Fraud Insight API Installation
If you are using a webstore other than Magento, you can use a REST API to install Radial Fraud Insight.
Note: The following instructions assume that you have experience integrating REST APIs into your system. If you do not, contact your Radial representative.
Authentication and Authorization
The client application must adhere to Radial’s Web Services Security Protocol when communicating with the Fraud Insight API.
Radial requires customers to use key-based authentication as part of their implementations. The authentication key is part of the HTTP header. Radial generates the key and provides it to the client. A new key is provided every six months.
The client application submits an order status request for Fraud Insight using HTTPS POST only.
URI Summary
Action |
URI Template |
URI Example |
Non-URI Request |
Response |
---|---|---|---|---|
POST |
/v[M.m]/stores/[StoreId]/ risk/ insight/request.[format] |
/v1.0/stores/ABCXYZ/risk/ insight/request.xml |
XML |
200 + XML response |
Note: Separate URLs are provided for Fraud Insight Response during the implementation.
API Elements
Element |
Required by Schema |
Required by Business Case |
Description |
Sample Data |
Type |
Restriction |
---|---|---|---|---|---|---|
/RiskInsightRequest |
Yes |
The full detail for an event being submitted to the Fraud Insight Service. |
Complex Type |
|||
/RiskInsightRequest/PrimaryLangId |
Yes |
Yes |
The primary language ID used in the XML message. |
en-US |
String |
|
/RiskInsightRequest/Order |
Yes |
Yes |
||||
/RiskInsightRequest/Order/OrderId |
Yes |
Yes |
Unique identifier of the order in the web site. |
String |
Maximum 40 characters |
|
/RiskInsightRequest/Order/OrderSource |
No |
Yes |
Identifies the system/method that was used to take the order. |
String Enum |
Should be one of the below values: WEBSTORE DASHBOARD KIOSK MOBILE OTHER |
|
/RiskInsightRequest/Order/OrderDate |
Yes |
Yes |
The timestamp of the order submitted in UTC. |
2015-05-30T09:00:00 or 2015-05-30T09:30:10.5 or 2015-05-30T09:30:10Z |
DateTime |
|
/RiskInsightRequest/Order/StoreId |
Yes |
Yes |
Store code/identifier for each partner. New store codes will require configuration by Radial. |
string |
Minimum 1 character |
|
/RiskInsightRequest/Order/ShippingList |
No |
Yes |
||||
/RiskInsightRequest/Order/ShippingList/Shipment[1] |
No |
Yes |
||||
/RiskInsightRequest/Order/ShippingList/Shipment[1]/@ShipmentId |
No |
Yes |
String |
MinLength = 1 |
||
/RiskInsightRequest/Order/ShippingList/Shipment[1]/PersonName |
No |
Yes |
The recipient's name who is receiving the goods. |
|||
/RiskInsightRequest/Order/ShippingList/Shipment[1]/PersonName/LastName |
No |
Yes |
The last (family) name of the recipient. |
Williams |
String |
Letters only, upper or lower case. |
/RiskInsightRequest/Order/ShippingList/Shipment[1]/PersonName/MiddleName |
No |
No |
The middle name of the recipient. |
Ed |
string |
Letters only, upper or lower case. Maximum of 10 characters |
/RiskInsightRequest/Order/ShippingList/Shipment[1]/PersonName/FirstName |
No |
Yes |
The recipient person’s (given) name) or full name if only full name field exists in web store. |
David |
string |
Letters only, upper or lower case. |
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Email |
No |
Yes |
The email address where the product (digital goods) is being shipped. |
williams.drek@yahoo.com |
String |
Only send if it's a digital good. Please do not send this field for Physical goods. MaxLength = 256 |
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Telephone |
No |
Yes |
Telephone number of the shipping address. |
String |
||
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Telephone/CountryCode |
No |
Yes |
Country code of the Phone number |
String |
||
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Telephone/AreaCode |
No |
Yes |
Area code of the Phone number |
String |
||
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Telephone/Number |
No |
Yes |
Phone number or full phone number if AreaCode or Country Code doesn't exist |
string |
||
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Telephone/Extension |
No |
No |
Extension Number, if any |
String |
||
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Address |
No |
Yes |
Shipping Address of the customer. |
|||
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Address/Line1 |
No |
Yes |
Line1 of the Shipping Address. |
String |
MaxLength = 100 |
|
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Address/Line2 |
No |
No |
Line2 of the Shipping Address. |
String |
MaxLength = 100 |
|
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Address/Line3 |
No |
No |
Line3 of the Shipping Address. |
String |
MaxLength = 100 |
|
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Address/Line4 |
No |
No |
Line4 of the Shipping Address. |
String |
MaxLength = 100 |
|
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Address/City |
No |
Yes |
City name of the Shipping Address. |
string |
||
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Address/PostalCode |
No |
Yes |
Postal code or Zip code of the shipping address. |
String |
||
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Address/MainDivisionCode |
No |
Yes |
Typically, a two- or three-digit postal abbreviation for the state or province. Mainly used in Canada and the US. This does not necessarily conform to the ISO 3166-2 code. |
|||
/RiskInsightRequest/Order/ShippingList/Shipment[1]/Address/CountryCode |
No |
Yes |
