--- swagger: "2.0" info: description: The main aim of the micro service is to calculate the Fraud score for instant payments based on set of rules.
PCF Deployment Reference name -->RISK-D-FraudDiagnosis-INSTPYMT-XD-EA-EM version: 1.3.0 x-ibm-name: FraudDiagnosis_InstantPayment_CrossDomain_Domain title: FraudDiagnosis_InstantPayment_CrossDomain_Domain host: 127.0.0.1 schemes: - https basePath: /api produces: - application/json paths: /private/v1/fraudDiagnosis/instantPayments/fraudScore/retrieve: post: summary: This api will retrieve the rule details and fraud score for corresponding rules description: This api will retrieve the rule details and fraud score for corresponding rules operationId: RetrieveFraudDiagnosisInstantPaymentsFraudScore tags: - RISK parameters: - name: client_id in: header description: Client ID generated during application registration with the internal development portal. The internal API Gateway will authenticate the application using the client_id and client_secret. Required if accessing APIs via the internal API Gateway. required: false type: string - name: client_secret in: header description: Client Secret generated during application registration with the internal development portal. The internal API Gateway will authenticate the application using the client_id and client_secret. Required if accessing APIs via the internal API Gateway. required: false type: string - name: Accept in: header description: Content-Types that are acceptable for the response. Always pass application/json. type: string required: true - name: Accept-Language in: header description: List of acceptable human languages for response. type: string required: false - name: Content-Type in: header description: The MIME type of the body of the request (used with POST and PUT requests). Always pass application/json. type: string required: false - name: uuid in: header description: 128 bit random universally unique identifier (UUID) generated for every request. type: string required: true - name: sid in: header description: Session ID. type: string required: false - name: channelId in: header description: 'Registered channel ID for the consumer. Examples: HBK(CBOL), ECL(Eclipse), MBK(Mobile Banking).' type: string required: true - name: businessCode in: header description: 'Citi business codes. Examples: GCB, VMA, QCC.' type: string required: true - name: countryCode in: header description: 'Country code in ISO 3166 alpha-2 format. Examples: SG(Singapore), PH(Philippines), TH(Thailand).' type: string required: true - name: i-cif in: header description: Unique customer number generated by RM and used in other host systems. type: string required: false - name: x-userID in: header description: SOE ID of the user sending the request. Applicable only for assisted channels like Eclipse. type: string required: false - name: x-userDomicileBranchCode in: header description: Domicile branch code of the user sending the request. Applicable only for assisted channels like Eclipse. type: string required: false - name: x-userDomicileResponsibilityCentre in: header description: Responsibility centre of the user sending the request. Applicable only for assisted channels like Eclipse. type: string required: false - name: x-processingBranchCode in: header description: Branch code where the request is processed. Applicable only for assisted channels like Eclipse. type: string required: false - name: x-processingResponsibilityCentre in: header description: Responsibility centre of the branch where the request is processed. Applicable only for assisted channels like Eclipse. type: string required: false - name: x-userGroup in: header description: 'User group. Applicable only for assisted channels like Eclipse. Examples: CPC(CitiPhone), PWS(Branch), BKO (BackOffice), PWT (Teller), MSF(Mobile Sales Force).' type: string required: false - name: x-sessionLanguageCode in: header description: 'Session language code in ISO 639-1 format. Applicable only for assisted channels like Eclipse. Examples: EN(English), PL(Polish), RU(Russian), ES(Spanish).' type: string required: false - name: i-ccsid in: header description: Customer Credential Store (CCS) unique ID for userID/password. Can be used to uniquely identify a customer in CCS. type: string required: false - name: consumerOrgCode in: header description: Unique code to identify the consumer organization type: string required: false - name: clientDetails in: header description: This field is used to capture device,browser and network information. Refer the developer portal for more information.These are the fields which will be passed as part of