Method: fraudNotification

HTTP request
Request body
- JSON representation
Response body
FraudType
FraudNotificationResponse
- JSON representation
FraudNotificationResult
- JSON representation

Notifies Google of a fraud dispute initiated by a customer.

It is recommended that Google is notified of all potential fraud that has occurred.

Fraud can occur without a chargeback and a chargeback can occur without fraud. The information provided to this method does not initiate any money movement. It is used only to update Google's internal risk engine to reduce overall fraud. Google does not respond to this request with any information about the transaction.

If the endpoint encounters an error while processing the request, the response from this endpoint will be of type ErrorResponse.

Responses to this query may be empty if this method does not return an HTTP 200. The response body is empty in situations where an ErrorResponse with a clear description could be used to help an attacker understand the payment integrator account identifier of other integrators. In these situations, where either the signing key doesn't match, the payment integrator identifier was not found, or the encryption key was unknown, this method will return an HTTP 404 with an empty body. If the request signature could be verified, additional information regarding the error will be returned in the response body.

An example request looks like:


{
  "requestHeader": {
    "protocolVersion": {
      "major": 1
    },
    "requestId": "f3b6cffe-6fa0-4c33-84b5-7ff8d1ac9ecc",
    "requestTimestamp": {
      "epochMillis": "1483532962000"
    },
    "paymentIntegratorAccountId": "SpeedyPaymentsIndia_INR"
  },
  "captureRequestId": "G112YZH4XPDV88J",
  "fraudType": "FRAUDULENT_USE",
  "rawResult": {
    "scope": "VISA",
    "rawCode": "06"
  }
}

An example response looks like:


{
  "responseHeader": {
    "responseTimestamp": {
      "epochMillis": "1483532962349"
    }
  },
  "result": {
    "success": {}
  }
}

HTTP request

POST https://vgw.googleapis.com/gsp/carriers-v1/fraudNotification/:PIAID

Request body

The request body contains data with the following structure:

JSON representation
{ "requestHeader": { object (RequestHeader) }, "captureRequestId": string, "fraudType": enum (`FraudType`), "rawResult": { object (RawResult) } }

Fields
`requestHeader`	`object (RequestHeader)` REQUIRED: Common header for all requests.
`captureRequestId`	`string` REQUIRED: A unique identifier for the capture the potential fraud is associated with. This is the `requestId` generated by Google during the `captureFundsReservation` or `capture` for the original request.
`fraudType`	`enum (FraudType)` REQUIRED: This is the type of fraud that may have occurred.
`rawResult`	`object (RawResult)` REQUIRED: Raw result of the fraud notification from the issuer. Used to help inform Google's risk engine and analytics. In fraud code–mapping situations, data is sometimes lost. The integrator can choose to give Google a raw code. For example, a credit card gateway (the integrator) may use this field to communicate to Google the exact fraud code that was received from the VISA network. In that case, the `scope` would be "visa" and the `rawCode` would be whatever the VISA network returned.

Response body

This method supports multiple return types. For additional information about what 4XX or 5XX HTTP status code to return with an ErrorResponse, consult the ErrorResponse object and HTTP status codes documentation.

Possible response messages
HTTP 200 Status	`object (FraudNotificationResponse)`
HTTP 4XX / 5XX Status	`object (ErrorResponse)`

FraudType

The type of fraud that may have occurred.

Enums
`UNKNOWN_TYPE`	Do not ever set this default value!
`FRAUDULENT_USE`	Use was not authorized.
`COUNTERFEIT`	Account owner did not knowingly participate in a transaction.
`LOST`	The instrument was reported as lost by the account holder at the time of the transaction.
`STOLEN`	The instrument was reported as comprimised by the account holder at the time of the transaction.
`ACCOUNT_TAKEOVER`	The transaction was not authorized by the account holder.
`FRAUDULENT_APPLICATION`	The user did not apply for this account or provided false details.
`CARD_NOT_RECEIVED`	A card was reported as not received by the cardholder at the time of the transaction.
`OTHER`	Unrecognized or unmapped type.
`SCAM`	The cardholder was manipulated by a fraudster to provide payment in good-faith, to an account the cardholder believes belongs to a legitimate payee.
`MERCHANT_FRAUD`	The cardholder was deliberately misled by the merchant.

FraudNotificationResponse

JSON representation
{ "responseHeader": { object (ResponseHeader) }, "result": { object (`FraudNotificationResult`) } }

Fields

Fields
`responseHeader`	`object (ResponseHeader)` REQUIRED: Common header for all responses.
`result`	`object (FraudNotificationResult)` REQUIRED: Result of this call.

responseHeader

object (ResponseHeader)

REQUIRED: Common header for all responses.

result

object (FraudNotificationResult)

REQUIRED: Result of this call.

FraudNotificationResult

Result codes for the fraudNotification method.

JSON representation
{ // Union field `result` can be only one of the following: "success": { object (Empty) } // End of list of possible types for union field `result`. }

Fields

Fields
Union field `result`. `result` can be only one of the following:
`success`	`object (Empty)` Fraud notification was successfully processed.

Union field result.

result can be only one of the following:

success

object (Empty)

Fraud notification was successfully processed.