Two digit ISO country code conforming to ISO 3166 alpha 2. |
|||
/RiskInsightRequest/Order/ShippingList/Shipment[1]/ShippingMethod |
No |
Yes |
||||
/RiskInsightRequest/Order/LineItems |
No |
Yes |
||||
/RiskInsightRequest/Order/LineItems/LineItem[1] |
No |
Yes |
||||
/RiskInsightRequest/Order/LineItems/LineItem[1]/@LineItemId |
No |
Yes |
The unique identifier for a specific line item. |
1324234 |
||
/RiskInsightRequest/Order/LineItems/LineItem[1]/@ShipmentId |
No |
Yes |
Identifier of the shipment associated with this line item. |
23432 |
||
/RiskInsightRequest/Order/LineItems/LineItem[1]/ProductId |
No |
Yes |
A unique identifier for a distinct product on web site. Generally called SKU or PID |
String |
||
/RiskInsightRequest/Order/LineItems/LineItem[1]/Description |
No |
Yes |
Title of the product as it appears on the web site. |
string |
||
/RiskInsightRequest/Order/LineItems/LineItem[1]/UnitCost |
No |
Yes |
The cost of an individual unit. |
101.00 |
float |
|
/RiskInsightRequest/Order/LineItems/LineItem[1]/UnitCurrencyCode |
No |
Yes |
Three-letter ISO-4217 code identifying the type of currency used for the transaction. |
USD |
string |
|
/RiskInsightRequest/Order/LineItems/LineItem[1]/Quantity |
No |
Yes |
The number of product ID’s (units) ordered. |
3 |
integer |
|
/RiskInsightRequest/Order/LineItems/LineItem[1]/Category |
No |
Yes |
Identifies the class of product the individual unit belongs to. Send a comma separated list of categories if there is a 1-to-many relationship |
Electronics or Shoes |
String |
|
/RiskInsightRequest/Order/LineItems/LineItem[1]/PromoCode |
No |
No |
A code related to a promotional campaign used for the purchase. Just send "Y" if there is a promo code and it can't be shared. |
25OFF or Y |
String |
|
/RiskInsightRequest/Order/FormOfPayments |
Yes |
Yes |
The FormOfPayment section allows multiple forms of payment to be used on an order. Each FormOfPayment must be one that has been used while payment during checkout. |
|||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1] |
Yes |
Yes |
||||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/PaymentCard |
No |
Yes |
he payment card details used. This is for all types of payment including credit cards, debit cards, PayPal, PayPalCredit(bill me later), OpenInvoice, gift cards, Online gift certificates, etc. |
|||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/PaymentCard/CardHolderName |
No |
Yes |
The card holder's full name as it appears on the credit card. Only send this if Name on the Card prompted to enter on the web site. |
String |
||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/PaymentCard/PaymentAccountUniqueId |
No |
Yes |
The account id. This should be the unencrypted/raw account number or the tokenized account number. Either a raw PaymentAccountNumber(PAN) or a token representing a PAN. The type includes an attribute, is Token, to indicate if the PAN is tokenized. |
|||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/PaymentCard/PaymentAccountUniqueId/@isToken |
No |
Yes |
Set it to true if a tokenized value is being sent. If a raw account/credit card number is being sent, set it to false. |
true or false |
Boolean |
|
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/PaymentCard/PaymentAccountBin |
No |
Yes |
The first six digits of the payment account number used. |
String |
||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/PaymentCard/ExpireDate |
No |
Yes |
The credit card expiration date. |
2011-09 |
gYearMonth |
|
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/PaymentCard/CardType |
No |
Yes |
The type of card used for payment; Use enumerated values and if not found in enums, send string. Contact Radial for more information. |
VC, AM |
cardTypeEnums |
Should be one of the values mentioned below: VC MC AM DC PY BL OI GC OGC BC CASH OTHER |
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/PersonName |
No |
Yes |
The name associated with the form of payment used. |
String |
||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/PersonName/LastName |
No |
Yes |
The last name of the person associated with the form of payment used. |
String |
||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/PersonName/MiddleName |
No |
No |
The middle name of the person associated with the form of payment used. |
String |
||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/PersonName/FirstName |
No |
Yes |
The first name of the person associated with the form of payment used. |
String |
||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Email |
Yes |
Yes |
The email of the person associated with the form of payment used. |
String |
Maxlength = 256 |
|
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Telephone |
No |
Yes |
The phone number associated with the form of payment used. |
|||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Telephone/AreaCode |
No |
Yes |
Area code of the Phone number |
String |
||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Telephone/Number |
No |
Yes |
Phone number or full phone number if AreaCode or CountryCode doesn't exist |
String |
||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Telephone/Extension |
No |
No |
Extension Number, if any |
String |
||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Address |
No |
Yes |
Billing address for the form of payment. |
|||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Address/Line1 |
No |
Yes |
Billing Address of the customer. |
String |
MaxLength = 100 |
|
