How to integrate FraudLabs Pro fraud detection with BluePay payment?

Description: This tutorial demonstrate you on how to integrate FraudLabs Pro fraud detection into BluePay payment.

PHP

Create a new table to store the transaction value of FraudLabs Pro and BluePay payment processing. This table will be used during the settlement, void or refund process.

CREATE TABLE `fraudlabs_pro` (
	`flp_transaction_id` CHAR(15) NOT NULL,
	`flp_status` VARCHAR(10) NOT NULL,
	`bluepay_transaction_id` VARCHAR(15) NOT NULL
	PRIMARY KEY (`flp_transaction_id`)
)
COLLATE='utf8_general_ci'
ENGINE=MyISAM;

Download FraudLabs Pro PHP class from http://www.fraudlabspro.com/downloads/FraudLabsPro.class.php.zip

Integrate FraudLabs Pro fraud detection logic with your BluePay code. This code will perform a simple validation check of one credit card purchase and perform the appropriate action based on the fraud validation result.

// Include FraudLabs Pro library
require_once 'PATH_TO_FRAUDLABSPRO/lib/FraudLabsPro.class.php';

// Include BluePay library
require_once 'PATH_TO_BLUEPAY/lib/BluePayPayment_BP10Emu.php';

// Create a free user account at http://www.fraudlabspro.com, if you do not have one
$fraud = new FraudLabsPro('use_your_fraudlabspro_api_key');

// Check this transaction for possible fraud. FraudLabs Pro support comprehensive validation check,
// and for this example, we only perform the IP address, BIN and billing country validation.
// For complete validation, please check our developer page at http://www.fraudlabspro.com/developer
$fraudResult = $fraud->check(array(
	'ipAddress' => $_SERVER['REMOTE_ADDR'],
	'creditCardNumber' => $_POST['cardNumber'],
	'billingCountry' => $_POST['country'],
	'amount' => $_POST['amount']
));

// This transaction is legitimate, let's submit to BluePay
if($fraudResult->fraudlabspro_status == 'APPROVE'){
	$payment = new BluePayPayment_BP10Emu(
		'your_bluepay_account_id',
		'your_bluepay_secret_key',
		'TEST' // Use TEST for development and LIVE for production
	);

	$payment->setCustomerInformation(
		$_POST['firstName'],
		$_POST['lastName'],
		$_POST['address1'],
		$_POST['address2'],
		$_POST['state'],
		$_POST['zipCode'],
		$_POST['country']
	);

	$payment->setCCInformation(
		$_POST['cardNumber'],
		$_POST['cardMonthYear'],
		$_POST['cardCVV']
	);

	$payment->sale($_POST['amount']);
	$payment->process();

	// Payment approved
	if($payment->getStatus() == "APPROVED"){
		// Capture the payment
		$capture = new BluePayPayment_BP10Emu(
			'your_bluepay_account_id',
			'your_bluepay_secret_key',
			'TEST' // Use TEST for development and LIVE for production
		);

		$capture->capture($payment->getTransID());
		$capture->process();
	}
}

// Transaction has been rejected by FraudLabs Pro based on your custom validation rules.
elseif($fraudResult->fraudlabspro_status == 'REJECT'){
	/*
	Do something here, try contact the customer for verification
	*/
}

// Transaction is marked for a manual review by FraudLabs Pro based on your custom validation rules.
elseif($fraudResult->fraudlabspro_status == 'REVIEW'){
	// Authorize this order with BluePay first
	$payment = new BluePayPayment_BP10Emu(
		'your_bluepay_account_id',
		'your_bluepay_secret_key',
		'TEST' // Use TEST for development and LIVE for production
	);

	$payment->setCustomerInformation(
		$_POST['firstName'],
		$_POST['lastName'],
		$_POST['address1'],
		$_POST['address2'],
		$_POST['state'],
		$_POST['zipCode'],
		$_POST['country']
	);

	$payment->setCCInformation(
		$_POST['cardNumber'],
		$_POST['cardMonthYear'],
		$_POST['cardCVV']
	);

	$payment->sale($_POST['amount']);
	$payment->process();

	// Payment approved
	if($payment->getStatus() == "APPROVED"){
		try{
			// Initial MySQL connection
			$db = new PDO('mysql:host=your_database_host;dbname=your_database_name;charset=utf8', 'your_database_user', 'your_database_password');
			$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

			// Store the transaction information for decision making
			$st = $db->prepare('INSERT INTO `fraudlabs_pro` VALUES (:flpId, :flpStatus, :bluepayId)');
			$st->execute(array(
				':flpId'=>$fraudResult->fraudlabspro_id,
				':flpStatus'=>$fraudResult->fraudlabspro_status,
				':bluepayId'=>$payment->getTransID()
			));
		}
		catch(PDOException $e){
			// MySQL error
			die($e->getFile() . ':' . $e->getLine() . ' ' . $e->getMessage());
		}
	}
}

Now, we are going to create a callback page to receive the review action, APPROVE or REJECT, performed by the merchant.