the header devicePrint,deviceTokenCookie,userIpAddress,userAgent,hardwareId,simId,deviceModel,deviceName,deviceOsName,deviceOsVersion,multitaskingSupportFlag,languageSupport,wifiMacAddress,cellTowerId,locationAreaCode,rsaApplicationKey,wapClientId,mobileCarrierCode,mobileCountryCode,osId,geoLongitude,geoLatitude,geoHorizontalAccuracy,geoAltitude,geoAltitudeAccuracy,geoSpeed,geoTimestamp,geoStatus,basicServiceSetId,signalStrength,wifiChannel,serviceSetId type: string required: false - name: authorization in: header description: The most recent Authorization token type: string required: false - name: RetrieveFraudDiagnosisInstantPaymentsFraudScoreRequest in: body description: RetrieveFraudDiagnosisInstantPaymentsFraudScoreRequest required: true schema: $ref: '#/definitions/RetrieveFraudDiagnosisInstantPaymentsFraudScoreRequest' responses: 200: description: Successful operation. schema: $ref: '#/definitions/RetrieveFraudDiagnosisInstantPaymentsFraudScoreResponse' 204: description: No content 400: description:
TypeCodeDetails
invalidinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credential is missing or invalid
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetails
erroraccessNotConfiguredThe request operation is not configured to access this resource
schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetails
errorresourceNotFoundThe requested resource is not found
schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationsFailedBusiness validations failed
errorinvalidUniqueCaseReferenceNumberINVALID UNIQUE CASE REFERENCE NUMBER
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error
schema: $ref: '#/definitions/ErrorResponse' /private/v1/fraudDiagnosis/instantPayments/transactionDetail: post: summary: This api is to store Transaction Data and calculate the Fraud score for instant payments description: This api is to store Transaction Data and calculate the Fraud score for instant payments operationId: RecordFraudDiagnosisInstantPaymentsTransactionDetail tags: - RISK parameters: - name: client_id in: header description: Client ID generated during application registration with the internal development portal. The internal API Gateway will authenticate the application using the client_id and client_secret. Required if accessing APIs via the internal API Gateway. required: false type: string - name: client_secret in: header description: Client Secret generated during application registration with the internal development portal. The internal API Gateway will authenticate the application using the client_id and client_secret. Required if accessing APIs via the internal API Gateway. required: false type: string - name: Accept in: header description: Content-Types that are acceptable for the response. Always pass application/json. type: string required: true - name: Accept-Language in: header description: List of acceptable human languages for response. type: string required: false - name: Content-Type in: header description: The MIME type of the body of the request (used with POST and PUT requests). Always pass application/json. type: string required: false - name: uuid in: header description: 128 bit random universally unique identifier (UUID) generated for every request. type: string required: true - name: sid in: header description: Session ID. type: string required: false - name: channelId in: header description: 'Registered channel ID for the consumer. Examples: HBK(CBOL), ECL(Eclipse), MBK(Mobile Banking).' type: string required: true - name: businessCode in: header description: 'Citi business codes. Examples: GCB, VMA, QCC.' type: string required: true - name: countryCode in: header description: 'Country code in ISO 3166 alpha-2 format. Examples: SG(Singapore), PH(Philippines), TH(Thailand).' type: string required: true - name: i-cif in: header description: Unique customer number generated by RM and used in other host systems. type: string required: false - name: x-userID in: header description: SOE ID of the user sending the request. Applicable only for assisted channels like Eclipse. type: string required: false - name: x-userDomicileBranchCode in: header description: Domicile branch code of the user sending the request. Applicable only for assisted channels like Eclipse. type: string required: false - name: x-userDomicileResponsibilityCentre in: header description: Responsibility centre of the user sending the request. Applicable only for assisted channels like Eclipse. type: string required: false - name: x-processingBranchCode in: header description: Branch code where the request is processed. Applicable only for assisted channels like