Developer Guide

Screen Order

Screen an order to detect the degree of fraud. The accuracy depends on the number of parameters and previous feedback. The more details & feedbacks supplied, the higher number of accuracy in return.

NOTE: You need to register for an API key before using this REST API. Please visit Micro Plan to sign up for an API key if you do not have one.

GET https://api.fraudlabspro.com/v1/order/screen

Request
Parameter Description
ip (required) IP address of online transaction. It supports both IPv4 and IPv6 address format.
key (required) API license key.
format (required) Return the result in json or xml format.
Valid values: json | xml
bill_city (optional) City of billing address.
bill_state (optional) State of billing address.
It supports state codes, e.g. NY (New York), for state or province of United States or Canada. Please refer to state & province codes for complete list.
bill_country (optional) Country of billing address.
It requires the input of ISO-3166 alpha-2 country code, e.g. US for United States. Please refer to Country Codes for complete list.
bill_zip_code (optional) Postal or ZIP code of billing address.
ship_addr (optional) Street address of shipping address.
ship_city (optional) City of shipping address.
ship_state (required) State of shipping address.
It supports state codes, e.g. NY - New York, for state or province of United States or Canada. Please refer to state & province codes for complete list.
ship_country (optional) Country of shipping address.
It requires the input of ISO-3166 alpha-2 country code, e.g. US for United States. Please refer to Country Codes for complete list.
ship_zip_code (optional) Postal or ZIP code of shipping address.
email_domain (optional) Domain name of email address. For example, the domain of email address support@fraudlabspro.com is fraudlabspro.com.
user_phone (optional) User's phone number.
email_hash (optional) SHA1-64k hash of user's email address. No plaintext information. Please refer to SHA1-64k Hash Function for details.
username_hash (optional) SHA1-64k hash of user's username. No plaintext information. Please refer to SHA1-64k Hash Function for details.
password_hash (optional) SHA1-64k hash of user's password. No plaintext information. Please refer to SHA1-64k Hash Function for details.
bin_no (optional) First 6 digits of credit card number to identify issuing bank.
bin_bank_name (optional) Name of the bank which issued the credit card.
bin_bank_phone (optional) Customer service phone number listed on the back of credit card.
bin_bank_country (optional) Country of the bank which issued the credit card.
It requires the input of ISO-3166 alpha-2 country code, e.g. US for United States. Please refer to Country Codes for complete list.
card_hash (optional) SHA1-64k hash of credit number. No plaintext information. Please refer to SHA1-64k Hash Function for details.
avs_result (optional) The single character AVS result returned by the credit card processor. Please refer to AVS & CVV2 Response Codes for details.
cvv_result (optional) The single character CVV2 result returned by the credit card processor. Please refer to AVS & CVV2 Response Codes for details.

