Guides
Log into Sandbox

Messaging Service for Payment Risk Platform

Suggest Edits

👍

Availability

This product is accessible to all financial institutions, whether you manage your own fraud policy or utilize Galileo’s managed services.

Use the Messaging Service for the Payment Risk Platform (PRP) to help reduce fraud losses by automatically contacting cardholders via SMS about suspicious transactions. This allows cardholders to confirm a transaction's legitimacy in near real-time, delivering a clear signal for you to take immediate, automated action.
While PRP's advanced AI/ML capabilities provide real-time fraud detection, the best predictions benefit from this kind of direct feedback. Without it, legitimate transactions that are correctly flagged as high-risk could be declined simply because the cardholder has no way to validate them. Gathering this feedback also helps train the AI/ML model, improving PRP's fraud detection over time.

Benefits

  • Reduce false declines — Retain interchange revenue and improve the cardholder experience by verifying and approving legitimate transactions that PRP might have declined otherwise.
  • Build cardholder trust — Protect your customers from potential fraud with transparent, real-time communication about suspicious activity on their account.
  • Improve fraud model accuracy — Create a direct feedback loop that helps train and improve Galileo's transaction risk score (GScore) and its fraud risk decisions.
  • Automate your fraud response — Initiate SMS alerts automatically based on PRP fraud detection and process cardholder responses in near real-time.
  • Enable a quick implementation — Add an industry-standard fraud response solution to your PRP setup.

Cardholder experience

When PRP flags one of your cardholder's transactions as suspicious, the cardholder receives an immediate, clear SMS alert asking them to confirm whether they attempted the transaction. This direct communication allows the cardholder to instantly validate a legitimate purchase or report actual fraud, giving them peace of mind and a quick path to resolution.






















Use cases

The primary use case is to verify suspicious transactions directly with the cardholder, allowing for immediate action on potentially fraudulent activity and quick resolution for legitimate purchases.

Use case 1: Legitimate purchase

When a cardholder attempts a large, unusual online purchase, PRP flags the transaction as high risk and declines it. The cardholder immediately receives an SMS alert asking to verify the purchase. After they reply "YES," the system temporarily allows the authorization and sends a follow-up SMS asking them to retry. The PRP then approves the cardholder's second attempt.

Use case 2: Fraudulent attempt

When a fraudster attempts an online purchase with stolen card details, PRP flags the transaction as high risk and declines it. The legitimate cardholder, who did not make the purchase, receives an unexpected SMS about the attempt. They reply "NO," and the Galileo instantly freezes the card to prevent any further fraudulent activity.

Decisions to make

As part of the implementation process, you work with Galileo to make the following key decisions for your program:

  • Obtaining consent — You are responsible for obtaining and managing prior expressed consent from your cardholders to receive automated fraud alerts via SMS. This alert is strictly for fraud prevention and is not for marketing activities.
  • Providing data — You must provide the cardholder's first and last name, and a valid phone number for them to receive alerts.
  • Defining your SMS policy — As part of the setup process, work with Galileo to define your SMS policy. This policy specifies which PRP fraud rules trigger an alert, the automated actions for each cardholder response (including a lack of response), and the content of any follow-up messages.
  • Approving message templates — Review and approve the standard message templates used for alerts to ensure clarity and compliance with your program's standards.

Workflow

This flowchart describes the complete process from fraud detection to resolution.

📘

Note

The flowchart above does not depict the "no response" path. The following steps describe the complete workflow, including all three possible cardholder actions.

  1. A cardholder initiates a transaction with a merchant.
  2. The merchant sends an authorization request to Galileo.
  3. Galileo processes the transaction and checks it against fraud rules. At this point, the flow branches:
    a. If the transaction does not trigger fraud rules, it proceeds through the normal auth approval process. Galileo sends your system an Auth API webhook with the approval details.
    b. If the transaction triggers fraud rules, PRP determines an action (deny, warn, or freeze card). An Auth API webhook is sent to your system with the outcome and rule trigger data. At the same time, the flow continues to the next step.
  4. Following the fraud trigger, Galileo sends an SMS alert to the cardholder to verify the transaction. The system then waits for a preconfigured amount of time for a response.
  5. The workflow then continues based on the cardholder's action:
    a. If the cardholder replies "YES" or "NO," Galileo receives the response and performs two actions:
    i. Updates the internal blocklist or allowlist and calls the Program API to add a customer note in the CST.
    ii. Galileo then sends the prp_sms_suspicious_txn_alert event to your system via the Events API.
    b. If the cardholder does not respond, Galileo initiates your preconfigured follow-up action, such as sending a second SMS or removing a temporary block.

Transaction Events API

The Messaging Service uses the prp_sms_suspicious_txn_alert event to notify you of a cardholder's response. Galileo sends this event after a cardholder replies to an SMS fraud alert from PRP. It delivers the cardholder's raw response, allowing you to take immediate, automated action such as freezing an account or adding a transaction to the allowlist. Use the msg_body and customer_opt_out fields to determine the cardholder's response and trigger your configured automated actions.

For complete details on the event payload, see the PRP SMS Suspicious Transaction Alert event reference.

Updated 3 days ago

© Galileo Financial Technologies, LLC 2025    Privacy Disclosure

All documentation, including but not limited to text, graphics, images, and any other content, are the exclusive property of Galileo Financial Technologies, LLC and are protected by copyright laws. These materials may not be reproduced, distributed, transmitted, displayed, or otherwise used without the prior written permission of Galileo Financial Technologies, LLC. Any unauthorized use or reproduction of these materials are expressly prohibited.