minFraud Release Notes
Subscribe to the minFraud release notes RSS feed.
Data changes to minFraud Legacy web services
May 31, 2022In line with the announcement on our blog from 2020, there will be several changes to the data in our GeoIP Legacy web services beginning today. The following web services are affected:
- minFraud Legacy Standard or Premium
The following data changes have been made:
- Region codes: The legacy web services historically returned region codes in the FIPS 10-4 standard (for all countries except for the US and Canada). Now, region codes worldwide will be returned in the ISO 3166-2 standard.
- Area codes: Area code fields will now return blank.
- Country/Region/City names: Country, region, and city names will now come from GeoNames.
- IPv6: The minFraud Legacy services will now provide GeoIP Location Check outputs for IPv6 addresses.
For more information, read the full announcement on our blog from 2020.
Please note that associated changes to the GeoIP Legacy web services are also being made.
Expanded filtering options in the account portal for minFraud transactions
March 1, 2022The transaction review screen in your MaxMind account portal now has expanded options to filter your transactions. You may now filter transactions by:
- Account user ID: the user ID of the end-user who initiated the transaction
- Shop ID: used to identify the storefront or merchant associated with the transaction
- Credit card issuer ID: the issuer ID number (IIN), sometimes called a bank ID number (BIN) of the card used in the transaction
- Custom rule ID: the ID for the custom rule that was triggered for the transaction
minFraud services now handle 8 digit IINs
January 31, 2022We have updated the minFraud service to handle 8 digit credit card issuer ID numbers (IINs). These are non-breaking changes.
- The
credit_card/issuer_id_number
input can now receive 6 or 8 digits. - The
credit_card/last_4_digits
input has been renamedcredit_card/last_digits
, and receives 2 or 4 of the last digits of the credit card.- The
credit_card/last_4_digits
input will continue to work as an alias for the newcredit_card/last_digits
input.
- The
- In some cases with longer IINs we will truncate the
credit_card/last_digits
input so that we process only the data required for risk scoring. If we truncate the last digits, the minFraud service will return a warning message. - If you send 8 digits for the
credit_card/issuer_id_number
, but we do not recognize an 8 digit IIN, we will truncate the input to 6 digits. If we truncate the IIN, the minFraud service will return a warning message.
Learn more about how to pass the correct number of digits for credit card inputs in our developer portal:
You can read more about these changes in the announcement on our blog.
If you would like to learn more about how to properly handle credit card numbers, you can read more at pcisecuritystandards.org.
minFraud alerts webhook now supports signed requests
January 14, 2022minFraud alerts now support signed requests for webhook delivery. You can now set a secret, which can be used to verify the authenticity of a minFraud alert delivered via webhook. See our minFraud Alert documentation for instructions.
minFraud subscores are now minFraud risk factor scores
January 10, 2022We have renamed minFraud subscores to be "risk factor scores" to make it clearer that the scores returned in our minFraud Factors web service are actionable risk scores in their own right, similar to the IP risk score. You can learn more about all of minFraud's risk scores on our knowledge base.
Nothing has changed about how to use our web services, and no changes are
required to your current integration. Specifically, the JSON response for
minFraud Factors queries will continue to return risk factor scores in the
subscores
object. Learn more about the subscores
object.
This page was last updated on July 6, 2022.