**Last updated**: 30 September 2025 | [**Change log**](/access/products/fraudsight/changelog/) # Fraud assessment `POST` your request to the `fraudsight:assess` action link. ## Assessment example request POST `https://try.access.worldpay.com/fraudsight/assessment` Risk assessment request body: Card Token Network token Card (masked) Card + SCA Exemption request View the full API request schema ## Assessment responses The response contains the outcome of your `assessment` request. Linking the payment You must apply the `riskProfile` from the FraudSight assessment response in the [Card Payments API](/access/products/card-payments/authorize-a-payment#fraudsight) to link the Worldpay payment. This allows the data model mature and identify fraudulent transactions. Alternatively make additional [FraudSight update](/access/products/fraudsight/update) requests. See [linking the FraudSight assessment](/access/products/fraudsight/assessment#linking-the-fraudsight-assessment) for details. Note: * When manually created risk assessment rules are triggered, the `score` is ignored. It is therefore possible to see an assessment with a low score but still with a `highRisk` outcome. * The `outcome` is always specific to the fraud assessment. If an exemption is provided the `exemption.type` and `exemption.placement` is included in the response. * We return a `WP-CorrelationId` in the headers of service responses. We **highly recommend** you log this. We can use the `WP-CorrelationId` to examine individual service requests. lowRisk ```json { "outcome": "lowRisk", "transactionReference": "123456", "score": 44.2, "riskProfile": { "href": "https://access.worldpay.com/riskprofile/eyJrIjoxLCJkIjoialRBL0FFelBzcnZ" } } ``` highRisk ```json { "outcome": "highRisk", "transactionReference": "123456", "reason": [ "Recent unexpected card activity" ], "score": 97.4, "riskProfile": { "href": "https://access.worldpay.com/riskprofile/eyJrIjoxLCJkIjoialRBL0FFelBzcnZ" } } ``` review ```json { "outcome": "review", "transactionReference": "123456", "reason": [ "Recent unexpected card activity" ], "score": 85.5, "riskProfile": { "href": "https://access.worldpay.com/riskprofile/eyJrIjoxLCJkIjoialRBL0FFelBzcnZ" } } ``` If the `exemption` object is used in the request: lowRisk + exemption(authorization/lowValue) ```json { "outcome": "lowRisk", "transactionReference": "123456", "score": 44.2, "exemption": { "placement": "authorization", "type": "lowValue" }, "riskProfile": { "href": "https://access.worldpay.com/riskprofile/eyJrIjoxLCJkIjoialRBL0FFelBzcnZ" } } ``` lowRisk + exemption(authorization/lowRisk) ```json { "outcome": "lowRisk", "transactionReference": "123456", "score": 44.2, "exemption": { "placement": "authorization", "type": "lowRisk" }, "riskProfile": { "href": "https://access.worldpay.com/riskprofile/eyJrIjoxLCJkIjoialRBL0FFelBzcnZ" } } ``` lowRisk + exemption(authentication/lowRisk) ```json { "outcome": "lowRisk", "transactionReference": "123456", "score": 44.2, "exemption": { "placement": "authentication", "type": "lowRisk" }, "riskProfile": { "href": "https://access.worldpay.com/riskprofile/eyJrIjoxLCJkIjoialRBL0FFelBzcnZ" } } ``` highRisk + exemption ```json { "outcome": "highRisk", "transactionReference": "123456", "reason": [ "Recent unexpected card activity" ], "score": 97.4, "exemption": { "placement": "authorization", "type": "lowValue" }, "riskProfile": { "href": "https://access.worldpay.com/riskprofile/eyJrIjoxLCJkIjoialRBL0FFelBzcnZ" } } ``` review + exemption ```json { "outcome": "review", "transactionReference": "123456", "reason": [ "Recent unexpected card activity" ], "score": 85.5, "exemption": { "placement": "authorization", "type": "lowValue" }, "riskProfile": { "href": "https://access.worldpay.com/riskprofile/eyJrIjoxLCJkIjoialRBL0FFelBzcnZ" } } ``` View the full API response schema ## Linking the FraudSight assessment To improve future risk assessments we need to know the outcome of the payment authorization. - If you are using our [Card Payments API](/access/products/card-payments/), apply the `riskProfile` provided in the [payment authorization](/access/products/card-payments/authorize-a-payment#fraudsight) request. - If you are using another payment provider use the [FraudSight update](/access/products/fraudsight/update) resources. ## Applying the exemption (if applicable) This is only a consideration if you're using the `exemption` object in the request: #### If the placement is `authorization` * apply the `riskProfile` in the [payment authorization](/access/products/card-payments/authorize-a-payment#fraudsight) request In the event that the exemption is not successful (honoured + authorized) when applied to the payment, the issuer responds with a soft decline ([refusal code 65](/access/products/reference/refusal-response)). The next logical step is to proceed with [3DS authentication](/access/products/3ds). #### If the placement is `authentication` * set the `challenge.preference` in the [3DS authentication](/access/products/3ds/web/authentication) to `noChallengeRequestedTRAPerformed` * apply the `riskProfile` in the [payment authorization](/access/products/card-payments/authorize-a-payment#fraudsight) request #### If no exemption is provided * perform [3DS authentication](/access/products/3ds) * apply the `riskProfile` in the [payment authorization](/access/products/card-payments/authorize-a-payment#fraudsight) request. Without this, the data model will not improve over time **Next steps** [FraudSight testing](/access/products/fraudsight/testing)