Transaction Screening

Screen transactions for risk and retrieve transaction risk assessments.

Submit Transaction

Process a new transaction and receive an immediate risk assessment for merchant payments. This endpoint enables real-time fraud detection for payment transactions in merchant environments.

Endpoint


POST /v1/transaction

Request Schema

Field	Type	Required	Description
`id`	string	Yes	Unique transaction identifier
`userId`	string	Yes	User identifier
`status`	enum	Yes	Transaction status: `PENDING`, `APPROVED`, `DECLINED`, `FAILED`, `CANCELED`
`currencyCode`	string	Yes	ISO 4217 currency code
`amount`	number	Yes	Transaction amount
`timestamp`	number	No	Unix epoch milliseconds (preferred over deprecated createdAt)
`userDeviceId`	string	No	Unique device identifier
`userDevice`	object	No	Complete user device information
`direction`	enum	No	Payment direction: `payin`, `payout`
`actionType`	string	No	Transaction type: `PURCHASE`, `REFUND`, `VOID`, etc.
`provider`	string	No	Payment method provider (e.g., `dlocal`, `stripe`)
`paymentMethod`	enum	No	Payment method: `crypto`, `wallet`, `bank`, `card`, `vas`, `ewa`, `cash`
`source`	string	No	Source of funds (e.g., `savings`, `checking`)
`accountId`	string	No	User account identifier
`merchantId`	string	No	Merchant identifier, this should be omitted if the merchant field is used
`merchant`	string	No	Complete Merchant object, if used omit the merchantId field. The Merchant can be sent via the /merchant endpoint, or using this field
`terminalId`	string	No	Terminal identifier
`externalId`	string	No	External transaction identifier
`billingAddress`	object	Billing address information
`recipient`	object	Details when recipient differs from sender

Additional identifiers like externalId can help link transactions across different systems

Payment Method Details

The request should include one of these payment method objects based on the paymentMethod field:

Field	Type	Description
`bank`	object	Bank payment details
`card`	object	Card payment details
`crypto`	object	Cryptocurrency payment details
`wallet`	object	Digital wallet payment details
`ewa`	object	Earned Wage Advance (EWA) payment details
`vas`	object	Value Added Services (VAS) payment details

The details specific to each payment method can be found in the Payment Method Schemas section below.

Recipient Details

There is also a recipient object which is only necessary if the recipient is different from the originating user

When sending funds to another party, include recipient information:

Field	Type	Description
`recipient.id`	string	Recipient identifier
`recipient.paymentMethod`	enum	Recipient payment method: `crypto`, `wallet`, `bank`, `card`
`recipient.bank`	object	Recipient bank details
`recipient.card`	object	Recipient card details
`recipient.crypto`	object	Recipient crypto details
`recipient.wallet`	object	Recipient wallet details

Example Request


{
  "id": "TXN123456",
  "userId": "USER789",
  "merchantId": "MERCH123456",
  "status": "APPROVED",
  "paymentMethod": "card",
  "card": {
    "id": "CARD789",
    "last4": "4321",
    "type": "CREDIT",
    "bin": "423456"
  },
  "terminalId": "TERM123",
  "amount": 1299.99,
  "currencyCode": "ZAR",
  "timestamp": 1734100200000,
  "actionType": "PURCHASE",
  "externalId": "EXT123456"
}

Example Responses

Low Risk Response


{
  "id": "TXN123456789",
  "riskLevel": "low",
  "recommendedAction": "ALLOW",
  "triggered": [],
  "timestamp": 1734100583000
}

High Risk Response


{
  "id": "TXN123456790",
  "riskLevel": "high",
  "recommendedAction": "REVIEW",
  "timestamp": 1734100583000,
  "triggered": [
    {
      "id": "TRIG123456",
      "name": "Transaction amount above threshold",
      "level": "high",
      "reason": "Transaction amount exceeds allowed purchase size",
      "recommendedAction": "REVIEW"
    }
  ]
}

Understanding Risk Levels

The response includes a risk assessment with five levels:

low: Minimal risk, transaction can proceed
medium_low: Slightly elevated risk, usually safe to proceed
medium: Moderate risk, may require additional verification
high: Significant risk, careful review recommended
very_high: Highest risk level, manual review strongly advised

Recommended Actions

Based on the risk assessment, you’ll receive one of these recommended actions:

ALLOW: Process the transaction normally
REVIEW: Flag for manual review
BLOCK: Reject the transaction
STEP_UP_AUTH: Request additional authentication
FLAG_FOR_MONITORING: Allow but monitor for suspicious patterns
REPORT_SUSPICIOUS: Consider reporting to appropriate authorities

These actions can be configured according to client requirements. Reach out to support@orca-fraud.com for customization options.

