Credentials
To configure a Sift connection, you need to set the following credentials. Each of these can be found in the Sift portal under the Developer menu.Merchant information
Additionally, some optional merchant configuration can be set.Decision mapping
Decisions received from Sift are mapped to the decisions according to the following logic.
If any of the data requirements below are not met, the decision is
skipped. Additionally,
if a decision could not be made but has been marked for review, a review status is returned.
All decisions need to set the Entity to Orders, otherwise the mapping between
the Sift decision won’t be possible and it’ll be considered an error.
Webhooks for manual review
To enable manual review you need to set up webhooks from your anti-fraud service to the system. This webhook is used to notify the system when a review is accepted or rejected. To get the webhook URL, head over to your connection by going to Connections -> [Anti-Fraud connection] -> Synchronization and copy the webhook URL. Next, login to Sift portal and navigate to the Automate -> Decisions panel to set a payment abuse event for both a blocked and an accepted review. Click on Create Decision, and fill in the following.- Set the Entity to Orders
- Set the category to Block or Accept
- Set the webhook URL to the one copied from the dashboard
- Sift’s webhook version 1.2 is required. Please contact Sift support to confirm the version used.
- Set a name and description
Rejections
An order can be auto-rejected by sending arejected_by_gr4vy_payment_abuse decision to Sift. This is
sent when the transaction is declined or the payment service. To handle this event, please
set up a decision for payment abuse in the Sift portal.
Login to Sift portal and navigate to the Automate -> Decisions panel to
set a payment abuse event for a blocked
transaction.
Click on Create Decision, and fill in the following.
- Set the Entity to Orders
- Set the category to Block
- Leave the webhook URL empty
- Set the name to Rejected by Gr4vy
Device fingerprinting
The use of device fingerprinting is highly recommended when using Sift. Please refer to the device fingerprinting guide for more information on the universal solution. If needed, you could load the fingerprint script for Sift directly and pass the_session_id
value as the anti_fraud_fingerprint to the new transaction API.