Note: You need to configure the callback URL at the FraudLabs Pro merchant area->settings page. It has to be pointed to the location where you hosted this "fraudlabspro-callback.php" file. Below is the sample code for fraudlabspro-callback.php

$id = (isset($_POST['id'])) ? $_POST['id'] : '';
$action = (isset($_POST['action'])) ? $_POST['action'] : '';

if($id && in_array($action, array('APPROVE', 'REJECT'))){
	try{
		// Initial MySQL connection
		$db = new PDO('mysql:host=your_database_host;dbname=your_database_name;charset=utf8', 'your_database_user', 'your_database_password');
		$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

		// Get the BluePay Transaction ID
		$st = $db->prepare('SELECT * FROM `fraudlabs_pro` WHERE `flp_transaction_id`=:flpId AND `flp_status`=\'REVIEW\'');
		$st->execute(array(
			':flpId'=>$id
		));

		if($st->rowCount() == 1){
			$row = $st->fetch(PDO::FETCH_ASSOC);

			require_once 'PATH_TO_BLUEPAY/lib/BluePayPayment_BP10Emu.php';

			if($action == 'REJECT'){
				// Merchant rejected the order. Void the transaction in BluePay
				$void = new BluePayPayment_BP10Emu(
					'your_bluepay_account_id',
					'your_bluepay_secret_key',
					'TEST' // Use TEST for development and LIVE for production
				);

				$void->void($row['bluepay_transaction_id']);
				$void->process();
			}
			else{
				// Merchant approved the order. Capture the transaction
				$capture = new BluePayPayment_BP10Emu(
					'your_bluepay_account_id',
					'your_bluepay_secret_key',
					'TEST' // Use TEST for development and LIVE for production
				);

				$capture->capture($row['bluepay_transaction_id']);
				$capture->process();
			}

			// Update database
			$st = $db->prepare('UPDATE `fraudlabs_pro` SET `flp_status`=:action WHERE `flp_transaction_id`=:flpId');
			$st->execute(array(
				':flpId'=>$id,
				':action'=>$action
			));
		}
	}
	catch(PDOException $e){
		// MySQL error
		die($e->getFile() . ':' . $e->getLine() . ' ' . $e->getMessage());
	}
}

If there is a need to issue a refund of a settled transaction, below is the sample code of how to accomplish it.

try{
	// Initial MySQL connection
	$db = new PDO('mysql:host=your_database_host;dbname=your_database_name;charset=utf8', 'your_database_user', 'your_database_password');
	$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

	// Get the BluePay transaction ID based on the FraudLabs Pro ID
	$st = $db->prepare('SELECT * FROM `fraudlabs_pro` WHERE `flp_transaction_id`=:flpId');
	$st->execute(array(
		':flpId'=>$_POST['flpId']
	));

	if($st->rowCount() == 1){
		$row = $st->fetch(PDO::FETCH_ASSOC);

		require_once 'PATH_TO_BLUEPAY/lib/BluePayPayment_BP10Emu.php';

		$refund = new BluePayPayment_BP10Emu(
			'your_bluepay_account_id',
			'your_bluepay_secret_key',
			'TEST' // Use TEST for development and LIVE for production
		);

		$refund->capture($row['bluepay_transaction_id']);
		$refund->process();

		// Update database
		$st = $db->prepare('UPDATE `fraudlabs_pro` SET `flp_status`=\'REFUNDED\' WHERE `flp_transaction_id`=:flpId');
		$st->execute(array(
			':flpId'=>$_POST['flpId']
		));
	}
}
catch(PDOException $e){
	// MySQL error
	die($e->getFile() . ':' . $e->getLine() . ' ' . $e->getMessage());
}

Micro Plan

Free fraud prevention plan to start protecting your business from fraud.


Sign Up Now