Refund Abuse with Compensation Request

Merchants can use Forter to enforce refund policies at the point of a refund request

Refund Abuse Prevention Integration Guide Full Execution

The full Refund Abuse/INR Forter integration helps to prevent bad actors from exploiting customer-friendly returns/Item Not Received (INR) and refund policies by providing a decision at the time the consumer makes their compensation request (post purchase).

The full Returns Abuse Integration enables merchants to support a self-serve online experience so legitimate customers requests are approved without the need to reach out to customer service agents and without fear of being exploited by abusers.

  1. Front End Integration - Place Forter’s JavaScript snippet on your website (use our dedicated mobile SDKs for native mobile apps) to allow us to analyze customers’ profiles as necessary for trust assessments
  2. Order Validation API - Send Forter your basic order data to get a real-time trust assessment and recommendations
  3. Order Status API - Send Forter your post-order updates, including your payment authorization status (for pre-auth integrations) and order fulfillment status, and compensation status
  4. United Compensation Request API - The API should be used to enforce policies at the time a customer attempts to request a refund or make a return.

Integration Steps (Full Execution)

Step 1: Set Up Forter JavaScript Snippet

In your dedicated Forter portal, you will receive a JavaScript snippet for both sandbox and production. You'll paste the script on the appropriate pages of your site so that it can load and asynchronously collect important behavioral data from your customer. The script will also generate a unique token for each user on your site that should be included in the Validation API request.

Step 2: Validation API

**Validation API Request** The Validation API can be called _prior_ to or _after_ the call made to your payment gateway to authorize customer funds. This API is used to provide Forter with all relevant data points that will help Forter determine whether the entity conducting the transaction/engagement is legitimate or fraudulent. Key data points include:
  • Order ID - the unique identifier for the order in your system
  • Account Data - Information collected about the account owner such as the account owner name, email, etc..
  • Authorization Step - an indicator that the API is being called prior to authorization
  • Device and browsing data, to enable our system to distinguish between legitimate and suspicious signals
  • Payment Data such as Credit card BIN, last 4, expiration date ( Note - Forter is PCI DSS Level 1 Certified and does NOT collect the full credit card)
  • Billing Address details (when applicable)
  • Recipient details such as name, address, phone and email
  • Cart Item Data - details about the goods being purchased. Note some item data will depend on the vertical of the merchant (e.g. travel items contain different data than apparel items)

For more details and code samples please see our Validation API Reference.
Depending on your precise industry and use case, we may ask for some extra data points that aren’t in this table, but they’ll all be the same kind of information you see listed here - data points which have an obvious relevance and impact when it comes to making sure you can trust the right customers on your site.

In the case of a Pre-auth integration, Forter can return a decision and a recommendation prior to the PSP/gateway authorizing the payment. In some cases, we may request you make an extra API call post-auth, so we can incorporate the relevant new information from the auth request into our decisions.

Validation API Response
The API response will contain Forter's decision and applicable recommendations (for example, relating to policy enforcement or 3DS). We may ask your company to make an additional API call post-auth in order to provide an updated decision once supplemental data such as AVS/CVV check and 3DS data are available, as this data can play a helpful role in ensuring accurate decisions. For more details and code samples please see our Order Validation API Reference

Step 3: Order Status API

**Order Status API Request** The Order Status API is used to provide Forter with updates after the initial decision was made in order to provide valuable information to inform our decision models after the order was submitted. It does not provide updated decisions. We use the orderID provided in the Pre-Auth Validation API as the identifier to connect to the original order and ensure orders are tracked seamlessly.

Important data for this purpose includes:

  • orderId - of the full reservation details sent via order validation API
  • Order fulfillment data - most importantly ongoing updated on the fulfillment status using both the Forter standardized status types and the merchant free text status.

For more details and code samples please see our Order Status API Reference

  "orderId": "2356fdse0rr4",
  "eventTime": 1661893713000,
  "updatedStatus": "PROCESSING"

Order Status API Response
The response details whether or not the order status update was completed successfully. It will NOT return a new decision.

Step 4: Compensation Request API

The Unified Compensation Request (UCR) API is used to provide Forter with all information regarding customers’ requests for compensation (e.g. reship or refund) due to various service issues (e.g. item not received, items are missing or damaged, etc), including returns. The API supports 2 modes based on the merchant operational flows and ease of integration:
  • Item Level - compensation requests can be made on an item by item basis, and an order may recieve multiple compensation requests each with different items. Granularity of relevant information such as the type of compensation requested is detailed at the item level and may vary between items.
  • Order Level - compensation request is aggregated at the order level. A simpler approach where no item level data is shared with Forter

The UCR API response will contain Forter's decision regarding the compensation request and if applicable, a recommendation based on the customer's evaluation and merchant's business policies. Please see the Unified Compensation Request API Reference section for full API details.