Fraud check alert
Your business can maintain a list of known fraudulent IP addresses, or a list of customers that have placed fraudulent orders in the past. Orders must be validated by specific fraud checks at order capture time, and fraud analysts must be notified of the failures. The fraud check mechanisms are very specific to business needs and practices. Because of this, the application provides a general framework for fraud checks.
The following section describes APIs, user exits, services, and other components.
All orders are placed
YCD_FRAUD_CHECK hold upon order creation or
draft order confirmation. This hold prevents any transaction from
processing the order and is processed by the Fraud Check agent. The
Fraud check agent is derived from the Process Order Hold Type base
The Fraud Check agent calls the
exit, which is implemented as the
In this case, the
processFraudCheckHold custom API
is called, which in turn calls the
which finally calls the
The user exit takes the following file as its input XML:
the user exit returns a message to the agent that indicates possible
ON_FRAUDULENT_ORDER event is raised, and
YCDFraudCheckAlert_1.0 service is invoked through
sends an alert to the Fraud Queue, which is monitored by the Fraud
- Ensure that the
YCD_FRAUD_CHECKhold type is implemented for the enterprise that does the fraud checks. Do the following steps to implement a Fraud Check hold type.
Note: The attributes mentioned in the procedure are important. Additionally, you can specify other attributes for the hold type based on your business needs.
- Launch Applications Manager -> Distributed Order Management, and load the enterprise that does the fraud checks.
- Go to Distributed Order Management -> <Document Specific> -> <Document Type> -> Fulfillment -> Hold Types.
the Create icon to create the fraud
check hold type with the following details:
- In the Hold
Type field, enter
the Hold Creation tab, select the following
- On Draft Order Confirmation
- On Order Creation
- In the Hold Resolution tab, select Fraud Check On Order as the time triggered transaction that will process the created holds.
- In the Hold Effects tab, you can specify the transactions that will be stopped from processing orders on this hold. Additionally, you can specify the modifications that are not allowed for orders on this hold.
- In the Hold Type field, enter
- Click Save. The hold type is saved.
- In the
YCD_FraudCheckAlert_1.0service, the alert sent to the Fraud Check queue uses the following XSL by default:
- This XSL must be copied to a file named
YCD_FraudCheckAlert.xsl, customized as needed, and its path and name must be specified in the Template Name field of the Alert properties.
You can save it to another directory, but using the standard directory structure that is supplied by the Sterling Order Management System Software helps ensure consistency.
All of these services as well as the user exits can be customized as needed to fit your business needs.
exit must return the response code of the fraud check in the
at the Order element level. This attribute value must be 'FAILED'
if the fraud check failed and 'SUCCESS' if the fraud check succeeded.
must be returned under the Order element.
For more information about the user exits and APIs, see the Javadoc.
The user can prevent order-related fraudulent activities.