By continuing your navigation on our website, you consent to the use of cookies to provide you with better services. To learn more, read our cookies policy.
x
APIs
Products & Solutions
Partner
Support
Sign in
Search
International
中国站
Open API >Security & Risk >Fraud Transaction Inquiry
Fraud Transaction Inquiry
Security & Risk Acquirer
Fraud Transaction API supports Acquirers to inquiry the reported fraudulent transactions in timely manner.
Sandbox Testing
API Introduction
API Introduction
What is it?

Unionpay Internatial Risk Management System (RMS) provides API for fraud transaction queries. Members with fraud transaction query demands can choose to inquire the fraudulent transactions via API service. In addition, UnionPay also provide portal for members to search for fraudulent transactions. UPI members without user account of our portal can send email to apply


At present, UnionPay provides a risk management system to Acquirers which can inquire the fraudulent transaction data that occurs in its merchant or terminal through the Fraud Reporting Management System (FRMS) and use these fraud data for internal analysis. 


For members who has habits of using API services, it is highly recommended to use this fraudulent transaction inquiry function.


Key Features

High efficiency in inquires;


Acquiers can store and use the fraudulent transactions for internal risk analysis .


When to Use it?

Acquirers can use fraud transaction inquiry API to acknowledge the reported fraudulent transactions in timely manner, so as to analyse the fraud risk situation based on the reported fraudulent transactions, then take proper measures to merchants with high fraud rate and take the acquirers’ fraud risk under control.

Who Use it?
Acquirers
Where to Use it?
This API is available globally except for mainland China
Flow Chart
Flow Chart

