Skip to content
StraventaDocs
API Reference

Fraud Detection API

Synchronous fraud decision engine — rules, block/allow lists, and review queue

The Fraud Detection Service is the platform's synchronous risk evaluation layer. It is called by the payments-service at authorization time and is also exposed publicly via the api.* aggregator at /v1/fraud/. The rules engine is implemented in Go; ML scoring via a Python sidecar is wired in Phase 2+.

Base URLs

EnvironmentHostname
Sandboxhttps://sandbox.505pay.link
Production (505pay.link)https://api.505pay.link
Production (straventa.com)https://api.straventa.com

Authentication

All fraud API endpoints require a Bearer JWT issued by the auth-service. The tenant_id claim is extracted server-side — callers do not include it in the request body.

Decision verdicts

VerdictMeaning
allowPasses all checks; proceed normally.
reviewSuspicious; flag for manual review, do not block.
declineHigh-confidence fraud; block the action.
unavailableService temporarily unable to evaluate; apply your own fallback policy.

Flag-only launch (P0)

At launch the service never hard-declines. Every decision is flagged for human review; the decline verdict is reserved for Phase 2+ when the ML sidecar is wired in and confidence calibration is complete.

Idempotency

Pass an Idempotency-Key header (UUID or opaque string, up to 64 characters) on POST /v1/fraud/decisions. Duplicate submissions within the replay window return the original decision with HTTP 200.

Reason codes

CodeMeaning
velocity_ip_exceededPayer IP exceeded per-(IP, merchant) attempt threshold within window
velocity_card_exceededPayment card fingerprint seen across too many distinct merchants in 24h
velocity_fingerprint_exceededDevice fingerprint seen across too many distinct merchants in 24h
high_risk_scoreComputed risk score exceeds review threshold (no single rule tripped)
list_block_ipPayer IP appears on a block list
list_block_cardCard fingerprint appears on a block list
list_block_fingerprintDevice fingerprint appears on a block list
ml_high_scoreML sidecar score above decline threshold (Phase 2+; not emitted in P0)

P0 scope

Only event_type=payment is implemented in P0. Other event_type values return 400 event_type_unsupported.


Endpoint reference

Fraud decisions

Synchronous fraud evaluation — submit a platform event and receive a verdict, risk score, and reason codes. Called by the payments-service at authorization time and available directly via the api.* aggregator.

Configurable rules

Manage per-tenant fraud rules expressed as condition/action definitions. Each PATCH that supplies a definition appends an immutable version snapshot.

Block / allow lists

Manage per-tenant block and allow lists keyed by IP, device fingerprint, card fingerprint, email, or customer ID. Allow overrides block when both match.

Health & metadata

Liveness probe and OpenAPI specification endpoints.

Ungrouped operations

23 operations in the spec are not listed in the groups file. Add their operationIds to content/docs/api/fraud.groups.json.

GET/v1/aml/cash-obligations

List LTKT cash-CTR obligations for the tenant

GET/v1/aml/config

Get the tenant's AML config

GET/v1/aml/reports

List AML reports for the tenant

GET/v1/aml/reports/{id}

Get a single AML report by ID

GET/v1/aml/reports/{id}/export

Export the AML report XML file for submission

GET/v1/fraud/cases

List unified compliance cases

GET/v1/fraud/cases/{id}

Get a case with its immutable trail

GET/v1/fraud/cases/{id}/dispositions

List a case's disposition trail

GET/v1/fraud/cases/queue

List the open case work queue

GET/v1/fraud/narration/artifacts/{id}

Get a narration artifact

GET/v1/fraud/narration/subjects/{type}/{id}/artifacts

List a subject's narration artifacts

POST/v1/aml/reports

Draft a goAML report for a compliance case

POST/v1/aml/reports/{id}/approve

Approve a drafted AML report (maker-checker)

POST/v1/aml/reports/{id}/submittable

Mark an approved AML report ready for filing

POST/v1/fraud/cases/{id}/assign

Assign a case to an owner

POST/v1/fraud/cases/{id}/disposition

Submit a case disposition

POST/v1/fraud/cases/{id}/disposition/{dispId}/approve

Approve a pending case disposition

POST/v1/fraud/cases/{id}/disposition/{dispId}/reject

Reject a pending case disposition

POST/v1/fraud/cases/{id}/escalate

Escalate a case

POST/v1/fraud/narration/artifacts/{id}/confirm

Mark a narration draft reviewed (single-control, advisory)

POST/v1/fraud/narration/cases/{id}/ltkm-draft

Generate an advisory LTKM narrative draft for a compliance case

POST/v1/fraud/narration/decisions/{id}/triage-summary

Generate an advisory triage summary for a fraud decision

PUT/v1/aml/config

Upsert the tenant's AML config

Was this page helpful?

On this page