**Last updated**: 30 September 2025 | [**Change log**](/products/fraudsight/changelog/) # Fraud update `POST` your request to the `fraudsight:fraud` action link. ## Fraud update example request POST `https://try.access.worldpay-bsh.securedataplatform.com/fraudsight/update/fraud` Fraud update request body: ## Schema Full [API Reference here](/products/fraudsight/openapi) ```json { "$ref": "#/components/schemas/fraudsight_updateFraud", "components": { "schemas": { "transactionReference": { "maxLength": 64, "minLength": 1, "pattern": "^[-A-Za-z0-9_!@#$%()*=.:;?\\[\\]{}~`/+]*$", "type": "string", "description": "A unique reference for authentication. For example, e-commerce order code." }, "entity": { "maxLength": 64, "minLength": 1, "pattern": "^[A-Za-z0-9 ]*$", "type": "string", "description": "Used to route the request in Access Worldpay, created as part of on-boarding." }, "value": { "required": [ "amount", "currency" ], "type": "object", "description": "An object that contains information about the value of the assessment.", "properties": { "amount": { "maximum": 99999999999, "minimum": 0, "type": "integer", "description": "The authentication amount. This is a whole number with an exponent, e.g. if exponent is two, 250 is 2.50. You can find the relevant exponent in our [currency table](/products/reference/supported-countries-currencies#iso-currency-codes). The assessment amount should be equal to the authorization amount. We recommend you delay assessment until the amount is known, or ensure it's greater than the total transaction amount." }, "currency": { "maxLength": 3, "minLength": 3, "pattern": "^[A-Z]{3}$", "type": "string", "description": "The three digit currency code. See list of [supported currencies](/products/reference/supported-countries-currencies#iso-currency-codes)." } } }, "fraudsight_updateFraud": { "required": [ "transactionReference", "merchant", "riskProfile", "source", "sourceDate", "acquirerReference", "fraudReasonCode", "value" ], "type": "object", "properties": { "transactionReference": { "$ref": "#/components/schemas/transactionReference" }, "merchant": { "required": [ "entity" ], "type": "object", "description": "An object that contains information about the merchant and API level configuration.", "properties": { "entity": { "$ref": "#/components/schemas/entity" } } }, "riskProfile": { "maxLength": 2048, "minLength": 39, "type": "string", "format": "uri", "description": "Represents the outcome of the original fraud assessment. Used to link subsequent Fraud related requests." }, "source": { "enum": [ "SAFE", "TC40" ], "type": "string", "description": "Source format of confirmed fraud cases." }, "sourceDate": { "maxLength": 20, "type": "string", "format": "date-time", "description": "Date/time of source fraud file (TC40/SAFE)." }, "acquirerReference": { "maxLength": 128, "minLength": 1, "type": "string", "description": "Acquirer Reference Number (ARN) - unique value assigned to a credit or debit card transaction." }, "fraudReasonCode": { "maxLength": 16, "minLength": 1, "type": "string", "description": "Visa and Mastercard reason codes:\n\n| FraudReasonCode | FraudReasonDescription | | | |\n|-----------------|---------------------------------------|---|---|---|\n| 00 | Lost | | | |\n| 01 | Stolen | | | |\n| 02 | Card not received | | | |\n| 03 | Fraudulent application | | | |\n| 04 | Counterfeit | | | |\n| 05 | Account Takeover | | | |\n| 06 | Cardholder not present | | | |\n| 07 | Imprinting of multiple sale drafts | | | |\n| 08 | Other | | | |\n| 900 | Lost | | | |\n| 901 | Stolen | | | |\n| 902 | Card not received | | | |\n| 903 | Fraudulent application | | | |\n| 904 | Counterfeit | | | |\n| 905 | Account Takeover | | | |\n| 906 | Cardholder not present | | | |\n| 907 | Imprinting of multiple sale drafts | | | |\n| 908 | Other | | | |\n| 908 | Other | | | |\n| 919 | Other | | | |\n| A | Incorrect Processing | | | |\n| B | Account or Credentials Takeover Fraud | | | |" }, "value": { "$ref": "#/components/schemas/value" } } } } } } ``` ## Fraud update responses Best practice Access Worldpay returns a `WP-CorrelationId` in the headers of service responses. We **highly recommend** you log this. The `WP-CorrelationId` is used by us to examine individual service requests. The response status is `200 OK`.