Signifyd driver for the Omnifraud PHP fraud prevention library
Omnifraud is an fraud prevention livrary for PHP. It aims at providing a clear and consisten API for interacting with different fraud prevention service.
composer require omnifraud/signifydThe Signifyd fraud service driver implements the following methods:
trackingCode ,validateRequest, updateRequest, getRequestExternalLink, cancelRequest.
The only method that is left empty is logRefusedRequest as it is not a needed for Signifyd.
The SignifydService constructor accepts the following configuration values (these are the default values):
$service = new KountService([
'apiKey' => null, // Signifyd API key
'caseUrl' => 'https://app.signifyd.com/cases/%d', // Url where cases are visible
//...
]);NOTE: Anything supported by the official SignifydSettings class can be passed a config
You can use the validateRequest to submit a request, method to get an async response that will need to be updated later.
Signifyd recommends sending as much fields as possible, take a look at this example to learn about all the fields.
<?php
$request = new \Omnifraud\Request\Request();
// Set request informations
$request->getPayment()->setBin('1234');
// Etc... Anything provided in the request is sent to Signifyd, except the billing address phone number
// Send the request
$service = new \Omnifraud\Signifyd\SignifydService($serviceConfig);
$response = $service->validateRequest($request);
// Should always be true for a first request
if ($response->isPending()) {
// Queue job for later update
}Signifyd always answers with an Async response, so you will need to refresh the request in order to get the answer, this is best done by queueing a job.
You can also use this method to get the request result later on (for example if you sent it for manual evaluation).
$service = new \Omnifraud\Signifyd\SignifydService($serviceConfig);
$request = new \Omnifraud\Request\Request();
$request->setUid($requestUid);
$response = $service->updateRequest($request);
// Use for updating
$requestUid = $response->getRequestUid();
if ($response->isPending()) {
// Retry later
return;
}
$score = $response->getScore(); // Signifyd score divided by 10, 100 is best, 0 is worst
$guaranteed = $response->isGuaranteed(); // If covered by Signifyd guaranteeNOTE: The response from updateRequest can still be async, if this is the case, it means you have to retry later.
If you are refunding or cancelling an order, it is a good idea to cancel the guarantee as Signifyd will refund the fee.
$service = new \Omnifraud\Signifyd\SignifydService($serviceConfig);
$request = new \Omnifraud\Request\Request();
$request->setUid($requestUid);
try {
$service->cancelRequest($request);
} catch(\Omnifraud\Request\RequestException $e) {
// Something went wrong
}Session id (or Device Fingerprint)
You implement the frontend code in order to track devices pre-purchase.
<script>
<?= $fraudService->trackingCode(ServiceInterface::PAGE_CHECKOUT, $_COOKIE['sessionId']); ?>
</script>
Then you will need to add the sessionId to the request:
// Retrieve the session ID with some method, it can come from server side cookies/session also
$request->setSession($_COOKIE['sessionId']);In order to get the link to view a case on Signifyd, you just need the UID:
$service = new \Omnifraud\Kount\KountService($serviceConfig);
$url = $service->getRequestExternalLink($requestUid);