Eclipse. type: string required: false - name: x-processingResponsibilityCentre in: header description: Responsibility centre of the branch where the request is processed. Applicable only for assisted channels like Eclipse. type: string required: false - name: x-userGroup in: header description: 'User group. Applicable only for assisted channels like Eclipse. Examples: CPC(CitiPhone), PWS(Branch), BKO (BackOffice), PWT (Teller), MSF(Mobile Sales Force).' type: string required: false - name: x-sessionLanguageCode in: header description: 'Session language code in ISO 639-1 format. Applicable only for assisted channels like Eclipse. Examples: EN(English), PL(Polish), RU(Russian), ES(Spanish).' type: string required: false - name: i-ccsid in: header description: Customer Credential Store (CCS) unique ID for userID/password. Can be used to uniquely identify a customer in CCS. type: string required: false - name: consumerOrgCode in: header description: Unique code to identify the consumer organization type: string required: false - name: clientDetails in: header description: This field is used to capture device,browser and network information. Refer the developer portal for more information.These are the fields which will be passed as part of the header devicePrint,deviceTokenCookie,userIpAddress,userAgent,hardwareId,simId,deviceModel,deviceName,deviceOsName,deviceOsVersion,multitaskingSupportFlag,languageSupport,wifiMacAddress,cellTowerId,locationAreaCode,rsaApplicationKey,wapClientId,mobileCarrierCode,mobileCountryCode,osId,geoLongitude,geoLatitude,geoHorizontalAccuracy,geoAltitude,geoAltitudeAccuracy,geoSpeed,geoTimestamp,geoStatus,basicServiceSetId,signalStrength,wifiChannel,serviceSetId type: string required: false - name: authorization in: header description: The most recent Authorization token type: string required: false - name: RecordFraudDiagnosisInstantPaymentsTransactionDetailRequest in: body description: RecordFraudDiagnosisInstantPaymentsTransactionDetailRequest required: true schema: $ref: '#/definitions/RecordFraudDiagnosisInstantPaymentsTransactionDetailRequest' responses: 200: description: Successful operation. schema: $ref: '#/definitions/RecordFraudDiagnosisInstantPaymentsTransactionDetailResponse' 400: description:
TypeCodeDetails
invalidinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credential is missing or invalid
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetails
erroraccessNotConfiguredThe request operation is not configured to access this resource
schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetails
errorresourceNotFoundThe requested resource is not found
schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationsFailedBusiness validations failed
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error
schema: $ref: '#/definitions/ErrorResponse' definitions: RetrieveFraudDiagnosisInstantPaymentsFraudScoreResponse: properties: providerInfo: type: array items: $ref: '#/definitions/ProviderInfo' maxItems: 1 ruleDetail: description: Rules which are hit while scoring type: array items: type: string fraudScore: description: Fraudscore code with 16 digits type: string example: 45236541263FFFFFF ProviderInfo: properties: code: description: Codes for overridable host errors, warning messages, or additional info type: string detail: description: Description for the host error, warning, or additional info. type: string fieldId: description: The ICR step which generated the host error, warning, or additional info. type: string required: - code - detail RetrieveFraudDiagnosisInstantPaymentsFraudScoreRequest: properties: transactionData: type: array items: $ref: '#/definitions/TransactionData' maxItems: 1 transactionMessageExchangedata: type: array items: $ref: '#/definitions/TransactionMessageExchangeData' maxItems: 1 RecordFraudDiagnosisInstantPaymentsTransactionDetailRequest: properties: transactionData: type: array items: $ref: '#/definitions/TransactionData' maxItems: 1 transactionMessageExchangedata: type: array items: $ref: '#/definitions/TransactionMessageExchangeData' maxItems: 1 transactionStatusInfo: type: array items: $ref: '#/definitions/TransactionStatusInfo' maxItems: 1 RecordFraudDiagnosisInstantPaymentsTransactionDetailResponse: properties: providerInfo: type: array items: $ref: '#/definitions/ProviderInfo' maxItems: 1 TransactionStatusInfo: properties: transactionStatus: description: Status of the transaction type: string example: FAILURE transactionFailureCode: description: error Code for transaction status type: array example: "404" items: type: string maxItems: 1 transactionFailureDescription: description: error description for transaction status type: string example: Not Found TransactionMessageExchangeData: properties: summaryReasonCode: description: The summary reason codes generated by the customer's selected policy which triggered the rules. The summary reason code is used for the easy identification of a set of rules by using a common summary field for them. type: string example: I_01 policyScore: description: The policy score of the policy which is calculated based on the sum of the risk weights for each of the rules configured within it. type: integer deviceId: description: ExactID™ is a persistent global identifier which relies on a variety of persistent markers (browser cookies, Adobe Flash cookies, HTML 5 local storage) to allow ThreatMetrix to 100% accurately identify a device. type: string example: c7e0b1aa159b4e8bbb55daf0cb7d11b5 inputIpAddress: description: Ip address of the Txn originator type: string example: 192.168.2.3 inputIpGeo: description: The 2 character ISO2 country code of the True IP Address. type: string example: GB organizationIpAddress: description: Organisation Ip address type: string example: 192.168.2.3 trueClientIpAddress: description: The true client IP Address detected by ThreatMetrix type: string unknownSession: description: Indicates if the profiling attributes were not collected for the queried session (otherwise not present). type: string example: "NO" TransactionData: properties: transactionReferenceId: description: Refernce number type: string example: abcd1234 'customerNumber ': description: Customer Id /number type: integer example: 112223221 citiAccountNumber: description: Payee Account Number type: integer example: 112223221 otherBankAccountNumber: description: Beneficiary Account Number type: integer example: 626554412 otherBankCode: description: Bank Indicator Code/remitting Bank Indicator Code type: integer example: 10300022 otherBankMemberId: description: Customer Id of the Other Bank customer/remitter type: string example: SB12345 transactionAmount: description: Payment Amount type: number format: double example: 10300022 sourceSystemName: description: To Identify which system consuming the service type: string example: Mainframe transactionCurrencyCode: description: Payment Amount Currency type: string example: USD localCurrencyTransactionAmount: description: Payment amount in local currency type: number format: double example: 1030002.870000 availableBalanceAmount: description: Payee Account Balance type: number format: double example: 10300022.060000 accountBalanceCurrencyCode: description: Account Balance currency code type: string example: USD foreignExchangeRate: description: Foreign exchange conversion rate type: number format: double example: 0.000001 otherBankCustomerMobileNumber: description: Mobile phone number of the remitter type: integer example: 7356789123 otherBankCustomerName: description: Remitter's name type: string paymentMode: description: Payment mode of the transaction type: string example: Outgoing primaryMobileNumberUpdateCode: description: Primary Mobile Number Update status code type: string example: TC 8001 secondaryMobileNumberUpdateCode: description: Secondary Mobile Number Update status code type: string example: TC 8002 notificationDeactivationCode: description: Notification Deactivation status Code type: string example: TC 8009 accountOpeningTimestamp: description: Account Opening Date and Time type: string format: dateTime example: "2021-03-11 22:30:22" accountStatus: description: Account Status type: string example: ACTIVE payrollIndicator: description: Payroll Indicator type: string example: "N" ErrorResponse: properties: type: description: Invalid - Request did not confirm to the specification and was unprocessed and rejected. Please fix the value and try again enum: - error - warn - invalid - fatal type: string code: description: Error code which qualifies the error type: string details: description: Human readable explanation specific to the occurrence of the problem type: string location: description: The name of the field that resulted in the error type: string moreInfo: description: URI to human readable documentation of the error type: object x-ibm-configuration: enforced: true testable: true phase: realized security: - client_secret: [] client_id: [] securityDefinitions: client_secret: type: apiKey description: "" in: header name: X-IBM-Client-Secret client_id: type: apiKey description: "" in: header name: X-IBM-Client-Id x-ibm-endpoints: - endpointUrl: https://emea.sit.api.citi.com/gcb description: Custom Gateway API Endpoint type: - production - development ...