Risk Events
The following are events triggered by real-time fraud detection and risk-mitigation activities within the Payment Risk Platform (PRP). These are sent to you in the Authorization Events Webhook which is part of the Events API.
prp_sms_suspicious_txn_alert.v1
A cardholder responded to an SMS fraud alert triggered by the Payment Risk Platform (PRP). This event delivers the direct feedback from the cardholder, which you can use to disposition a risky transaction. You must be subscribed to PRP to receive this event. There is currently one supported version for this event.
This event is triggered any time Galileo receives a valid SMS response from a cardholder regarding a suspicious transaction. Based on the response in the msg_body field, you can call the Program API to take action, such as freezing or unfreezing a card.
- Code —
n/a - Event trigger — Galileo receives a valid SMS response from a cardholder regarding a suspicious transaction.
- Processes — These processes contain the event trigger:
| Field | Type | Description |
|---|---|---|
prn | string | Galileo 12-digit payment reference number (PRN) for the account. Example: "999101003022" |
cad | string | Galileo-generated ID for the card. If you are not PCI compliant, you can use the CAD instead of the PAN in many contexts. Example: "72450868" |
mobile_phone | string | The phone number of the cardholder who received the SMS alert. Example: "1256127234" |
risk_event_type | string | The name of this event: prp_sms_suspicious_txn_alert. Example: "prp_sms_suspicious_txn_alert.v1" |
auth_uid | string | Unique identifier for the original authorization. Use this ID to map the cardholder's SMS response directly to the specific fraud alert that was sent. Example: " DHWJtI8zRjuDcgF8hru3oQ" |
auth_ts | string | Date-time when the original authorization transaction was created in Mountain Standard Time (GMT -0700). Format: YYYYMMDD:HHMMSS MSTExample: " 20250315:121504MST" |
auth_id | number | Galileo-generated ID for the authorization. Use this ID to track the transaction throughout the Galileo system. For an explanation of how these IDs are generated, see Authorization identifiers in the Transaction IDs guide. Example: 12345141234123 |
merchant_description | string | The description of the merchant where the suspicious transaction occurred. This is derived from DE043. Example: " 123 WIDGETS MERCHANT BEVERLY HILLS CA" |
merchant_city | string | City the merchant is located in. Example: " Salt Lake City" |
merchant_state | string | Two-letter state or provincial designator for the merchant's location. Example: "UT" |
merchant_country | string | ISO 3166-1 country code for the country where the merchant is located. 3 digits. Example: "840" |
merchant_postal_code | string | The postal code of the merchant's location, such as a U.S. ZIP code or a Canadian postal code. The format of this field varies by card network and merchant country. For example, values can be 5-digit (91356), 9-digit (118031598), or alphanumeric (M5T2S8). A value of all zeros may indicate that no postal code was provided in the authorization request. Example: " 91356" |
amount | number | The amount of the suspicious transaction. Example: 75.00 |
sender_phone | string | The SMS 10-Digit Long Code (10 DLC) that sent the SMS alert. Example: "(512) 555-0123" |
msg_body | string | The cardholder response to the SMS message in raw text. Max: 160 characters Example: "Yes" |
customer_opt_out | boolean | Indicates if the cardholder opted out of future SMS alerts by responding with STOP.Default: "false" Example: false |
# prp_sms_suspicious_txn_alert example
{
"detail": {
"data": {
"prp_sms_suspicious_txn_alert.v1": {
"prn": "999101003022",
"cad": "72450868",
"mobile_phone": "1256127234",
"risk_event_type": "prp_sms_suspicious_txn_alert",
"auth_uid": "DHWJtI8zRjuDcgF8hru3oQ",
"auth_ts": "20250315:121504MST",
"auth_id": 12345141234123,
"merchant_description": "123 WIDGETS MERCHANT BEVERLY HILLS CA",
"merchant_city": "Salt Lake City",
"merchant_state": "UT",
"merchant_country": "840",
"merchant_postal_code": "91356",
"amount": 75.00,
"sender_phone": "(512) 555-0123",
"msg_body": "Yes",
"customer_opt_out": false
}
},
"metadata": {
"detail_id": "550e8400-e29b-41d4-a716-446655440000",
"detail_timestamp": "2025-11-05T14:30:00.123Z"
}
}
}