HOW TO: Integrate the Riskified Fraud Service to your Website

How does it work?

  1. An order is placed by a Client of an Affiliate website.
  2. Affiliate website will need to send us the Client's session_id
  3. The Clients credit card is charged through Braintree.
  4. The Client's session_id information is then sent to Riskified.
  5. Riskified assesses this information and provides us back with a decision on fraud status.
  6. Riskified sends an answer back to us, and if the order passes fraud validation, the order process on our end will continue to charge the card through Braintree.


How to Integrate

In order to collect information regarding each Client's transactions, you will need to add this snippet of JavaScript to the header of each of your Affiliate website's pages. This is called the Riskified Beacon and it must be on all pages of your site to work optimally. Additionally, you need to pass in the same variables you collect with the beacon, along with the order at checkout. Below are specifications for the beacon and parameters included in the checkout post body of your order.

Riskified Beacon Variables to set up:

  • Set the store_domain variable to 'ticketevolution.com'.
  • The customer's session_id in the session_id
  • The store_domain & session_id in the url


Riskified Beacon JS
<script type="text/javascript">
//<![CDATA[
(function() {
  function riskifiedBeaconLoad() {
    var store_domain = 'ticketevolution.com';
    var session_id = 'SESSION ID GOES HERE - as passed to Order->cart_token';
    var url = ('https:' == document.location.protocol ? 'https://' : 'http://')
      + "beacon.riskified.com?shop=" + store_domain + "&sid=" + session_id;

    var s = document.createElement('script');
    s.type = 'text/javascript';
    s.async = true;
    s.src = url;

    var x = document.getElementsByTagName('script')[0];
    x.parentNode.insertBefore(s, x);
  }

  if (window.attachEvent)
    window.attachEvent('onload', riskifiedBeaconLoad)
  else
    window.addEventListener('load', riskifiedBeaconLoad, false);
})();

//]]>
</script>




Parameters to pass along at Checkout:

IP Address: In the order post body, the parameter needs to be called “created_by_ip_address” and the value needs to be the consumer’s ip address. Any other name for the parameter will not work. You can find this in the order creation documentation here: Orders / Create

Session ID: In the order post body, the parameter needs to be called “session_id” and the value needs to match the session id that is collected in the beacon in the section above. If these two values are not exact matches, the service itself will not work optimally. This is not currently in the  Orders / Create document, but it is a parameter that can be passed through the order post body and is absolutely necessary for fraud protection to work.