Skip to main content
Version: v6


Risk decision feedback enables Incognia to continuously evaluate the quality of its risk assessments. The Incognia Feedback API was built to facilitate the sharing of risk feedback. Clients can send details about a risk decision when one of Incognia's APIs has been called or at any important event. For example, the Feedback API can notify Incognia when a new application, login or payment is approved or denied.

Send feedback


Reports an event related to signups, logins, transactions, etc.


AuthorizationstringRequiredBearer token generated in Authenticating section.

Query Parameters

dry_runstringOptionalUsed for testing purposes. If set to true the feedback won`t be persisted.

Body Parameters

external_idstringOptionalID provided by the client that identifies a transaction which risk assessment was provided by Incognia in the past.
login_idstringOptionalIf the feedback is related to a previously assessed login, inform the ID provided in Transaction API response.
payment_idstringOptionalIf the feedback is related to a previously assessed payment, inform the ID provided in the Transaction API response.
signup_idstringOptionalIf the feedback is related to a previously assessed sign-up, inform the signup_id provided in the Onboarding API response.
account_idstringOptionalUser account identifier. For more info refer to Account ID.
installation_idstringOptionalInstallation ID related to the event.
eventstringRequiredName of the event releated to the feedback. The accepted event types are described below.
timestamplongRequiredDate and time when the fraud or event happened in milliseconds since epoch.

Using cURL:

curl -v -X POST
-H "Content-Type: application/json"
-H "Authorization: Bearer {TOKEN}"
-d '{
"timestamp": 1610570403068,
"event": "signup_accepted",
"installation_id": "LX2K9uIfkPIL2UIXxQCqSXDTPKkG8gLG2heKnlMrwAaCLV2KHxuji1WLElDrFBlWYJLCwbkghZVmp5WVb6UAjfxlgcExS3W1fgQ4j0ikcp7Z8x9dGTaYcVFXVf0fupbcvhI8Nh0RO9oy+3NavbBX7Q",
"account_id": "214312130",
"signup_id": "5e76a7ca-577c-4f47-a752-9e1e0cee9e49"

Understanding event types

The event field possible values are described below:

Possible valueDescriptions
signup_acceptedThe account was successfully created as the client classified it as a trusted account.
signup_declinedThe account was not created as the client classified it as an account that could not be trusted.
payment_acceptedThe payment was successfully executed using Incognia risk assessment.
payment_accepted_by_third_partyThe payment was successfully executed as the client classified it as a trusted transaction.
payment_accepted_by_control_groupThe payment was successfully executed as the client classified it as a control group transaction.
payment_declinedThe payment was not executed.
payment_declined_by_risk_analysisThe payment was not executed due to potentially fraudulent behavior detected by some risk engine.
payment_declined_by_manual_reviewThe payment was not executed after being manually reviewed.
payment_declined_by_businessThe payment was not executed due to business reasons, like a missing product for example.
payment_declined_by_acquirerThe payment was not executed because the acquirer did not approve it.
login_acceptedThe account successfully logged in to the app as the client classified it as a trusted login.
login_declinedThe account did not log in to the app as the client classified it as a potentially fraudulent login.
verifiedThe client has verified that the new account is legitimate. Incognia recommends sending both the account_id and installation_id when using this event type.
identity_fraudThe account was created with fake or stolen data.
account_takeoverThe installation logged in to an account that doesn't belong to its owner. Besides the installation_id, Incognia recommends sending the account_id if possible.
chargeback_notificationA chargeback was issued by an external provider for the account.
chargebackA chargeback was issued by the credit card acquirer for the account.
mpos_fraudmPOS Fraud was detected.
challenge_passedThe user passed an authentication challenge.
challenge_failedThe user has failed an authentication challenge.
password_changed_successfullyThe user successfully changed his password.
password_change_failedThe user has failed the process to change his password.
promotion_abuseThe account has participated in a case of promotion abuse.