list<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Shopper reference allow list<\/td>\n<td style=\"text-align: left;\">Allow<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Shopper reference block list<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Social Security Number allow list<\/td>\n<td style=\"text-align: left;\">Allow<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\">Risk list<\/td>\n<td style=\"text-align: left;\">Social Security Number block list<\/td>\n<td style=\"text-align: left;\">Block<\/td>\n<td style=\"text-align: center;\"><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>See also<\/h2>\n<div class=\"see-also-links output-inline\" id=\"see-also\">\n<ul><li><a href=\"\/development-resources\/webhooks\"\n                        target=\"_self\"\n                        >\n                    Webhooks\n                <\/a><\/li><li><a href=\"\/development-resources\/webhooks\/webhook-types\/additional-settings\"\n                        target=\"_self\"\n                        >\n                    Additional webhooks settings\n                <\/a><\/li><li><a href=\"\/risk-management\/configure-your-risk-profile\/custom-rules\"\n                        target=\"_self\"\n                        >\n                    Configure custom rules\n                <\/a><\/li><\/ul><\/div>\n","url":"https:\/\/docs.adyen.com\/risk-management\/handle-risk-rule-notifications","articleFields":{"description":"Learn how to include risk information and results in the API response and webhooks to inform you when payment requests trigger risk rules.","id":"47486660","type":"page","_expandable":{"operations":""},"status":"current","last_edit_on":"21-10-2019 15:46","page_id":"fb382ace-0c8d-43bb-a8be-bb34e57ad589","feedback_component":true,"filters_component":false,"decision_tree":"[]"},"algolia":{"url":"https:\/\/docs.adyen.com\/risk-management\/handle-risk-rule-notifications","title":"Fraud results in API responses and webhooks","content":"Webhooks inform your server of\u00a0payment events,\u00a0modifications, and newly available\u00a0reports. Webhooks can also inform you when payment requests trigger risk rules.\nYou can include risk information, such as whether a payment was sent to case management, and which risk rules triggered in these webhooks, as well as in the payment response.\n\nReturning fraud results is not turned on by default. When you configure your account to include risk information, it affects the format of both webhooks and the payment response.\n\nRequirements\nBefore you begin, take into account the following requirements and limitations.\n\n\n\nRequirement\nDescription\n\n\n\n\nIntegration type\nMake sure that you have built an online payments integration and that risk is enabled.\n\n\nCustomer Area roles\nTo manage webhooks and what is returned in the API response, make sure that you have the following role(s): Merchant technical integratorTo manage risk settings, make sure that you have one of the following role(s): Merchant change risk settingsRisk admin\n\n\nLimitations\nYou can only return information about custom risk rules and the fraud risk level when you have enabled premium features.\n\n\nSetup steps\nBefore you begin: Set up risk management.Configure and enable webhooks.\n\n\n\nHow it works\n\nEnable risk results in the API response and webhooks.\nDecide in which format you want to return fraud results.\n\nEnable risk results in the API response and webhooks\nTo get risk information and fraud results in the API response and in webhooks, in your Customer Area:\n\nGo to Developers &gt; Additional data.\nCheck the box under Risk &gt; Fraud result.\nSelect Save configuration.\n\nWhen enabled:\n\nIn the API response, the additionalData object contains risk information, and the fraudResult object shows which risk rules triggered.\nIn the webhook, the additionalData object contains both risk information and the fraud results.\n\nThe following are important values that you can get in the API response or webhooks:\n\nThe possible fraudResultType values are GREEN, AMBER, or RED. For Protect premium, AMBER means that the transaction has been sent to case management for manual review.\nThe possible fraudRiskLevel values are veryLow, low, medium, high or veryHigh. For Protect premium, the risk level shows the classification by the Machine learning: fraud risk rule.\nFor any field that shows a fraud score, for example accountScore or totalFraudScore, the possible values are -100, 0, 100 or 200.\n\nOverview of options\n\n\n\nCategory\nCustomer Area\nSetting\nDescription\nComment\n\n\n\n\nFraud results\nDevelopers &gt; Additional data &gt; Risk &gt; Fraud result\nON  OFF\nReturn \/ Do not return risk information in additionalData and fraudResult object of the API response and webhook.\nON: Required for option 1 and option 2.\n\n\nCustom rules format\nRevenue &amp; risk &gt; Settings &gt; Change risk result format for custom rules\nON  OFF\nReturn \/ Do not return each custom risk checks that triggered separately in the fraudResult object of the API response and webhook.\nON: Required for option 2.\n\n\nStandard webhook\nDevelopers &gt; Webhooks &gt; Webhook settings &gt; Additional settings &gt; Risk &gt; Include Risk Data\nON  OFF\nInclude \/ Do not include risk data sent in the request, such as custom fields, as riskdata in the webhook.\nON: Required for option 3.\n\n\n\nOption 1\nIf you want to return all risk rule result lines in one format in the API response and webhooks, including any custom rules, enabling the Fraud result in Additional data is all you need to do.