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Address/Line2 |
No |
No |
Billing Address of the customer. |
String |
MaxLength = 100 |
|
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Address/Line3 |
No |
No |
Billing of the Shipping Address. |
String |
MaxLength = 100 |
|
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Address/Line4 |
No |
No |
Billing of the Shipping Address. |
String |
MaxLength = 100 |
|
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Address/City |
No |
Yes |
Billing of the Shipping Address. |
String |
||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Address/PostalCode |
No |
Yes |
Billing of the Shipping Address. |
String |
||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Address/MainDivisionCode |
No |
Yes |
City name of the Billing Address. |
String |
||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Address/CountryCode |
No |
Yes |
String |
|||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/PaymentTransactionDate |
No |
Yes |
The timestamp of the credit card transaction in UTC. |
2015-05-30T09:00:00 or 2015-05-30T09:30:10.5 or 2015-05-30T09:30:10Z |
dateTime |
|
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/CurrencyCode |
No |
Yes |
Three-letter ISO-4217 code identifying the type of currency used for the transaction. |
CAD |
String |
|
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/Amount |
No |
Yes |
The amount of the payment. |
704.7 |
Decimal |
|
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/TotalAuthAttemptCount |
No |
No |
The number of auths tried with this card in the same transaction |
2 |
Byte |
|
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/TransactionResponses |
No |
No |
Contains the list of responses from the payment processor. |
|||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/TransactionResponses/TransactionResponse[1] |
No |
No |
Each transaction response specifies the type of transaction response and the value returned. |
|||
/RiskInsightRequest/Order/FormOfPayments/FormOfPayment[1]/TransactionResponses/TransactionResponse[1]/@ResponseType |
No |
No |
The transaction response type. |
cvv2, avs,3ds |
enum |
Should be one of the values mentioned below: avsAddr avsZip 3ds cvv2 PayPalPayer PayPalAddress PayPalPayerCountry PayPalSellerProtection AmexName AmexEmail AmexPhone |
/RiskInsightRequest/Order/TotalCost |
No |
Yes |
||||
/RiskInsightRequest/Order/TotalCost/CostTotals |
No |
Yes |
Contains the total cost details regarding currency used, before tax amount, and after tax amount. |
|||
/RiskInsightRequest/Order/TotalCost/CostTotals/CurrencyCode |
No |
Yes |
String |
|||
/RiskInsightRequest/Order/TotalCost/CostTotals/AmountBeforeTax |
No |
Yes |
The total fare excluding taxes. |
Double |
||
/RiskInsightRequest/Order/TotalCost/CostTotals/AmountAfterTax |
No |
Yes |
All charges including fare, fees, and taxes. |
Double |
||
/RiskInsightRequest/Order/DeviceInfo |
No |
No |
Contains information about the user's device when an order is placed electronically. |
|||
/RiskInsightRequest/Order/DeviceInfo/DeviceIP |
No |
No |
The IP address of the customer's device creating the order. Dotted decimal representation of an IP address. |
192.168.2.251 |
String |
MaLength = 15 |
/RiskInsightRequest/Order/DeviceInfo/HttpHeaders |
No |
No |
The HTTP Headers are collected on the Web Application server on receipt of the request. Implementation Notes: Includes Accept, Accept-Charset, Accept-Language, User-Agent, Referer |
List |
||
/RiskInsightRequest/Order/DeviceInfo/HttpHeaders/HttpHeader[1] |
No |
No |
Each HttpHeader element represents one HTTP header entry collected from the HTTP session for the customer's order. Implementation Notes: Header names should conform to HTTP 1.1 spec. |
String |
||
/RiskInsightRequest/Order/DeviceInfo/HttpHeaders/HttpHeader[1]/@name |
No |
No |
The name of the HttpHeader element. |
user-agent |
string |
|
/RiskInsightRequest/Order/CustomProperties |
No |
No |
Contains the CustomPropertyGroup elements |
|
List |
|
/RiskInsightRequest/Order/CustomProperties/CustomPropertyGroup[1] |
No |
No |
Contains the CustomProperty elements |
|
List |
|
/RiskInsightRequest/Order/CustomProperties/CustomPropertyGroup[1]/@name |
No |
No |
The name of the CustomPropertyGroup element |
GSI_CUSTOM |
string |
|
/RiskInsightRequest/Order/CustomProperties/CustomPropertyGroup[1]/CustomProperty[1] |
No |
No |
Contains the CustomProperty value |
00744669-e12b-4365-960e-108402212254_1493405974023 |
string |
|
/RiskInsightRequest/Order/CustomProperties/CustomPropertyGroup[1]/CustomProperty[1]/@name |
No |
No |
The name of the CustomProperty element |
RDFUID |
string |
|
Custom Properties
The following custom properties must be passed in the request if available.
Custom Property Name |
Custom Property Group Name |
Data Type |
Description |
Sample Values |
---|---|---|---|---|
RDFUID |
GSI_CUSTOM |
String |
The RDFUID captured during the order placement, which is generated by Radial Device fingerprinting JavaScript, should be sent in this customer property. Details on how to capture RDFUID are available here: Radial Device Fingerprint |
00744669-e12b-4365-960e-108402212254_1493405974023 |
Example GSI_CUSTOM Properties Group
<CustomProperties>
<CustomPropertyGroup Name="GSI_CUSTOM">
<CustomProperty Name="RDFUID">00744669-e12b-4365-960e-108402212254_1493405974023</CustomProperty>
</CustomPropertyGroup>
</CustomProperties>
Request/Response Schemas and Samples
Schemas
Request Samples
Click to view each of the following request samples.