NOTE: This is not for the input of the actual CVV code from the back of the credit card.
user_order_id (optional) Merchant identifier to uniquely identify a transaction. It supports maximum of 15 characters user order id input.
user_order_memo (optional) Merchant description of an order transaction. It supports maximum of 200 characters.
amount (optional) Amount of the transaction.
quantity (optional) Total quantity of the transaction.
currency (optional) Currency code used in the transaction.
It requires the input of ISO-4217 (3 characters) currency code, e.g. USD for US Dollar. Please refer to Currency Codes for complete list.
department (optional) Merchant identifier to uniquely identify a product or service department.
payment_mode (optional) Payment mode of transaction.
Valid values: creditcard | paypal | googlecheckout | bitcoin | cod | moneyorder | wired | bankdeposit | others.
session_id (optional) Session ID of server script.
Response
Parameter Description
is_country_match Whether country of IP address matches billing address country.
Return values: Y, N, NA (NA means not applicable)
is_high_risk_country Whether IP address or billing address country is in the latest high risk list.
Return values: Y, N, NA (NA means not applicable)
distance_in_km Distance of location between IP address and bill. Value in kilometer.
distance_in_mile Distance of location between IP address and bill. Value in mile.
ip_country Estimated country of the IP address (in IPv4 address format).
ip_region Estimated region of the IP address (in IPv4 address format).
ip_city Estimated city of the IP address (in IPv4 address format).
ip_continent Estimated continent of the IP address. Please refer to Continent-Country for details.
ip_latitude Estimated latitude of the IP address.
ip_longitude Estimated longitude of the IP address.
ip_timezone Estimated timezone of the IP address.
ip_elevation Estimated elevation of the IP address.
ip_domain Estimated domain name of the IP address.
ip_mobile_mnc Estimated mobile mcc information of the IP address, if it is a mobile network.
ip_mobile_mcc Estimated mobile mcc information of the IP address, if it is a mobile network.
ip_mobile_brand Estimated mobile brand information of the IP address, if it is a mobile network.
ip_netspeed Estimated netspeed of the IP address.
ip_isp_name Estimated ISP name of the IP address.
ip_usage_type Estimated usage type of the IP address. ISP, Commercial, Residential.
is_free_email Whether the email is from free email provider.
Return values: Y, N, NA (NA means not applicable)
is_new_domain_name Whether the email domain name a newly registered name. Only applicable for non-free email domain.
Return values: Y, N, NA (NA means not applicable)
is_proxy_ip_address Whether the IP address is from a known anonymous proxy server.
Return values: Y, N, NA (NA means not applicable)
is_bin_found Whether the BIN information matches our BIN list.
Return values: Y, N, NA (NA means not applicable)
is_bin_country_match Whether the country of issuing bank matches BIN country code given by user.
Return values: Y, N, NA (NA means not applicable)
is_bin_name_match Whether the name of issuing bank matches BIN bank name given by user.
Return values: Y, N, NA (NA means not applicable)
is_bin_phone_match Whether the customer service phone number matches BIN phone given by user.
Return values: Y, N, NA (NA means not applicable)
is_bin_prepaid Whether the credit card is a type of prepaid card.
Return values: Y, N, NA (NA means not applicable)
is_address_ship_forward Whether the shipping address is in database of known mail drops.
Return values: Y, N, NA (NA means not applicable)
is_bill_ship_city_match Whether the billing city matches the shipping city.
Return values: Y, N, NA (NA means not applicable)
is_bill_ship_state_match Whether the billing state matches the shipping state.
Return values: Y, N, NA (NA means not applicable)
is_bill_ship_country_match Whether the billing country matches the shipping country.
Return values: Y, N, NA (NA means not applicable)
is_bill_ship_postal_match Whether the billing postal/zip code matches the shipping postal/zip code.
Return values: Y, N, NA (NA means not applicable)
is_ip_blacklist Whether the IP address is in our blacklist database.
Return values: Y, N, NA (NA means not applicable)
is_email_blacklist Whether the email address is in our blacklist database.
Return values: Y, N, NA (NA means not applicable)
is_credit_card_blacklist Whether the credit card is in our blacklist database.
Return values: Y, N, NA (NA means not applicable)
is_device_blacklist Whether the device Id is in our blacklist database.
Return values: Y, N, NA (NA means not applicable)
user_order_id Return the order identifier given by merchant earlier.
user_order_memo Return the order description given by merchant earlier.
fraudlabspro_score Overall score between 1 and 100. 100 is the highest risk and 1 is the lowest risk.
fraudlabspro_distribution Return the distribution of the risk rate range from 1 to 100. Distribution score of 90 means it is at top 10% high score in sample.
fraudlabspro_status Final action based on the rules analysis.
Return values: APPROVE | REJECT | REVIEW
fraudlabspro_id System own unique identifier to identify this API transaction.
fraudlabspro_version Version of the fraud analysis engine used in this transaction.
fraudlabspro_error_code Error code in this transaction. Please refer to Error Codes for complete list.
fraudlabspro_message More information about the status of this transaction. Please refer to Error Codes for complete list.
fraudlabspro_credits Balance of queries in your account after this transaction.
Sample Code
<?php
$apiKey = 'Enter_License_Key';
$params['format']           = 'json';
$params['ip']               = $_SERVER['REMOTE_ADDR'];
$params['bill_city']        = 'Cleveland';
$params['bill_state']       = 'OH';
$params['bill_zip_code']    = '44115';
$params['bill_country']     = 'US';
$params['ship_addr']        = '4987 Bingamon Road';
$params['ship_city']        = 'Cleveland';
$params['ship_state']       = 'OH';
$params['ship_zip_code']    = '44115';
$params['ship_country']     = 'US';
$params['email_domain']     = 'gmail.com';
$params['user_phone']           = '440-5551961';
$params['email_hash']       = fraudlabspro_hash('user@gmail.com');
$params['username_hash']    = fraudlabspro_hash('kevinowen');
$params['password_hash']    = fraudlabspro_hash('3X2hd8cWNw9q');
$params['bin_no']           = '558265';
$params['bank_name']        = 'Bank of Ocean View';
$params['bank_phone']       = '212-500-2489';
$params['card_hash']        = fraudlabspro_hash('5582657189029269');
$params['avs_result']               = 'Y';
$params['cvv_result']               = 'M';
$params['user_order_id']    = '7893';
$params['amount']           = '99.95';
$params['quantity']         = '1';
$params['department']       = 'Online Store';
$params['payment_mode']     = 'creditcard';