流程图.png

1. Acquirer sends fraud transaction inquiry request to UPI; 

2. UPI responds with detailed infomation.
API Reference
API Reference
  • FRAUD_TRANSACTION_INQUIRY
Interface description
The interface provides fraud transaction details of the specified Acquirer within an assigned period.
Request Method
HTTP POST
Request Parameter
Field name Identifier Type Length Request Default value Note
Acquirer ID acquirerID AN 1-11 O:Optional “00030344” The Identification Code of the inquired Acquiring Institution.Note:The Acquirer ID shall be the subsidiary of APPID or APPID itself defined in the HTTP header.
Fraud Transaction Reporting Date fraudTxnReportDate N 8 M:Mandatory “20200601” The reporting date of the fraud transaction.
Synchronous Response parameters
Filed name Identifier Type Length Request Default value Note
Message Response  msgResponse  Object M:Mandatory
Response Code responseCode AN 2 M:Mandatory "00" It contains a code that defines the response to a request. Please refer to the Definition of Elements in Message Response for the valid values.
Response Message responseMsg S 1-100 M:Mandatory "Approved" It contains the request result and the rejection reason if the request fails. The value of this field can be displayed by the Gateway to notify the user of the request outcome. Please refer to the Definition of Elements in Message Response for details.
Error Details errorDetail S 1-255 O:Optional “The Issuer response is time out.” It contains additional detail regarding the problem identified in the message. The information is only for debug purpose. It shall not be displayed to the user.Please refer to the Definition of Elements in Message Response for examples.
Fraud Transaction List fraudTxnList Array M:Mandatory
Fraud Transaction Reporting Date fraudTxnReportDate N 8 M:Mandatory “20200601” The reporting date of the fraud transaction.
Fraud Transaction Reporting IIN fraudTxnReportIIN AN 11 M:Mandatory “00010344” The fraud transaction reporting institution.
Issuer IIN issuerIIN AN 1-11 M:Mandatory “00020344” The Issuer Institution Identification Code.
Acquirer IIN acquirerIIN AN 1-11 M:Mandatory “00030344” The Acquiring Institution Identification Code.
PAN pan ANS 13-19 M:Mandatory “621234xxxxxx0000” The user’s PAN. The first six digits and the last four digits are plaintext and the other digits are masked with alpha “x”.
Card Attribute cardAttribute N 2 M:Mandatory “01” Valid Values: • “00”: "Unknown"; • “01”: "Credit card"; • “02”: "Debit card"; • “03”: "Quasi credit card"; • “04”: "Credit/Debit card"; • “05”: "Prepaid card"
Transaction Channel txnChannel N 2 M:Mandatory Valid Values: • “01”: "ATM"; • “02”: "POS"; • “06”: "Counter"; • “07”: "PC"; • “08”: "Mobile phone"; Note:For the definition of the other valid values, please refer to F60.2.5 Terminal Type in Technical Specifications on Bankcard Interoperability, Part II Online Message.
Transaction Transmission Date and Time txnDateTime N 10 M:Mandatory The system working date and time of the transaction initiator. Format: MMDDhhmmss
Transaction Amount txnAmt N 12 M:Mandatory Transaction amount. There is no decimal point in this field, and the decimal place is based on the transaction currency.
Transaction Currency txnCurrency AN 3 M:Mandatory “156” A 3-digit numeric value, as defined by [ISO 4217], that indicates the currency code of the transaction.
Billing Amount billingAmt N 12 M:Mandatory Cardholder billing amount. There is no decimal point in this field, and the decimal place is based on the cardholder billing currency.
Billing Currency billingCurrency AN 3 M:Mandatory “840” A 3-digit numeric value, as defined by [ISO 4217], that indicates the currency code of the card account.
Settlement Amount settlementAmt N 12 M:Mandatory Settlement amount. There is no decimal point in this field, and the decimal place is based on the cardholder billing currency.
Settlement Currency settlementCurrency AN 3 M:Mandatory “840” A 3-digit numeric value, as defined by [ISO 4217], that indicates the currency code of the card account.
Settlement Date settlementDate N 4 M:Mandatory This field is the transaction settlement date between the Acquirer and the Issuer. Format: MMDD
Merchant Category Code mcc N 4 M:Mandatory The service range and type of a Merchant.
POS Entry Mode posEntryMode Object M:Mandatory
PAN/token Entry Mode panEntryMode N 2 M:Mandatory “02” Valid Values:• “01”: Manual; • “02”: Magnetic stripe read; • “03”: Consumer-presented QR Code (QRC), chip information included; • “04”: Consumer-presented QRC (barcode also), chip information excluded; • “05”: Consumer-presented QRC (barcode also), chip information excluded; • “07”: qUICS Debit/Credit Integrated Circuit Card read (contactless); • “90”: Magnetic stripe data read and reliable; Track 2 data must exist; • “93”: Merchant-presented QRC, chip information included; • “94”: Merchant-presented QRC (barcode also), chip information excluded; • “95”: Integrated circuit card, card data may be unreliable (contact); • “98”: Standard UICS Debit/Credit Integrated Circuit Card read (contactless)
PIN Entry Mode pinEntryMode N 1 M:Mandatory “1” Valid Values: • “0”: Unknown; • “1”: PIN included in the transaction; • “2”: PIN excluded in the transaction
Retrieval Reference Number rrn AN 12 M:Mandatory A system reference number assigned by the acquiring institution to locate the original transaction.
System Trace Number traceNumber N 6 M:Mandatory A series of numbers filled by the transaction initiator, and the combination set of this Field with Transmission Date and Time, Acquirer IIN, and Forwarding IIN is the unique identifier of a transaction.
Merchant ID merchantID ANS 1-15 M:Mandatory The unique identification code of the Merchant in the acquiring institution network.
Merchant Name merchantName ANS 1-40 M:Mandatory The Merchant’s name/location.
Terminal ID terminalID ANS 8 M:Mandatory The unique code for each terminal in the network of the acquiring institution.
Fraud Type fraudType N 2 M:Mandatory “04” Valid Values: • “01”: "Lost or Stolen Card"; • “02”: "Never-received-issue Card"; • “31”: "Fraudulent Application"; • “04”: "Counterfeit Card"; • “08”: "Account Takeover"; • “63”: "Merchant Fraud"; • “80”: "CNP(Card not present)"; • “07”: "Others"
Security Requirement
Security Requirement

UnionPay International has adopted unified security requirement, please refer to UPI Server-based API General Requirements  for signature and encryption guide.
Steps to Launch
Steps to Launch

If you are UPI Acquirer member, please contact operation team by submitting orders in Support Center.
  • Contact Us
  • If you have any further questions, please register and submit order in your user center.
©Copyright 2002 - 2023. All rights reserved