Request Sample: Amex, One Item<?xml version="1.0" encoding="UTF-8"?>
<RiskInsightRequest xmlns="http://schema.gsicommerce.com/risk/insight/1.0/">
<PrimaryLangId>en</PrimaryLangId>
<Order>
<OrderId>32432542354</OrderId>
<OrderSource>DASHBOARD</OrderSource>
<OrderDate>2018-02-08T10:17:38Z</OrderDate>
<StoreId>MAGTEST</StoreId>
<ShippingList>
<Shipment ShipmentId="545">
<PersonName>
<LastName>James</LastName>
<FirstName>Bond</FirstName>
</PersonName>
<Telephone>
<Number>555-555-5555</Number>
</Telephone>
<Address>
<Line1>630 Allendale Rd</Line1>
<City>KING OF PRUSSIA</City>
<PostalCode>19406-1342</PostalCode>
<MainDivisionCode>PA</MainDivisionCode>
<CountryCode>US</CountryCode>
</Address>
<ShippingMethod>ups_GND</ShippingMethod>
</Shipment>
</ShippingList>
<LineItems>
<LineItem LineItemId="676" ShipmentId="545">
<ProductId>hdd005</ProductId>
<Description>Fragrance Diffuser Reeds</Description>
<UnitCost>86.42</UnitCost>
<UnitCurrencyCode>USD</UnitCurrencyCode>
<Quantity>1</Quantity>
<Category>Root Catalog->Default Category->Home & Decor->Decorative Accents</Category>
</LineItem>
</LineItems>
<FormOfPayments>
<FormOfPayment>
<PaymentCard>
<CardHolderName>James Bond</CardHolderName>
<PaymentAccountUniqueId isToken="true">371389XXXXXX002</PaymentAccountUniqueId>
<ExpireDate>2019-07</ExpireDate>
<CardType>AM</CardType>
</PaymentCard>
<PersonName>
<LastName>James</LastName>
<FirstName>Bond</FirstName>
</PersonName>
<Email>Bond.James@rad.com</Email>
<Telephone>
<Number>555-555-5555</Number>
</Telephone>
<Address>
<Line1>630 Allendale Rd</Line1>
<City>KING OF PRUSSIA</City>
<PostalCode>19406-1342</PostalCode>
<MainDivisionCode>PA</MainDivisionCode>
<CountryCode>US</CountryCode>
</Address>
<PaymentTransactionDate>2018-02-08T10:16:45Z</PaymentTransactionDate>
<CurrencyCode>USD</CurrencyCode>
</FormOfPayment>
</FormOfPayments>
<TotalCost>
<CostTotals>
<CurrencyCode>USD</CurrencyCode>
<AmountBeforeTax>86.42</AmountBeforeTax>
<AmountAfterTax>107.09</AmountAfterTax>
</CostTotals>
</TotalCost>
<DeviceInfo>
<DeviceIP>172.17.42.1</DeviceIP>
<HttpHeaders>
<HttpHeader name="Authorization" />
<HttpHeader name="User-Agent">Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Iceweasel/31.5.3</HttpHeader>
<HttpHeader name="Accept">text/javascript, text/html, application/xml, text/xml, */*</HttpHeader>
<HttpHeader name="Accept-Language">en-US,en;q=0.5</HttpHeader>
<HttpHeader name="Accept-Encoding">gzip, deflate</HttpHeader>
<HttpHeader name="Pragma">no-cache</HttpHeader>
<HttpHeader name="Cache-Control">no-cache</HttpHeader>
<HttpHeader name="Cookie">frontend=e85f357e64483422c92b5c6b0da6b740;
CUSTOMER_SEGMENT_IDS=30%2C32%2C34%2C41; CART=3e3ace51999ab818ae927273646e9a1e</HttpHeader>
<HttpHeader name="Referer">http://docker01.mage.gspt.net:8026/checkout/onepage/</HttpHeader>
<HttpHeader name="X-Requested-With">XMLHttpRequest</HttpHeader>
<HttpHeader name="X-Prototype-Version">1.7</HttpHeader>
<HttpHeader name="X-Forwarded-For">0:0:0:0:0:0:0:1</HttpHeader>
<HttpHeader name="Host">docker01.mage.gspt.net:8026</HttpHeader>
<HttpHeader name="Connection">keep-alive</HttpHeader>
</HttpHeaders>
</DeviceInfo>
<CustomProperties>
<CustomPropertyGroup Name="GSI_CUSTOM">
<CustomProperty Name="RDFUID">00744669-e12b-4365-960e-108402212254_1493405974023</CustomProperty>
</CustomPropertyGroup>
</CustomProperties>
</Order>
</RiskInsightRequest>
Request Sample: Visa, Multiple Items, Multiple Locations <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RiskInsightRequest xmlns="http://schema.gsicommerce.com/risk/insight/1.0/">
<PrimaryLangId>en</PrimaryLangId>
<Order>
<OrderId>2347623879</OrderId>
<OrderSource>WEBSTORE</OrderSource>
<OrderDate>2018-02-08T10:17:38Z</OrderDate>
<StoreId>MAGTEST</StoreId>
<ShippingList>
<Shipment ShipmentId="545">
<PersonName>
<LastName>Drake</LastName>
<FirstName>Nathan</FirstName>
</PersonName>
<Telephone>
<Number>323-525-2248</Number>
</Telephone>
<Address>
<Line1>630 Allendale Rd</Line1>
<City>KING OF PRUSSIA</City>
<PostalCode>19406-1342</PostalCode>
<MainDivisionCode>PA</MainDivisionCode>
<CountryCode>US</CountryCode>
</Address>
<ShippingMethod>ups_GND</ShippingMethod>
</Shipment>
<Shipment ShipmentId="904">
<PersonName>
<LastName>Thomas</LastName>
<FirstName>Jefferson</FirstName>
</PersonName>
<Telephone>
<Number>323-525-1123</Number>
</Telephone>
<Address>
<Line1>1 Times Square</Line1>
<City>New York</City>
<PostalCode>10036</PostalCode>
<MainDivisionCode>NY</MainDivisionCode>
<CountryCode>US</CountryCode>
</Address>