$query = '';

foreach($params as $key=>$value){
	$query .= '&' . $key . '=' . rawurlencode($value);
}

$try = 0;
do {
	////////////
	//For https request, please make sure you have enabled php_openssl.dll extension.
	//
	//How to enable https
	//- Uncomment ;extension=php_openssl.dll by removing the semicolon in your php.ini, and restart the apache.
	//
	//In case you have difficulty to modify the php.ini, you can always make the http request instead of https.
	////////////
	$result = file_get_contents('https://api.fraudlabspro.com/v1/order/screen?key=' . $apiKey . $query);
} while(!$result && $rty++ < 3);

$data = json_decode($result);

print_r($data);

function fraudlabspro_hash($s){
	$hash = 'fraudlabspro_' . $s;
	for($i=0; $i<65536; $i++) $hash = sha1('fraudlabspro_' . $hash);

	return $hash;
}
?>
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;

public class FLP {
	public static void main(String[] args) {
		try {

		URL url = new URL("https://api.fraudlabspro.com/v1/order/screen?key=Enter_License_Key&format=json&ip=127.0.0.1&bill_city=Cleveland&bill_state=OH&bill_zip_code=44115&bill_country=US&ship_addr=4987%20Bingamon%20Road&ship_city=Cleveland&ship_state=OH&ship_zip_code=44115&ship_country=US&email_domain=gmail.com&user_phone=440-5551961&email_hash=2d230a121ecf9efb075b8300c52d82ed990626fb&username_hash=e2f888cf370b546e50b4cd75d54123dc5dbb8a32&password_hash=079f277fa3c27cb64d89f9c8725c6d439af60e5e&bin_no=558265&bank_name=Bank%20of%20Ocean%20View&bank_phone=212-500-2489&card_hash=503e3a5e2e56fddf429e1c94e23f3b294bc5491a&avs_result=Y&cvv_result=M&user_order_id=7893&amount=99.95&quantity=1¤cy=USD&department=Online+Store&payment_mode=creditcard");
		HttpURLConnection conn = (HttpURLConnection) url.openConnection();
		conn.setRequestMethod("GET");
		conn.setRequestProperty("Accept", "application/json");

		if (conn.getResponseCode() != 200) {
			throw new RuntimeException("Failed : HTTP error code : " + conn.getResponseCode());
		}

		BufferedReader br = new BufferedReader(new InputStreamReader(
			(conn.getInputStream())));