Error Response Format

See the Error Reference section for a full description of API errors. All API errors follow a consistent JSON structure:


{
  "error": {
    "type": "ERROR_TYPE",
    "message": "Human-readable error description",
    "details": ["Additional error details (optional)"]
  },
  "timestamp": 1755602195137
}

In the case of a validation error, the format will be as follows:


{
    "error": {
        "type": "VALIDATION_ERROR",
        "message": "Request validation failed",
        "details": [
            "/amount: Expected number to be greater or equal to 0"
        ]
    },
    "timestamp": 1755602195137
}

Update Transaction Endpoint

The update endpoint allows you to update transaction statuses and provide additional context about processed transactions. This data helps improve risk assessment accuracy over time.

Endpoint


POST /v1/transaction/update

Request Schema

Field	Type	Required	Description
`transactionId`	string	Yes	Transaction identifier to update
`status`	enum	No	Updated status: `PENDING`, `APPROVED`, `DECLINED`, `BLOCKED`, `FAILED`, `CANCELED`, `ABANDONED`
`timestamp`	number	No	Unix epoch milliseconds (defaults to current time if not provided)
`reason`	string	No	Optional reason for the update, usually a reason code
`description`	string	No	Optional textual description for the update
`type`	string	No	Optional type of update (e.g., `merchant_decision`, `manual_review`)
`isFraudulent`	boolean	No	Flag to indicate if the transaction is fraudulent, if applicable
`transaction`	object	No	Partial transaction object with updated fields since original processing

Transaction Update Fields

The transaction field accepts a partial transaction object containing only the fields that have been updated since the transaction was originally processed:

Field	Type	Description
`accountId`	string	Updated Account ID
`bank`	Bank Details Schema	Updated bank details
`card`	Card Details Schema	Updated card details
`vas`	VAS Details Schema	Updated VAS details
`cash`	Cash Details Schema	Updated cash details

Note: Only include fields in the transaction object that have actually changed since the original transaction was processed.

Example Update Request


{
  "transactionId": "TXN123456",
  "status": "APPROVED",
  "description": "Transaction approved after manual review",
  "reason": "Customer verification completed",
  "type": "manual_review",
  "isFraudulent": false,
  "timestamp": 1734167723000,
  "transaction": {
    "accountId": "ACC789456"
  }
}

Response

By default, this endpoint returns a simple success response:


{
  "status": "Success"
}

A validation error in the same structure as above will be returned should the request fail validation.

Monitoring Response

If monitoring is configured for your client on this endpoint, you will receive the same response structure as the transaction screening endpoint, including risk assessment:


{
  "id": "TXN123456",
  "riskLevel": "low",
  "recommendedAction": "ALLOW",
  "triggered": [],
  "timestamp": 1734167723000
}

Note: To enable monitoring on this endpoint and receive risk assessment responses, contact support@orca-fraud.com to configure this feature for your account.

Retrieve Transaction

Get risk assessment results for a specific transaction that has already been assessed.

Endpoint


GET /v1/transaction/{id}

Parameters

Parameter	Type	Required	Description
`id`	string	Yes	Transaction identifier

Example Response


{
  "id": "TXN123456",
  "riskLevel": "medium",
  "recommendedAction": "ALLOW",
  "timestamp": 1734100583000,
  "triggered": [
    {
      "id": "TRIG123456",
      "name": "Unusual hours for merchant",
      "level": "medium",
      "reason": "Merchant operating hours outside normal range",
      "recommendedAction": "ALLOW"
    }
  ]
}

Response Schema

Field	Type	Required	Description
`id`	string	Yes	Transaction identifier
`riskLevel`	enum	Yes	Risk level: `low`, `medium_low`, `medium`, `high`, `very_high`
`recommendedAction`	enum	Yes	Action to take: `ALLOW`, `REVIEW`, `BLOCK`, `STEP_UP_AUTH`, `FLAG_FOR_MONITORING`, `REPORT_SUSPICIOUS`
`triggered`	array	No	Array of triggered risk rules
`timestamp`	number	Yes	Unix epoch milliseconds

Note: Both the POST and GET transaction endpoints return the same response structure. This allows consistent handling of transaction risk assessments regardless of how they are retrieved.

Triggered Rule Schema

Field	Type	Description
`id`	string	Unique identifier for the triggered rule
`name`	string	Name of the triggered rule
`level`	enum	Rule severity: `low`, `medium_low`, `medium`, `high`, `very_high`
`reason`	string	Reason for the triggered rule
`recommendedAction`	enum	Suggested action: `ALLOW`, `REVIEW`, `BLOCK`, `STEP_UP_AUTH`, `FLAG_FOR_MONITORING`, `REPORT_SUSPICIOUS`

Merchant Schema

The Merchant details can either be sent via the /merchant endpoint, or in an object on the /transaction request. If the merchant object is used, please omit the root merchantId field in favour of merchant.id