<ShippingMethod>FEDEX_2DAY</ShippingMethod>
</Shipment>
</ShippingList>
<LineItems>
<LineItem LineItemId="676" ShipmentId="545">
<ProductId>hdd005</ProductId>
<Description>Fragrance Diffuser Reeds</Description>
<UnitCost>86.42</UnitCost>
<UnitCurrencyCode>USD</UnitCurrencyCode>
<Quantity>1</Quantity>
<Category>Root Catalog->Default Category->Home & Decor->Decorative Accents</Category>
</LineItem>
<LineItem LineItemId="789" ShipmentId="904">
<ProductId>hdd006</ProductId>
<Description>Columbus Red Shirt</Description>
<UnitCost>18.99</UnitCost>
<UnitCurrencyCode>USD</UnitCurrencyCode>
<Quantity>1</Quantity>
<Category>Root Catalog->Default Category->Apparel->Men->Shirts</Category>
</LineItem>
</LineItems>
<FormOfPayments>
<FormOfPayment>
<PaymentCard>
<CardHolderName>Nathan Drake</CardHolderName>
<PaymentAccountUniqueId isToken="true">aL+zlvNa84dvxQlmWz3COgkwqrE=</PaymentAccountUniqueId>
<PaymentAccountBin>411111</PaymentAccountBin>
<ExpireDate>2023-09</ExpireDate>
<CardType>VC</CardType>
</PaymentCard>
<PersonName>
<LastName>Drake</LastName>
<FirstName>Nathan</FirstName>
</PersonName>
<Email>CHAVVAKULAK@GSICOMMERCE.COM</Email>
<Telephone>
<Number>323-525-2248</Number>
</Telephone>
<Address>
<Line1>630 Allendale Rd</Line1>
<City>KING OF PRUSSIA</City>
<PostalCode>19406-1342</PostalCode>
<MainDivisionCode>PA</MainDivisionCode>
<CountryCode>US</CountryCode>
</Address>
<PaymentTransactionDate>2015-04-08T10:16:45Z</PaymentTransactionDate>
<CurrencyCode>USD</CurrencyCode>
</FormOfPayment>
</FormOfPayments>
<TotalCost>
<CostTotals>
<CurrencyCode>USD</CurrencyCode>
<AmountBeforeTax>86.42</AmountBeforeTax>
<AmountAfterTax>107.09</AmountAfterTax>
</CostTotals>
</TotalCost>
<DeviceInfo>
<DeviceIP>172.17.42.1</DeviceIP>
<HttpHeaders>
<HttpHeader name="Authorization"></HttpHeader>
<HttpHeader name="User-Agent">Mozilla/5.0 (X11; Linux x86_64; rv:31.0)
Gecko/20100101 Firefox/31.0 Iceweasel/31.5.3</HttpHeader>
<HttpHeader name="Accept">text/javascript, text/html, application/xml, text/xml, */*</HttpHeader>
<HttpHeader name="Accept-Language">en-US,en;q=0.5</HttpHeader>
<HttpHeader name="Accept-Encoding">gzip, deflate</HttpHeader>
<HttpHeader name="Pragma">no-cache</HttpHeader>
<HttpHeader name="Cache-Control">no-cache</HttpHeader>
<HttpHeader name="Cookie">frontend=e85f357e64483422c92b5c6b0da6b740;
CUSTOMER_SEGMENT_IDS=30%2C32%2C34%2C41; CART=3e3ace51999ab818ae927273646e9a1e</HttpHeader>
<HttpHeader name="Referer">http://docker01.mage.gspt.net:8026/checkout/onepage/</HttpHeader>
<HttpHeader name="X-Requested-With">XMLHttpRequest</HttpHeader>
<HttpHeader name="X-Prototype-Version">1.7</HttpHeader>
<HttpHeader name="X-Forwarded-For">0:0:0:0:0:0:0:1</HttpHeader>
<HttpHeader name="Host">docker01.mage.gspt.net:8026</HttpHeader>
<HttpHeader name="Connection">keep-alive</HttpHeader>
</HttpHeaders>
</DeviceInfo>
<CustomProperties>
<CustomPropertyGroup Name="GSI_CUSTOM">
<CustomProperty Name="RDFUID">00744669-e12b-4365-960e-108402212254_1493405974023</CustomProperty>
</CustomPropertyGroup>
</CustomProperties>
</Order>
</RiskInsightRequest>
Request Sample: Online Gift Card<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RiskInsightRequest xmlns="http://schema.gsicommerce.com/risk/insight/1.0/">
<PrimaryLangId>en</PrimaryLangId>
<Order>
<OrderId>324RET2343211</OrderId>
<OrderSource>OTHER</OrderSource>
<OrderDate>2018-01-08T10:17:38Z</OrderDate>
<StoreId>MAGTEST</StoreId>
<ShippingList>
<Shipment ShipmentId="545">
<PersonName>
<LastName>Olivia</LastName>
<FirstName>Pope</FirstName>
</PersonName>
<Email>Olivia.Pope@aol.com</Email>
<ShippingMethod>EMAIL</ShippingMethod>
</Shipment>
</ShippingList>
<LineItems>
<LineItem LineItemId="676" ShipmentId="545">
<ProductId>123322</ProductId>
<Description>Online Gift Certificate</Description>
<UnitCost>50.00</UnitCost>
<UnitCurrencyCode>USD</UnitCurrencyCode>
<Quantity>1</Quantity>
<Category>Gift Cards</Category>
</LineItem>
</LineItems>
<FormOfPayments>
<FormOfPayment>
<PaymentCard>
<CardHolderName>Olivia Pope</CardHolderName>
<PaymentAccountUniqueId isToken="true">aL+zlvNa84dvxQlmWz3COgkwqrE=</PaymentAccountUniqueId>
<PaymentAccountBin>411111</PaymentAccountBin>
<ExpireDate>2023-09</ExpireDate>
<CardType>VC</CardType>
</PaymentCard>
<PersonName>
<LastName>Olivia</LastName>
<FirstName>Pope</FirstName>
</PersonName>
<Email>Olivia.Pope@aol.com</Email>
<Telephone>
<Number>555-555-5555</Number>
</Telephone>
<Address>
<Line1>630 Allendale Rd</Line1>
<City>KING OF PRUSSIA</City>
