ThreatMetrix™

ThreatMetrix by LexisNexis® is a robust cybersecurity solution used to fortify Merchants and their associated Referrers/Facilitators against potential threats. Leveraging the ThreatMetrix™ integration on this platform, risk analysts can authenticate user identities and any suspicious activities to bolster transaction security by reviewing user behavior, and anomalies in Merchant actions, quickly identifying fraudulent activities.

Introduction to Profiling

Profiling is the process of placing tags within a web application specific to data processing. You will need to identify the pages in your web application that provide the optimal opportunity for profiling. Typically, profiling takes between 2 and 5 seconds to complete, so when selecting the page(s), typically, those containing forms that require the maximum data input will ensure that the visitor stays on the page for the time necessary to complete profiling.

Please note that the majority of profiling is completed within a fraction of a second but may take up to 5 seconds to collect the full set of profiling attributes. Below are some common examples of pages that can be used for this profiling tag placement:

  • Account Creation page - A page in which a visitor registers as a new user of a website.

  • Payments page - A page in which a payment, transaction, or checkout is processed.

  • Login page - A page in which a visitor logs into a website.


Integrate ThreatMetrix™ Session ID - Merchant Signup & New Transaction

Due to the integration method shown below to add a ThreatMetrix Session ID, there is no direct development work needed for PayFields, PayFrames, or any White-labeled Merchant Signup forms.

To integrate the ThreatMetrix™ Session ID, you’ll need to generate one. Use the following API call below to generate a new tmxSessionId value:

GET /tmxScriptInjection HTTP/1.1 Accept: application/json Content-Type: application/json Host: api-test.payrix.com APIKEY:{{private_api_key}}

Example Response

var __tmx_service_url__="https://h.online-metrix.net/fp/tags.js",__tmx_session_nscript_url__="https://h.online-metrix.net/fp/tags",__txm_org_id__="5mee3gqn",__tmx_session_id__="03d566ba-19a5-4459-9b29-5e2a4463f245";function autoLoadThreatMetrics(){const _=document.createElement("script");_.src=__tmx_service_url__.concat("?org_id="+__txm_org_id__).concat("&session_id="+__tmx_session_id__),document.head.appendChild(_)}autoLoadThreatMetrics();const iframeNoscript=document.createElement("noscript"),iframe=document.createElement("iframe"),tmxSessionIdHTML=(iframe.src=__tmx_session_nscript_url__.concat("?org_id="+__txm_org_id__).concat("&session_id="+__tmx_session_id__),iframe.style.display="none",iframeNoscript.appendChild(iframe),document.createElement("input"));tmxSessionIdHTML.type="hidden",tmxSessionIdHTML.name="__tmx__session__id",tmxSessionIdHTML.value=__tmx_session_id__,document.body.appendChild(iframeNoscript),document.body.appendChild(tmxSessionIdHTML),iframe.addEventListener("load",function(){console.log("Threat Metrics are set.")});

Gather the tmx_session_id__ value from the following section of the response body:

tmx_session_id__="03d566ba-19a5-4459-9b29-5e2a4463f245"

Note: The tmx_session_id value will be different each time the endpoint is called.

Then use this value as the valid value for the tmxSessionId parameter when performing either of the following API requests to integrate the ThreatMetrix™ Session ID:

  • POST /merchants - New Merchant Signup

  • POST /txns - New Transaction