		String output;

		while ((output = br.readLine()) != null) {
			System.out.println(output);
		}

		conn.disconnect();

	  } catch (MalformedURLException e) {

		e.printStackTrace();

	  } catch (IOException e) {
		e.printStackTrace();
	  }
	}
}
Imports System.Net
Imports System.Security.Cryptography

Partial Public Class _Default
	Inherits System.Web.UI.Page

	Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
		Dim request As HttpWebRequest = Nothing
		Dim response As Net.HttpWebResponse = Nothing
		Dim stream As IO.Stream = Nothing

		Dim apiKey As String = "Enter_License_Key"
		Dim format As String = "json"
		Dim ip As String = Page.Request.UserHostAddress()
		Dim billingCity As String = "Cleveland"
		Dim billingState As String = "OH"
		Dim billingZIPCode As String = "44115"
		Dim billingCountry As String = "US"
		Dim shippingAddress As String = "4987 Bingamon Road"
		Dim shippingCity As String = "Cleveland"
		Dim shippingState As String = "OH"
		Dim shippingZIPCode As String = "44115"
		Dim shippingCountry As String = "US"
		Dim emailDomain As String = "gmail.com"
		Dim phone As String = "440-5551961"
		Dim emailHash As String = fraudlabspro_hash("user@gmail.com")
		Dim usernameHash As String = fraudlabspro_hash("kevinowen")
		Dim passwordHash As String = fraudlabspro_hash("3X2hd8cWNw9q")
		Dim binNo As String = "558265"
		Dim bankName As String = "Bank of Ocean View"
		Dim bankPhone As String = "212-500-2489"
		Dim cardHash As String = fraudlabspro_hash("5582657189029269")
		Dim avs As String = "Y"
		Dim cvv As String = "M"
		Dim userOrderId As String = "7893"
		Dim amount As String = "99.95"
		Dim quantity As String = "1"
		Dim currency As String = "USD"
		Dim department As String = "Online Store"
		Dim paymentMode As String = "creditcard"

		request = Net.WebRequest.Create("https://api.fraudlabspro.com/v1/order/screen?key=" & apiKey & _
		"&format=" & System.Web.HttpUtility.UrlEncode(format) & _
		"&ip=" & System.Web.HttpUtility.UrlEncode(ip) & _
		"&bill_city=" & System.Web.HttpUtility.UrlEncode(billingCity) & _
		"&bill_state=" & System.Web.HttpUtility.UrlEncode(billingState) & _
		"&bill_zip_code=" & System.Web.HttpUtility.UrlEncode(billingZIPCode) & _
		"&bill_country=" & System.Web.HttpUtility.UrlEncode(billingCountry) & _
		"&ship_addr=" & System.Web.HttpUtility.UrlEncode(shippingAddress) & _
		"&ship_city=" & System.Web.HttpUtility.UrlEncode(shippingCity) & _
		"&ship_zip_code=" & System.Web.HttpUtility.UrlEncode(shippingZIPCode) & _
		"&email_domain=" & System.Web.HttpUtility.UrlEncode(emailDomain) & _
		"&user_phone=" & System.Web.HttpUtility.UrlEncode(phone) & _
		"&email_hash=" & System.Web.HttpUtility.UrlEncode(emailHash) & _
		"&username_hash=" & System.Web.HttpUtility.UrlEncode(usernameHash) & _
		"&password_hash=" & System.Web.HttpUtility.UrlEncode(passwordHash) & _
		"&bin_no=" & System.Web.HttpUtility.UrlEncode(binNo) & _
		"&bank_name=" & System.Web.HttpUtility.UrlEncode(bankName) & _
		"&bank_phone=" & System.Web.HttpUtility.UrlEncode(bankPhone) & _
		"&card_hash=" & System.Web.HttpUtility.UrlEncode(cardHash) & _
		"&avs_result=" & System.Web.HttpUtility.UrlEncode(avs) & _
		"&cvv_result=" & System.Web.HttpUtility.UrlEncode(cvv) & _
		"&user_order_id=" & System.Web.HttpUtility.UrlEncode(userOrderId) & _
		"&amount=" & System.Web.HttpUtility.UrlEncode(amount) & _
		"&quantity=" & System.Web.HttpUtility.UrlEncode(quantity) & _
		"¤cy=" & System.Web.HttpUtility.UrlEncode(currency)) & _
		"&department=" & System.Web.HttpUtility.UrlEncode(department)) & _
		"&payment_mode=" & System.Web.HttpUtility.UrlEncode(paymentMode))