<PostalCode>19406-1342</PostalCode>
<MainDivisionCode>PA</MainDivisionCode>
<CountryCode>US</CountryCode>
</Address>
<PaymentTransactionDate>2015-04-08T10:16:45Z</PaymentTransactionDate>
<CurrencyCode>USD</CurrencyCode>
</FormOfPayment>
</FormOfPayments>
<TotalCost>
<CostTotals>
<CurrencyCode>USD</CurrencyCode>
<AmountBeforeTax>50.00</AmountBeforeTax>
<AmountAfterTax>50.00</AmountAfterTax>
</CostTotals>
</TotalCost>
<DeviceInfo>
<DeviceIP>172.17.42.1</DeviceIP>
<HttpHeaders>
<HttpHeader name="Authorization"></HttpHeader>
<HttpHeader name="User-Agent">Mozilla/5.0 (X11; Linux x86_64; rv:31.0)
Gecko/20100101 Firefox/31.0 Iceweasel/31.5.3</HttpHeader>
<HttpHeader name="Accept">text/javascript, text/html, application/xml, text/xml, */*</HttpHeader>
<HttpHeader name="Accept-Language">en-US,en;q=0.5</HttpHeader>
<HttpHeader name="Accept-Encoding">gzip, deflate</HttpHeader>
<HttpHeader name="Pragma">no-cache</HttpHeader>
<HttpHeader name="Cache-Control">no-cache</HttpHeader>
<HttpHeader name="Cookie">frontend=e85f357e64483422c92b5c6b0da6b740;
CUSTOMER_SEGMENT_IDS=30%2C32%2C34%2C41; CART=3e3ace51999ab818ae927273646e9a1e</HttpHeader>
<HttpHeader name="Referer">http://docker01.mage.gspt.net:8026/checkout/onepage/</HttpHeader>
<HttpHeader name="X-Requested-With">XMLHttpRequest</HttpHeader>
<HttpHeader name="X-Prototype-Version">1.7</HttpHeader>
<HttpHeader name="X-Forwarded-For">0:0:0:0:0:0:0:1</HttpHeader>
<HttpHeader name="Host">docker01.mage.gspt.net:8026</HttpHeader>
<HttpHeader name="Connection">keep-alive</HttpHeader>
</HttpHeaders>
</DeviceInfo>
<CustomProperties>
<CustomPropertyGroup Name="GSI_CUSTOM">
<CustomProperty Name="RDFUID">00744669-e12b-4365-960e-108402212254_1493405974023</CustomProperty>
</CustomPropertyGroup>
</CustomProperties>
</Order>
</RiskInsightRequest>
Request Sample: PayPal<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RiskInsightRequest xmlns="http://schema.gsicommerce.com/risk/insight/1.0/">
<PrimaryLangId>en</PrimaryLangId>
<Order>
<OrderId>78657657659</OrderId>
<OrderSource>MOBILE</OrderSource>
<OrderDate>2018-02-20T18:17:24Z</OrderDate>
<StoreId>MAGTEST</StoreId>
<ShippingList>
<Shipment ShipmentId="545">
<PersonName>
<LastName>Mandela</LastName>
<FirstName>Nelson</FirstName>
</PersonName>
<Telephone>
<Number>555-555-5555</Number>
</Telephone>
<Address>
<Line1>630 Allendale Rd</Line1>
<City>KING OF PRUSSIA</City>
<PostalCode>19406-1342</PostalCode>
<MainDivisionCode>PA</MainDivisionCode>
<CountryCode>US</CountryCode>
</Address>
<ShippingMethod>ups_GND</ShippingMethod>
</Shipment>
</ShippingList>
<LineItems>
<LineItem LineItemId="676" ShipmentId="545">
<ProductId>hdd005</ProductId>
<Description>Fragrance Diffuser Reeds</Description>
<UnitCost>86.42</UnitCost>
<UnitCurrencyCode>USD</UnitCurrencyCode>
<Quantity>1</Quantity>
<Category>Root Catalog->Default Category->Home & Decor->Decorative Accents</Category>
</LineItem>
</LineItems>
<FormOfPayments>
<FormOfPayment>
<PaymentCard>
<CardHolderName>Mandela Nelson</CardHolderName>
<PaymentAccountUniqueId isToken="false">JUDDXBERWUOWQA</PaymentAccountUniqueId>
<ExpireDate>2021-01</ExpireDate>
<CardType>PY</CardType>
</PaymentCard>
<PersonName>
<LastName>Mandela</LastName>
<FirstName>Nelson</FirstName>
</PersonName>
<Email>CHAVVAKULAK@GSICOMMERCE.COM</Email>
<Telephone>
<Number>555-555-5555</Number>
</Telephone>
<Address>
<Line1>630 Allendale Rd</Line1>
<City>KING OF PRUSSIA</City>
<PostalCode>19406-1342</PostalCode>
<MainDivisionCode>PA</MainDivisionCode>
<CountryCode>US</CountryCode>
</Address>
<PaymentTransactionDate>2018-02-20T10:16:45Z</PaymentTransactionDate>
<CurrencyCode>USD</CurrencyCode>
</FormOfPayment>
</FormOfPayments>
<TotalCost>
<CostTotals>
<CurrencyCode>USD</CurrencyCode>
<AmountBeforeTax>86.42</AmountBeforeTax>
<AmountAfterTax>107.09</AmountAfterTax>
</CostTotals>
</TotalCost>
<DeviceInfo>
<DeviceIP>172.17.42.1</DeviceIP>
<HttpHeaders>
<HttpHeader name="Authorization"></HttpHeader>
<HttpHeader name="User-Agent">Mozilla/5.0 (X11; Linux x86_64; rv:31.0)
Gecko/20100101 Firefox/31.0 Iceweasel/31.5.3</HttpHeader>
<HttpHeader name="Accept">text/javascript, text/html, application/xml, text/xml, */*</HttpHeader>
<HttpHeader name="Accept-Language">en-US,en;q=0.5</HttpHeader>
<HttpHeader name="Accept-Encoding">gzip, deflate</HttpHeader>
<HttpHeader name="Pragma">no-cache</HttpHeader>
<HttpHeader name="Cache-Control">no-cache</HttpHeader>
<HttpHeader name="Cookie">frontend=e85f357e64483422c92b5c6b0da6b740;
