Sift is a technology company specializing in digital trust and safety. Founded in 2011
and headquartered in San Francisco, Sift provides machine learning-based fraud detection
and prevention solutions. Its platform helps businesses prevent various types of online
fraud, including payment fraud, account takeover, content abuse, and fake accounts.
If any of the data requirements below are not met, the decision will be
Credentials
To configure a Sift connection, you will need to set the following credentials. Each of these can be found in the Sift portal under the Developer menu.| Credential | Description |
|---|---|
| Account ID | Your unique Sift account ID |
| API key | The secret API key for use with the Sift API |
| Beacon Key | The secret key used to in the Sift JS fingerprinting snippet |
Merchant information
Additionally, some optional merchant configuration can be set.| Credential | Description |
|---|---|
| Site country ID | Country the company is providing service from. Use ISO-3166 country code. |
| Site domain | Domain being interfaced with. Use fully qualified domain name. |
Decision mapping
Decisions received from Sift are mapped to Gr4vy decisions according to the following logic.| Sift | Gr4vy |
|---|---|
accept | accept |
block | reject |
watch | review |
| other | error |
skipped. Additionally,
if a decision could not be made but has been marked for review, we will return a review status.
All decisions need to set the Entity to Orders, otherwise Gr4vy won’t be able to map between
from the Sift decision and it’ll be considered an error.
Webhooks for manual review
To enable manual review you will need to set up webhooks from your anti-fraud service to our system. This webhook is used to notify us when a review is accepted or rejected. To get the webhook URL, head over to your connection by going to Connections -> [Anti-Fraud connection] -> Synchronization and copy the webhook URL. Next, login to Sift portal and navigate to the Automate -> Decisions panel to set a payment abuse event for both a blocked and an accepted review. Click on Create Decision, and fill in the following.- Set the Entity to Orders
- Set the category to Block or Accept
- Set the webhook URL to the one copied from our dashboard
- We require Sift’s webhook version 1.2. Please contact Sift support to confirm the version used.
- Set a name and description
When a transaction is marked as in-review by Sift, and the manual review queue has been enabled, then Gr4vy will
hold the transaction in authorized state. If that authorization fails, or if a user manually
voids/captures the transaction in our dashboard, we usually reach out to the anti-fraud provider to clear
that review from the queue.This feature is not available for Sift, so please note that there might be orders on the
review queue that have actually already failed, been voided, or were captured.
Rejection by Gr4vy
Gr4vy can auto-reject an order by sending arejected_by_gr4vy_payment_abuse decision to Sift. This will
be sent when the transaction is declined by Gr4vy or the payment service. To handle this event, please
set up a decision for payment abuse in the Sift portal.
Login to Sift portal and navigate to the Automate -> Decisions panel to
set a payment abuse event for a blocked
transaction.
Click on Create Decision, and fill in the following.
- Set the Entity to Orders
- Set the category to Block
- Leave the webhook URL empty
- Set the name to Rejected by Gr4vy
Device fingerprinting
The use of device fingerprinting is highly recommended when using Sift. Please refer to our device fingerprinting guide for more information on our universal solution. If needed, you could load the fingerprint script for Sift directly and pass the_session_id
value as the anti_fraud_fingerprint to the new transaction API.