Field	Type	Required	Description
`id`	string	Yes	Unique merchant identifier
`name`	string	Yes	Merchant business name
`status`	enum	Yes	Merchant status
`timestamp`	number	Yes	Unix timestamp in milliseconds
`riskLevel`	string	No	Pre-assigned risk level if available
`mcc`	string	No	Merchant Category Code
`tradingName`	string	No	DBA (Doing Business As) name
`organizationId`	string	No	Parent organization identifier
`posMode`	string	No	Point of Sale mode
`businessSegment`	string	No	Business industry segment
`averagePurchaseSize`	string	No	Average transaction size
`monthlyVolume`	string	No	Expected monthly transaction volume
`province`	string	No	Merchant location province/state
`country`	string	No	Merchant location country code
`paymentMethods`	array	No	Accepted payment methods include: `crypto`, `wallet`, `bank`, `card`, `cash`, `vas`, `ewa`
`registrationNumber`	string	No	Business registration/tax ID
`verificationStatus`	enum	No	Verification status: `PENDING`, `APPROVED`, `DECLINED`, `BLOCKED`
`accountNumber`	string	No	Merchant account number
`bankId`	string	No	Merchant bank identifier
`merchantId`	string	No	Merchant identifier as registered
`terminalId`	string	No	POS terminal initiating transaction
`agentId`	string	No	Identifier of agent or distributor

Payment Method Schemas

For each of the following schemas, no fields are required however some form of identifier that can be used to identify subsequent transactions is ideal.

Bank Details Schema

Field	Type	Description
`id`	string	Unique identifier for bank instrument
`accountNumber`	string	Bank account number
`routingNumber`	string	Bank routing number (ACH)
`currency`	string	Currency code of the account
`ibanFull`	string	Full IBAN number for international payments
`sortCode`	string	UK sort code if applicable
`accountType`	string	Type of account (checking/savings)
`accountHolderName`	string	Name of the account holder
`bankName`	string	Name of the bank
`bankBranch`	string	Name of the bank branch
`bankBranchCode`	string	Code identifying the specific bank branch

Card Details Schema

Field	Type	Description
`id`	string	Encrypted card identifier
`bin`	string	First six digits of card
`binCountry`	string	Country associated with the card BIN. This can be inferred if not sent.
`brand`	string	Card brand (e.g., Visa, Mastercard)
`last4`	string	Last four digits of card
`type`	string	Card type: `CREDIT`, `DEBIT`
`isDigitalWallet`	boolean	Indicates if this is from Google Pay/Apple Pay
`cardFingerprint`	string	Unique tokenized card identifier
`digitalWalletType`	string	Type of digital wallet if applicable
`digitalWalletToken`	string	Token or identifier from digital wallet if applicable

Crypto Details Schema

Field	Type	Description
`id`	string	Unique identifier for crypto instrument
`assetSymbol`	string/array	Cryptocurrency symbol(s) (e.g., BTC, ETH)
`network`	string	Blockchain network
`address`	string	Wallet address
`transactionHash`	string	Blockchain transaction hash (only on transactions)

Wallet Details Schema

Support for various wallet types, such as:

PIX (Brazil)
M-PESA (Kenya)

Field	Type	Description
`id`	string	Unique Wallet identifier
`tokenBrand`	string	Wallet brand (e.g., PIX)
`phone`	string	Phone number associated with wallet (in E.164 international format if applicable)
`phoneCountry`	string	Country code for phone (if not sent this can be inferred if phone is in E.164 international format)
`country`	string	Country code, kept separate for verification. Use if different from phoneCountry
`phoneProvider`	string	Mobile phone wallet provider if applicable
`currency`	string	Currency code for the wallet
`type`	string	Wallet type
`pixKey`	string	PIX key for PIX transactions
`taxNumberId`	string	Tax ID for PIX transactions

EWA (Earned Wage Access) Details Schema

Field	Type	Description
`id`	string	Unique identifier for EWA instrument
`employerId`	string	ID of the employer associated with the EWA

VAS (Value Added Service) Details Schema

Field	Type	Description
`id`	string	Unique identifier for voucher/VAS instrument
`voucherCode`	string	Unique code identifying the voucher
`voucherType`	enum	Type of voucher: `gift`, `discount`, `promotional`, `prepaid`, `service`
`issuer`	string	Company that issued the voucher
`recipient.email`	string	Email of gift voucher recipient
`recipient.phone`	string	Phone number of gift voucher recipient
`faceValue`	number	Original/nominal value
`currentBalance`	number	Remaining balance
`currency`	string	Currency code
`expiryDate`	number	Timestamp when voucher expires
`activationDate`	number	Timestamp when voucher became active
`status`	enum	Voucher status: `active`, `redeemed`, `expired`, `cancelled`, `pending`

Cash Details Schema

Field	Type	Description
`id`	string	Unique identifier for cash transaction
`agentId`	string	ID of the agent where cash was deposited
`type`	string	Type of cash transaction