CUSTOMER_SEGMENT_IDS=30%2C32%2C34%2C41; CART=3e3ace51999ab818ae927273646e9a1e</HttpHeader>
<HttpHeader name="Referer">http://docker01.mage.gspt.net:8026/checkout/onepage/</HttpHeader>
<HttpHeader name="X-Requested-With">XMLHttpRequest</HttpHeader>
<HttpHeader name="X-Prototype-Version">1.7</HttpHeader>
<HttpHeader name="X-Forwarded-For">0:0:0:0:0:0:0:1</HttpHeader>
<HttpHeader name="Host">docker01.mage.gspt.net:8026</HttpHeader>
<HttpHeader name="Connection">keep-alive</HttpHeader>
</HttpHeaders>
</DeviceInfo>
<CustomProperties>
<CustomPropertyGroup Name="GSI_CUSTOM">
<CustomProperty Name="RDFUID">00744669-e12b-4365-960e-108402212254_1493405974023</CustomProperty>
</CustomPropertyGroup>
</CustomProperties>
</Order>
</RiskInsightRequest>
Request Sample: Split Tender, Credit Card and Gift Card<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RiskInsightRequest xmlns="http://schema.gsicommerce.com/risk/insight/1.0/">
<PrimaryLangId>en</PrimaryLangId>
<Order>
<OrderId>1428443523</OrderId>
<OrderSource>KIOSK</OrderSource>
<OrderDate>2018-02-18T20:17:38Z</OrderDate>
<StoreId>MAGTEST</StoreId>
<ShippingList>
<Shipment ShipmentId="545">
<PersonName>
<LastName>Targaryen</LastName>
<FirstName>Daenerys</FirstName>
</PersonName>
<Email>Daenerys.Targaryen@radial.com</Email>
<Telephone>
<Number>555-555-5555</Number>
</Telephone>
<ShippingMethod>ups_GND</ShippingMethod>
</Shipment>
</ShippingList>
<LineItems>
<LineItem LineItemId="676" ShipmentId="545">
<ProductId>hdd005</ProductId>
<Description>Fragrance Diffuser Reeds</Description>
<UnitCost>86.42</UnitCost>
<UnitCurrencyCode>USD</UnitCurrencyCode>
<Quantity>1</Quantity>
<Category>Root Catalog->Default Category->Home & Decor->Decorative Accents</Category>
</LineItem>
</LineItems>
<FormOfPayments>
<FormOfPayment>
<PaymentCard>
<CardHolderName>Daenerys Targaryen</CardHolderName>
<PaymentAccountUniqueId isToken="false">3267876525638798</PaymentAccountUniqueId>
<PaymentAccountBin>326787</PaymentAccountBin>
<ExpireDate>2023-09</ExpireDate>
<CardType>MC</CardType>
</PaymentCard>
<PersonName>
<LastName>Targaryen</LastName>
<FirstName>Daenerys</FirstName>
</PersonName>
<Email>Daenerys.Targaryen@radial.com</Email>
<Telephone>
<Number>555-555-5555</Number>
</Telephone>
<Address>
<Line1>630 Allendale Rd</Line1>
<City>KING OF PRUSSIA</City>
<PostalCode>19406-1342</PostalCode>
<MainDivisionCode>PA</MainDivisionCode>
<CountryCode>US</CountryCode>
</Address>
<PaymentTransactionDate>2018-02-19T10:16:45Z</PaymentTransactionDate>
<CurrencyCode>USD</CurrencyCode>
</FormOfPayment>
<FormOfPayment>
<PaymentCard>
<CardHolderName>Daenerys Targaryen</CardHolderName>
<PaymentAccountUniqueId isToken="false">6454565465465465465</PaymentAccountUniqueId>
<PaymentAccountBin>645456</PaymentAccountBin>
<ExpireDate>2021-09</ExpireDate>
<CardType>TS</CardType>
</PaymentCard>
<PersonName>
<LastName>Targaryen</LastName>
<FirstName>Daenerys</FirstName>
</PersonName>
<Email>Daenerys@Targaryen.com</Email>
<Telephone>
<Number>555-555-5555</Number>
</Telephone>
<Address>
<Line1>630 Allendale Rd</Line1>
<City>KING OF PRUSSIA</City>
<PostalCode>19406-1342</PostalCode>
<MainDivisionCode>PA</MainDivisionCode>
<CountryCode>US</CountryCode>
</Address>
<PaymentTransactionDate>2018-02-21T09:30:47Z</PaymentTransactionDate>
<CurrencyCode>USD</CurrencyCode>
<Amount>106.42</Amount>
<TotalAuthAttemptCount>3</TotalAuthAttemptCount>
<TransactionResponses>
<TransactionResponse ResponseType="AmexPhone">M</TransactionResponse>
<TransactionResponse ResponseType="PayPalAddress">N</TransactionResponse>
</TransactionResponses>
</FormOfPayment>
</FormOfPayments>
<TotalCost>
<CostTotals>
<CurrencyCode>USD</CurrencyCode>
<AmountBeforeTax>86.42</AmountBeforeTax>
<AmountAfterTax>107.09</AmountAfterTax>
</CostTotals>
</TotalCost>
<DeviceInfo>
<DeviceIP>172.17.42.1</DeviceIP>
<HttpHeaders>
<HttpHeader name="Authorization"></HttpHeader>
<HttpHeader name="User-Agent">Mozilla/5.0 (X11; Linux x86_64; rv:31.0)
Gecko/20100101 Firefox/31.0 Iceweasel/31.5.3</HttpHeader>
<HttpHeader name="Accept">text/javascript, text/html, application/xml, text/xml, */*</HttpHeader>
<HttpHeader name="Accept-Language">en-US,en;q=0.5</HttpHeader>
<HttpHeader name="Accept-Encoding">gzip, deflate</HttpHeader>
<HttpHeader name="Pragma">no-cache</HttpHeader>
<HttpHeader name="Cache-Control">no-cache</HttpHeader>
<HttpHeader name="Cookie">frontend=e85f357e64483422c92b5c6b0da6b740;
CUSTOMER_SEGMENT_IDS=30%2C32%2C34%2C41; CART=3e3ace51999ab818ae927273646e9a1e</HttpHeader>
