All Products
Search
Document Center

Fraud Detection:Common parameters

Last Updated:Oct 09, 2023

This topic describes the common request parameters and common response parameters of the Fraud Detection API operations.

Common request parameters

The input parameters of the Fraud Detection API include common request parameters and specific service event parameters. Common request parameters are used by each API operation. The following table describes the common request parameters.

Parameter

Type

Required

Description

Format

String

Yes

The format in which to return the response. Valid values:

  • JSON (default value)

  • XML

Version

String

Yes

The version number of the API. The value is in the YYYY-MM-DD format. Set the value to 2018-09-19.

AccessKeyId

String

Yes

The AccessKey ID provided to you by Alibaba Cloud.

Signature

String

Yes

The signature string of the current request. For more information about how signatures are calculated, see Make API requests section 2.0.

SignatureMethod

String

Yes

The encryption method of the signature string. Set the value to HMAC-SHA1.

Timestamp

String

Yes

The timestamp of the request. Specify the time in the ISO 8601 standard in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC. For example, a value of 2019-08-22T01:44:35Z indicates 09:44:35 on August 22, 2019, UTC+8.

SignatureVersion

String

Yes

The version of the signature encryption algorithm. Set the value to 1.0.

SignatureNonce

String

Yes

A unique, random number used to prevent replay attacks. You must use different numbers for different requests.

Action

String

Yes

The operation that you want to perform. Set the value to ExecuteRequestSG or ExecuteRequestML.

Service

String

Yes

The service code issued by Alibaba Cloud Security. You cannot randomly set this code. The following list provides the codes for different Fraud Detection services:

  • Device Risk Detection: device_risk_pro

ServiceParameters

String

Yes

The list of service event parameters in the JSON format. Example: {"accountId":101234567 ... Other input parameters of the event}. For more information about the specific parameter names and values, see the following topics:

Sample request for Device Risk Detection:

    https://saf.{region}.aliyuncs.com/
    ? Format=JSON
    &Version=2020-07-06
    &Signature=vpEEL0zFHfxXYzSFV0n7%2FZiFL9o%3D 
    &SignatureMethod=Hmac-SHA1
    &SignatureNonce=15215528852396
    &SignatureVersion=1.0
    &Action=ExecuteRequest
    &AccessKeyId=1234567saf 
    &Timestamp=2021-06-01T12:00:00Z
    &Service=device_risk_pro
    &ServiceParameters={"deviceToken":10123567 ... Other input parameters of the event. For more information, see the event parameters of the specific service.}
                                

Common response parameters

Every response returns a unique RequestID regardless of whether the call is successful. The descriptions of other response parameters may vary depending on the service.

Sample response for Device Risk Detection - Advanced Edition in the JSON format:

{
 "RequestId": "52E3208D-E7BF-32F0-9913-2A168894D2D9",
 "Message": "OK",
 "Data": {
  "score":"",//Device Risk Detection does not return score
  "extend": "0f533f6056f50664b48f2b3866220f0f", //Unique device ID
  "tags": "is_rooted" //Reason code
 },
 "Code": 200 //Request succeed
}          
Note

Sample responses in this topic are formatted to improve readability. Actual responses are not formatted with line breaks or indentation.

Error codes

Code

Description

200

The request is successful.

400

The specified value of the ServiceParameters parameter is invalid.

402

The QPS exceeds the purchased threshold. Throttling is enabled.

403

The request does not have the required permissions. The service is not activated or has expired.

404

The specified value of the Service parameter is invalid.

500

An internal server error has occurred.