How can we help?

Ask a question or search our knowledge base:

How do I model my checkout flow

Here are the two common flows and how our customers model them. Note that the interaction is the same whether you have a website, a native mobile app (iOS, Android, etc), or both.

You want to get a Sift Score before contacting the payment gateway

  1. Your user clicks "submit order" on your app or website, which sends a message to your server (backend) to process a user's order.
  2. Send Sift a $create_order from your backend, and get a risk assessment in the response. This order should include all payment methods that will be used for the order.
  3. If you cancel the order for suspicion of fraud, end here.
  4. If you don't cancel the order for suspicion of fraud, contact your payment gateway from your backend to run a sale on the CC.
  5. Send Sift a $transaction from your backend with the result of the payment gateway interaction with the $order_id.
  6. If the order had multiple payment methods, send a $transaction from your backend to Sift for each of the methods. For example, if a gift card was used in addition to a CC, send a $transaction to capture the application of the gift card.

You want to contact the payment gateway before getting a Sift Score

  1. Your user clicks "submit order" on your app or website, which sends a message to your server (backend) to process the order.
  2. You contact your payment gateway from your backend to run an authorization or sale.
  3. If failed, send Sift a $transaction from your backend without an $order_id. There is no need to continue unless the user tries again with a new payment method (in which case, start back at step 1).
  4. If successful, send Sift a $transaction from your backend with the $order_id from the newly generated order.
  5. Once you get an HTTP 200 on the $transaction request, send Sift a $create_order from your backend, and get a risk assessment in the response. This order should include all payment methods that will be used for the order.
  6. If you cancel the order for suspicion of fraud, contact the payment gateway from your backend to refund the sale or void the authorization. Send Sift a $transaction with $transaction_status : "$void" if there was a pending authorization, or with $transaction_status "$refund" if you already captured payment and so are doing a refund here.
  7. If you don't cancel the order for suspicion of fraud and you still need to do a capture - if you only did an auth in step 2 - send Sift a $transaction from your backend with the result of the capture.
  8. If the order had multiple payment methods, send a $transaction from your backend to Sift for each of the methods. For example, if a gift card was used in addition to a CC, send a $transaction to capture the application of the gift card.

Notes:

  • If a user pays for an order with multiple payment methods, send one $transaction per payment method.
  • If a user makes a change to their order after the fact, such as updating the shipping address for the order, send an $update_order event.
  • If you don't think you fit into one of these flows, fill out a support ticket and we'll be happy to talk through how best to fit your case.
Have more questions? Submit a request