		request.Method = "GET"
		response = request.GetResponse()

		Dim reader As System.IO.StreamReader = New IO.StreamReader(response.GetResponseStream())

		Page.Response.Write(reader.ReadToEnd)
	End Sub

	Private Function fraudlabspro_hash(ByVal s As String) As String
		Dim i As Integer = 0
		Dim hash As String = "fraudlabspro_" + s

		For i = 1 To 65536
			hash = Me.SHA1("fraudlabspro_" + hash)
		Next

		Return hash
	End Function

	Private Function SHA1(ByVal s As String) As String
		Dim sha As New SHA1CryptoServiceProvider
		Dim bytes() As Byte
		Dim x As String = ""

		bytes = System.Text.Encoding.ASCII.GetBytes(s)
		bytes = sha.ComputeHash(bytes)

		For Each b As Byte In bytes
			x += b.ToString("x2")
		Next

		Return x
	End Function
End Class
using Microsoft.VisualBasic;
using System;
using System.Collections;
using System.Collections.Generic;
using System.Data;
using System.Diagnostics;
using System.Net;
using System.Security.Cryptography;

public partial class _Default : System.Web.UI.Page
{

	protected void Page_Load(object sender, System.EventArgs e)
	{
		HttpWebRequest request = null;
		System.Net.HttpWebResponse response = null;
		System.IO.Stream stream = null;

		string apiKey = "";
		string format = "json";
		string ip = Page.Request.UserHostAddress();
		string billingCity = "Cleveland";
		string billingState = "OH";
		string billingZIPCode = "44115";
		string billingCountry = "US";
		string shippingAddress = "4987 Bingamon Road";
		string shippingCity = "Cleveland";
		string shippingState = "OH";
		string shippingZIPCode = "44115";
		string shippingCountry = "US";
		string emailDomain = "gmail.com";
		string phone = "440-5551961";
		string emailHash = fraudlabspro_hash("user@gmail.com");
		string usernameHash = fraudlabspro_hash("kevinowen");
		string passwordHash = fraudlabspro_hash("3X2hd8cWNw9q");
		string binNo = "558265";
		string bankName = "Bank of Ocean View";
		string bankPhone = "212-500-2489";
		string cardHash = fraudlabspro_hash("5582657189029269");
		string avs = "";
		string cvv = "";
		string userOrderId = "7893";
		string amount = "99.95";
		string quantity = "1";
		string currency = "USD";
		string department = "Online Store";
		string paymentMode = ""creditcard;

