Risk & Fraud Tools
Risk and fraud adapters integrate third-party scoring and decisioning engines into the payment flow. Unlike payment adapters, these do not process money — they provide risk signals that the routing engine uses to accept, challenge, or decline transactions.
4 integrations in this category.
Available Integrations
| Provider | Adapter name | Type | Coverage | Required params |
|---|---|---|---|---|
| Sift | sift | ML-based fraud scoring | Global | api_key, account_id |
| Riskified | riskified | Chargeback guarantee | Global (e-commerce) | shop_domain, auth_token |
| Signifyd | signifyd | Chargeback guarantee | US, UK, EU | api_key |
| Forta | forta | On-chain threat intelligence | Blockchain txns | api_key |
How Risk Tools Work
Risk tools are called before routing in the FlowDirect pipeline. The flow is:
Transaction created
↓
Risk check (Sift / Riskified / Signifyd)
↓
Score returned → Routing decision
↓
Accept → route to payment processor
Challenge → trigger additional auth (3DS, OTP)
Decline → reject with error_description: "risk_declined"
Risk tool results are stored in the transaction's metadata field and available in the Admin Console.
Provider Details
Sift
ML fraud prevention platform covering payments, account takeover, content abuse, and disputes.
Use cases: Card-not-present fraud scoring, velocity rules, device fingerprinting.
Signal types returned:
score(0–100, higher = riskier)label(bad / good)reasons(array of signals)
Config example:
{
"adapter": "sift",
"params": {
"api_key": "YOUR_API_KEY",
"account_id": "YOUR_ACCOUNT_ID",
"score_threshold": 80
}
}
Riskified
Chargeback guarantee product for e-commerce. Riskified takes full chargeback liability for approved orders.
Use cases: E-commerce checkout, high-value orders, travel & ticketing.
Model: Submit order → Approve/Decline decision → If approved and later charged back, Riskified pays.
Config example:
{
"adapter": "riskified",
"params": {
"shop_domain": "yourshop.com",
"auth_token": "YOUR_AUTH_TOKEN"
}
}
Signifyd
Chargeback guarantee with a focus on North America and Europe. Covers fraud and authorization decline recovery.
Use cases: Retail, digital goods, subscription businesses.
Config example:
{
"adapter": "signifyd",
"params": {
"api_key": "YOUR_API_KEY"
}
}
Forta
On-chain threat intelligence for blockchain transactions. Detects malicious wallet addresses, rug pulls, and on-chain attack patterns.
Use cases: Crypto payment flows, DeFi integrations, blockchain compliance.
Config example:
{
"adapter": "forta",
"params": {
"api_key": "YOUR_API_KEY"
}
}
Configuring Risk Tools on a Terminal
Risk tools are assigned at the terminal level. A terminal can have one primary risk tool and optionally a fallback.
Via Admin Console
- Go to Terminals → select terminal → Risk Settings
- Select provider from the dropdown
- Enter credentials
- Set
score_threshold(Sift) or leave at default for guarantee models - Save
Via API
curl -X PUT https://4pay.online/api/v1/admin/terminals/TERMINAL_ID \
-H "Authorization: Bearer ADMIN_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"params": {
"risk_adapter": "sift",
"risk_config": {
"api_key": "YOUR_SIFT_KEY",
"account_id": "YOUR_ACCOUNT_ID",
"score_threshold": 75
}
}
}'
Built-in Anti-Fraud (Gen2 AF Engine)
In addition to third-party risk tools, the platform includes a built-in Gen2 Anti-Fraud engine that operates independently of external providers:
| Feature | Description |
|---|---|
| Velocity rules | Limits per card, IP, device, partner, terminal |
| Amount rules | Per-transaction and daily/monthly caps |
| Geo rules | Country/region block lists |
| Card BIN rules | Block by issuer country or card range |
| Custom rules | Configurable via Admin Console |
The Gen2 AF engine runs on all transactions regardless of whether a third-party risk tool is configured.
Need to integrate a risk provider not listed here? The adapter framework supports custom risk tool adapters. Contact your implementation team.