The Risk API extends the capabilities of Payment Risk Platform (PRP) to any financial technology companies and banks that do not use Galileo as their card transaction processor to monitor suspicious card transaction behavior (debit, credit, BNPL, prepaid, etc.). To do so, you send transaction data via the Risk API along with a Risk Service ID (riskServiceID
) assigned to you.
For the Risk API you use a different URL, and the status codes have a four-digit prefix (1701).
Base URL
For this API use the tenanted URL that Galileo assigns you: https://risk-{corename}.{env}.gpsrv.com/endpointName
, where
corename
is the name of your core, as assigned by Galileo.env
is the environment:cv
for client validation andpd
for production.
Authentication
The Risk API uses the same IP address whitelisting and credential approach as the Program API. You can choose to use their existing credentials or be issued new credentials for use with the Risk API.
Follow the authentication steps for the Program API.
Connectivity
The Risk API does not have a dedicated connectivity endpoint. Basic credential validation and connectivity can be validated by calling Get Card Transaction Fraud API and returning a successful response.
Endpoint responses
The Risk API requests and responses are conventional and are similar to Program API. Requests are made with form encoded parameters in HTTP posts. Responses are available as JSON messages with snake_case field names.