		request = System.Net.WebRequest.Create("https://api.fraudlabspro.com/v1/order/screen?key=" + apiKey + "&format=" + System.Web.HttpUtility.UrlEncode(format) + "&ip=" + System.Web.HttpUtility.UrlEncode(ip) + "&bill_city=" + System.Web.HttpUtility.UrlEncode(billingCity) + "&bill_state=" + System.Web.HttpUtility.UrlEncode(billingState) + "&bill_zip_code=" + System.Web.HttpUtility.UrlEncode(billingZIPCode) + "&bill_country=" + System.Web.HttpUtility.UrlEncode(billingCountry) + "&ship_addr=" + System.Web.HttpUtility.UrlEncode(shippingAddress) + "&ship_city=" + System.Web.HttpUtility.UrlEncode(shippingCity) + "&ship_zip_code=" + System.Web.HttpUtility.UrlEncode(shippingZIPCode) + "&email_domain=" + System.Web.HttpUtility.UrlEncode(emailDomain) + "&user_phone=" + System.Web.HttpUtility.UrlEncode(phone) + "&email_hash=" + System.Web.HttpUtility.UrlEncode(emailHash) + "&username_hash=" + System.Web.HttpUtility.UrlEncode(usernameHash) + "&password_hash=" + System.Web.HttpUtility.UrlEncode(passwordHash) + "&bin_no=" + System.Web.HttpUtility.UrlEncode(binNo) + "&bank_name=" + System.Web.HttpUtility.UrlEncode(bankName) + "&bank_phone=" + System.Web.HttpUtility.UrlEncode(bankPhone) + "&card_hash=" + System.Web.HttpUtility.UrlEncode(cardHash) + "&avs_result=" + System.Web.HttpUtility.UrlEncode(avs) + "&cvv_result=" + System.Web.HttpUtility.UrlEncode(cvv) + "&user_order_id=" + System.Web.HttpUtility.UrlEncode(userOrderId) + "&amount=" + System.Web.HttpUtility.UrlEncode(amount) + "&quantity=" + System.Web.HttpUtility.UrlEncode(quantity) + "¤cy=" + System.Web.HttpUtility.UrlEncode(currency) + "&department=" + System.Web.HttpUtility.UrlEncode(department) + "&payment_mode=" + System.Web.HttpUtility.UrlEncode(paymentMode));

		request.Method = "GET";
		response = request.GetResponse();

		System.IO.StreamReader reader = new System.IO.StreamReader(response.GetResponseStream());

		Page.Response.Write(reader.ReadToEnd());
	}

	private string fraudlabspro_hash(string s)
	{
		int i = 0;
		string hash = "fraudlabspro_" + s;

		for (i = 1; i <= 65536; i++) {
			hash = this.SHA1("fraudlabspro_" + hash);
		}

		return hash;
	}

	private string SHA1(string s)
	{
		SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider();
		byte[] bytes = null;
		string x = "";

		bytes = System.Text.Encoding.ASCII.GetBytes(s);
		bytes = sha.ComputeHash(bytes);

		foreach (byte b in bytes) {
			x += b.ToString("x2");
		}

		return x;
	}
	public _Default()
	{
		Load += Page_Load;
	}
}
import httplib
import urllib
import hashlib

def fraudlabspro_hash(s):
		hash = "fraudlabspro_" + s

		for i in range(65536):
				hash = hashlib.sha1("fraudlabspro_" + hash).hexdigest()

		return hash


p = { 'key': 'Enter_License_Key', 'format': 'json', 'ip': '8.8.8.8', 'bill_city': 'Cleveland', 'bill_state': 'OH', 'bill_zip_code': '44115', 'bill_country': 'US', 'ship_addr': '4987 Bingamon Road', 'ship_city': 'Cleveland', 'ship_state': 'OH', 'ship_zip_code': '44115', 'ship_country': 'US', 'email_domain': 'gmail.com', 'user_phone': '440-5551961', 'email_hash': fraudlabspro_hash('user@gmail.com'), 'username_hash': fraudlabspro_hash('kevinowen'), 'password_hash': fraudlabspro_hash('3X2hd8cWNw9q'), 'bin_no': '558265', 'bank_name': 'Bank of Ocean View', 'bank_phone': '212-500-2489', 'card_hash': fraudlabspro_hash('5582657189029269'), 'avs_result': 'Y', 'cvv_result': 'M', 'user_order_id': '7893', 'amount': '99.95', 'quantity': '1', 'currency': 'USD', 'department': 'Online Store', 'payment_mode': 'creditcard' }

conn = httplib.HTTPConnection("api.fraudlabspro.com")
conn.request("GET", "/v1/order/screen?" + urllib.urlencode(p))
res = conn.getresponse()
print res.read()