Skip to main content
Version: v5

Transactions

Verify transactions, including logins and payments, by analyzing the behavioral pattern of each user and matching it to in-app transaction history. Transactions initiated at unfamiliar locations will increase the Incognia risk score and can be used to trigger step-up authentication.

We secure digital transactions by matching the historical location fingerprint and the transaction history of the initiating user, to their real-time location. Transactions initiated at unfamiliar locations will result in a higher risk score. In-store transactions are secured when we match the user's real-time location with the indicated store.

Prevent fraudsters from taking over user accounts by continually analyzing user location behavior. If Incognia detects suspicious location activity you can trigger additional authentication to confirm the user is legitimate.

Assess new transaction#

POST
https://incognia.inloco.com.br/api/v2/authentication/transactions

This method registers a new transaction for the given installation with the available information, returning a risk assessment and the evidence behind it.

Headers

Content-TypestringRequiredapplication/JSON
AuthorizationstringRequiredBearer token generated in Authenticating section.

Body Parameters

external_idstringOptionalClient provided transaction identifier which can be used for providing later feedbacks.
installation_idstringRequiredInstallation ID of the device from which the signup originates.
typestringRequiredType of the transaction. Both login and payment types are supported.
account_idstringRequiredID of the user account performing the transaction.
addressesarrayOptionalFor payment type, a list of addresses related to the transaction may be given. Address types supported are shipping, billing and home. At least one of address_coordinates or structured_address are required when declaring an address. Incognia recommends declaring both fields.
{  "installation_id": "LX2K9uIfkPIL2UIXxQCqSXDTPKkG8gLG2heKnlMrwAaCLV2KHxuji1WLElDrFBlWYJLCwbkghZVmp5WVb6UAjfxlgcExS3W1fgQ4j0ikcp7Z8x9dGTaYcVFXVf0fupbcvhI8Nh0RO9oy+3NavbBX7Q",  "account_id": "c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2",  "type": "login"}

Sample cURL:

curl -XPOST -H "Content-type: application/json" -H "Authorization: Bearer <token>" -d @body.json "https://incognia.inloco.com.br/api/v2/authentication/transactions"

Response body

For a 200-OK response, these are the fields you should expect as a result:

Response fieldTypeDescription
idstringUnique transaction identifier which can be used to verify if the assessment changed in later calls.
request_idstringUnique request identifier. Used for audit purposes.
risk_assessmentstringAssessment result. It may be one of high_risk, low risk, unknown risk. For more information refer to Understanding risk assessments.
evidenceobjectAn object with supporting evidence for the risk assessment. For more information refer to Understanding risk assessments.

Coming soon: get the latest transaction assessment#

GET
https://incognia.inloco.com.br/api/v2/authentication/transactions/{id}

This method allows you to query the latest assessment for a given transaction event, identified by its id.

Warning: This endpoint is coming soon. Please consult Incognia's team before using it.

Path Parameters

idstringRequiredTransaction ID of the event whose assessment is being queried.

Headers

AuthorizationstringRequiredBearer token generated in Authenticating section.

Sample cURL:

curl -H "Authorization: Bearer <token>" "https://incognia.inloco.com.br/api/v2/authentication/transactions/<id>"

Response body

For a 200-OK response, these are the fields you should expect as a result:

Response fieldTypeDescription
idstringUnique transaction identifier which can be used to verify if the assessment changed in later calls.
request_idstringUnique request identifier. Used for audit purposes.
risk_assessmentstringAssessment result. It may be one of high_risk, low risk, unknown risk. For more information refer to Understanding risk assessments.
evidenceobjectAn object with supporting evidence for the risk assessment. For more information refer to Understanding risk assessments.