\nOption 2\nIf you want to break down custom risk rules separately in the API response and webhooks, you also have to enable the following risk setting in your Customer Area:\n\nGo to Revenue &amp; risk &gt; Settings.\nEnable Change risk result format for custom rules.\nSelect Save configuration.\n\nOption 3\nThis setting is optional and only affects webhooks.\nIf you want to return any custom risk fields that were included in the request in webhooks, in your Customer Area.\n\nGo to Developers &gt; Webhooks.\nNext to\u00a0Standard webhook, select the edit webhook icon .\nUnder\u00a0Additional Settings\u00a0&gt;\u00a0Risk, select the edit icon .\nSelect Include Risk Data.\nSelect Apply.\n\nOption 1: One format for all risk checks\nWebhooks\nAll risk rule result lines in webhooks will be in the format:\u00a0\nfraudCheck-[risk rule ID]-[risk rule name]\nFor a list of the risk rule names, see the risk rule name reference.\nExample webhook - one format for all checks\nThe following webhook example includes more than one custom risk rule that triggered. When you choose option 1, if one or more custom rules trigger, all custom risk rules are grouped under one fraud check.\n\n    \n\nAPI response\nThe following API response example includes more than one risk rules that triggered. When you choose option 1, if one or more (custom) rules trigger, all results are shown in the same way.\nExample API response - one format for all checks\n\n    \n\nFor more information on the fields returned in the API response, see our\u00a0API Explorer.\nOption 2: Return custom risk rules in a different format\nWebhooks\nYou can break custom risk rules into separate, more specific, rules. This lets you track when specific custom risk rules triggered.\nExample webhook - split custom risk rules\nThe following webhook example includes more than one custom risk rules that triggered. When you choose option 2, all custom risk rules that triggered are shown as separate fraud checks.\nRisk rule result lines will be in this format:\u00a0\nfraudCheck-82-CustomFieldCheck-[Rule name]\nFor a list of the risk rule names, see the risk rule name reference.\n\n    \n\nAPI response\nThe following API response example includes two custom risk rules.\nWhen you choose option 2, all custom risk rules that triggered are shown as separate fraud check results.\nExample API response - split custom risk rules\n\n    \n\nFor more information on the fields returned in the API response, see our API Explorer.\nOption 3: Return risk data in webhooks\nWhen you turn on the optional setting Include Risk Data in your webhook configuration, if you use custom risk rules, the webhook also contains the custom riskdata fields sent in the request, and their values.\nHere is an example webhook where all fraud checks are returned in one format (option 1), and custom risk rules with custom fields triggered.\nExample webhook including risk data\n\n    \n\nRisk rule name reference\nUse the following table as a reference for risk rules that can appear in your API response or webhooks.\nProtect risk rules\n\nNames of Adyen-provided rules contain spaces. Names of any custom rules that you create cannot contain spaces.\n\nBoth Adyen-provided and custom rules are categorized as CustomFieldCheck.\n\n\n\nRisk rule type\nRisk rule\nAction\nRequires premium\n\n\n\n\nMachine learning\nMachine learning rule: bot attack risk\nBlock\n\n\n\nMachine learning\nMachine learning rule: fraud risk\nBlock\n\n\n\nCustom rules\nThe rule name, without spaces, as used in the custom rule configuration.\nBlock\n\n\n\nRefund abuse risk\nRefund abuse risk\nReview\n\n\n\nRefund abuse risk\nRefund abuse risk - high risk\nBlock\n\n\n\nRisk list\nBank identification number allow list\nAllow\n\n\n\nRisk list\nBank identification number block list\nBlock\n\n\n\nRisk list\nCard number or bank account number allow list\nAllow\n\n\n\nRisk list\nCard number or bank account number block list\nBlock\n\n\n\nRisk list\nIssuing Country block list\nBlock\n\n\n\nRisk list\nNon-fraudulent card number or bank account number block list\nBlock\n\n\n\nRisk list\nPhone number allow list\nAllow\n\n\n\nRisk list\nPhone number block list\nBlock\n\n\n\nRisk list\nShopper Address allow list\nAllow\n\n\n\nRisk list\nShopper Address block list\nBlock\n\n\n\nRisk list\nShopper IP Address allow list\nAllow\n\n\n\nRisk list\nShopper IP Address block list\nBlock\n\n\n\nRisk list\nShopper IP Country block list\nBlock\n\n\n\nRisk list\nShopper email allow list\nAllow\n\n\n\nRisk list\nShopper email block list\nBlock\n\n\n\nRisk list\nShopper email domain allow list\nAllow\n\n\n\nRisk list\nShopper email domain block list\nBlock\n\n\n\nRisk list\nShopper name allow list\nAllow\n\n\n\nRisk list\nShopper name block list\nBlock\n\n\n\nRisk list\nShopper reference allow list\nAllow\n\n\n\nRisk list\nShopper reference block list\nBlock\n\n\n\nRisk list\nSocial Security Number allow list\nAllow\n\n\n\nRisk list\nSocial Security Number block list\nBlock\n\n\n\n\nSee also\n\n\n                    Webhooks\n                \n                    Additional webhooks settings\n                \n                    Configure custom rules\n                \n","type":"page","locale":"en","boost":18,"hierarchy":{"lvl0":"Home","lvl1":"Risk management","lvl2":"Fraud results in API responses and webhooks"},"hierarchy_url":{"lvl0":"https:\/\/docs.adyen.com\/","lvl1":"https:\/\/docs.adyen.com\/risk-management","lvl2":"\/risk-management\/handle-risk-rule-notifications"},"levels":3,"category":"Risk Management","category_color":"green","tags":["Fraud","results","responses","webhooks"]}}