Learn about the integrated risk screening flows.
In integrated mode, the transaction risk screening service is seamlessly embedded within the payment processing flow. This means that risk assessment is automatically triggered as part of the transaction lifecycle — either before or after authorisation — without requiring separate API calls by you.
When you use integrated mode, the risk screening is built directly into PXP's payment processing workflow. You simply call the standard Transactions API, and PXP automatically handles the risk screening behind the scenes. Based on your configured assessment mode (pre-authorisation or post-authorisation), PXP will trigger the fraud check at the appropriate point in the payment lifecycle and apply the decisioning logic you've defined.
- Simplified integration: No need to manage separate risk screening API calls — it's all handled within the standard payment flow.
- Consistent enforcement: Risk screening rules are automatically applied to every qualifying transaction, ensuring comprehensive fraud protection without manual intervention.
In the pre-authorisation flow, the transaction is evaluated for fraud before the payment authorisation request is initiated. You collect device and transaction data, then call the provider's Risk screening API. If the transaction is deemed low-risk, you proceed with payment authorisation. Otherwise, the transaction is blocked before it reaches the issuer.
Key benefits:
- Prevents high-risk transactions from being authorised.
- Saves processing and chargeback costs.
- Reduces fraud at the entry point.
A Session ID is generated and device data is collected.
The customer enters their payment details and initiates the transaction.
You call PXP's Transactions API passing the Session ID (from the device data collection process) and other transaction data.
PXP performs the following checks before proceeding:
- Confirms the merchant's subscription to the transaction risk screening service.
- Validates that the assessment mode is set to
pre-authorisation.
If the transaction qualifies, it's sent to the third-party provider for risk assessment.
The provider returns a risk decision:
- If the outcome is
Accept, PXP proceeds with the authorisation request to the issuer and then relays the final authorisation status (ApprovedorRefused) back to you. - If the outcome is
Reject, PXP returns aRefusedstatus to you, preventing further processing.
A feedback call is made to the provider to update transaction outcome data.
In the post-authorisation flow, the risk screening takes place after the payment has been authorised by the issuer. Once approved, you trigger the Risk screening API. Based on the risk outcome, the transaction can either be captured or voided.
Key benefits:
- Useful when immediate authorisation is required.
- Adds a fraud check layer before final settlement.
- Allows you to reverse transactions that are deemed risky.
A Session ID is generated and device data is collected.
The customer enters their payment details and initiates the transaction.
You send an authorisation request to PXP using the standard Transactions API.
If the transaction is declined by the issuer, the flow ends and PXP returns a Refused status to you. No further action is taken.
If the transaction is authorised, PXP proceeds with risk evaluation.
PXP performs the following checks before proceeding:
- Confirms your subscription to the transaction risk screening service.
- Validates that the assessment mode is set to
post-authorisation.
If the transaction qualifies, it's sent to the third-party provider for risk assessment.
The provider returns a risk decision:
- If the outcome is
Accept, PXP returns the authorisation statusApprovedto you and captures the transaction. - If the outcome is
Reject, PXP returns aRefusedstatus to you and cancels the transaction.
A feedback call is made to the provider to update transaction outcome data.