**Last updated**: 30 September 2025 | [**Change log**](/products/fraudsight/changelog/) # Payment update `POST` your request to the `fraudsight:payment` action link. ## Payment update example request POST `https://try.access.worldpay-bsh.securedataplatform.com/fraudsight/update/payment` Payment update request body: ## Schema Full [API Reference here](/products/fraudsight/openapi) ```json { "$ref": "#/components/schemas/fraudsight_updatePayment", "components": { "schemas": { "transactionReference": { "maxLength": 64, "minLength": 1, "pattern": "^[-A-Za-z0-9_!@#$%()*=.:;?\\[\\]{}~`/+]*$", "type": "string", "description": "A unique reference for authentication. For example, e-commerce order code." }, "entity": { "maxLength": 64, "minLength": 1, "pattern": "^[A-Za-z0-9 ]*$", "type": "string", "description": "Used to route the request in Access Worldpay, created as part of on-boarding." }, "fraudsight_updatePayment": { "required": [ "transactionReference", "merchant", "riskProfile", "paymentOutcome" ], "type": "object", "properties": { "transactionReference": { "$ref": "#/components/schemas/transactionReference" }, "merchant": { "required": [ "entity" ], "type": "object", "description": "An object that contains information about the merchant and API level configuration.", "properties": { "entity": { "$ref": "#/components/schemas/entity" } } }, "riskProfile": { "maxLength": 2048, "minLength": 39, "type": "string", "format": "uri", "description": "Represents the outcome of the original fraud assessment. Used to link subsequent Fraud related requests." }, "paymentOutcome": { "enum": [ "authorized", "refused" ], "type": "string", "description": "Outcome of the payment authorization." }, "refusalCode": { "type": "string", "maxLength": 2048, "minLength": 1, "description": "The refusal response code from the acquirer.", "example": "5" }, "refusalDescription": { "type": "string", "maxLength": 2048, "minLength": 1, "description": "The description of the 'refusalCode'.", "example": "REFUSED" }, "cvcResult": { "enum": [ "matched", "not_matched", "not_checked", "not_supplied" ], "type": "string", "description": "Outcome of the CVC check." }, "avsResult": { "type": "object", "description": "Object containing outcome of the address verification service check.", "properties": { "address": { "enum": [ "matched", "not_matched", "not_checked", "not_supplied" ], "type": "string", "description": "Outcome of the address check." }, "postcode": { "enum": [ "matched", "not_matched", "not_checked", "not_supplied" ], "type": "string", "description": "Outcome of the postcode check." } } }, "authentication": { "type": "object", "description": "Include this object if 3DS authentication details were part of the payment.", "properties": { "version": { "maxLength": 10, "minLength": 5, "pattern": "^([0-9]{1,3})(\\.)([0-9]){1,3}(\\.)([0-9]{1,3})*$", "type": "string", "description": "3DS version used by issuer, e.g. `1.0.2`, `2.1.0` or `2.2.0`." }, "eci": { "maxLength": 2, "minLength": 2, "enum": [ "00", "01", "02", "05", "06", "07" ], "type": "string", "description": "Electronic Commerce Indicator (ECI). Outcome of the 3DS authentication as applied in the payment.\n - 02 or 05 - Fully Authenticated Transaction\n - 01 or 06 - Attempted Authentication Transaction\n - 00 or 07 - Non 3-D Secure Transaction\n - Mastercard - 02, 01, 00\n - Visa - 05, 06, 07\n - Amex - 05, 06, 07\n - JCB - 05, 06, 07\n - Diners - 05, 06, 07\n" } } } } } } } } ``` ## Payment update responses Best practice Access Worldpay returns a `WP-CorrelationId` in the headers of service responses. We **highly recommend** you log this. The `WP-CorrelationId` is used by us to examine individual service requests. The response status is `200 OK`.