<HttpHeader name="Referer">http://docker01.mage.gspt.net:8026/checkout/onepage/</HttpHeader>
<HttpHeader name="X-Requested-With">XMLHttpRequest</HttpHeader>
<HttpHeader name="X-Prototype-Version">1.7</HttpHeader>
<HttpHeader name="X-Forwarded-For">0:0:0:0:0:0:0:1</HttpHeader>
<HttpHeader name="Host">docker01.mage.gspt.net:8026</HttpHeader>
<HttpHeader name="Connection">keep-alive</HttpHeader>
</HttpHeaders>
</DeviceInfo>
<CustomProperties>
<CustomPropertyGroup Name="GSI_CUSTOM">
<CustomProperty Name="RDFUID">00744669-e12b-4365-960e-108402212254_1493405974023</CustomProperty>
</CustomPropertyGroup>
</CustomProperties>
</Order>
</RiskInsightRequest>
Response Samples
Click to view each of the following response samples.
Response Sample (HIGH)<?xml version="1.0" encoding="UTF-8"?>
<RiskInsightResponse xmlns="http://schema.gsicommerce.com/risk/insight/1.0/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://schema.gsicommerce.com/risk/insight/1.0/ RiskInsightResponse.xsd">
<PrimaryLangId>en</PrimaryLangId>
<OrderId>23499823424</OrderId>
<StoreId>MAGTEST</StoreId>
<ResponseReasonCode>HIGH</ResponseReasonCode>
<ResponseReasonCodeDescription>HIGH</ResponseReasonCodeDescription>
</RiskInsightResponse>
Response Sample (MEDIUM)<?xml version="1.0" encoding="UTF-8"?>
<RiskInsightResponse xmlns="http://schema.gsicommerce.com/risk/insight/1.0/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://schema.gsicommerce.com/risk/insight/1.0/ RiskInsightResponse.xsd">
<PrimaryLangId>en</PrimaryLangId>
<OrderId>23499823423</OrderId>
<StoreId>MAGTEST</StoreId>
<ResponseReasonCode>MEDIUM</ResponseReasonCode>
<ResponseReasonCodeDescription>MEDIUM</ResponseReasonCodeDescription>
</RiskInsightResponse>
Response Sample (LOW)<?xml version="1.0" encoding="UTF-8"?>
<RiskInsightResponse xmlns="http://schema.gsicommerce.com/risk/insight/1.0/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://schema.gsicommerce.com/risk/insight/1.0/ RiskInsightResponse.xsd">
<PrimaryLangId>en</PrimaryLangId>
<OrderId>23499823424</OrderId>
<StoreId>MAGTEST</StoreId>
<ResponseReasonCode>LOW</ResponseReasonCode>
<ResponseReasonCodeDescription>LOW</ResponseReasonCodeDescription>
</RiskInsightResponse>
API Security Overview
To ensure the security and integrity of our client’s uses of the Radial Fraud Insight API, all communications must be encrypted and all API calls must include a valid API Key specific to the partner, API version, and environment.
Encrypted Traffic
All communication from and to the partner must use secure encryption. The Radial Fraud Insight API supports only the Secure Sockets Layer (SSL) protocol TLSv1 and above.
- Requests made to the API by unsecured channels (for example, HTTP) are ignored. By using unencrypted communications, the API key could be “sniffed” from the request and used by unauthorized users. Since Map service providers (like Google) charge based on usage, compromised API keys could lead to unexpected additional costs or even having their access revoked by the provider if the unauthorized traffic violates the usage policies of the provider.
- If unencrypted communications would occur, the Partner should request an emergency API key rotation to ensure their Fraud Insight channel remains secure.
- Improper implementation of SSL enabled capabilities using the DefaultHttpClient or other similar providers can make the implementation susceptible to “man-in-the-middle” exploits. Please ensure a sufficient security focused code review is completed to ensure this important function is implemented correctly and securely.
API Key
The Radial services team assigns your API keys during the launch planning process, development, and launch prep. During service calls, the appropriate key must be sent to Radial in the request header so that the source of the request can be authenticated and to determine if the client is authorized to use the specific function and version of the API in the request. The API key is sent in the request header so that it does not get stored in any server logs and retains its security level.
Using the API key
- Key-Value pairs: Set the API key as a value in the request header. The key for this is “apikey”.
- API keys are specific to the client, API version, and environment: Radial issues different keys for the Developer and Production environments. If you have access to multiple versions of the API, each version of the API requires a separate API key.
- API Key Rotation: All API Keys must be changed at least every six months to ensure that all interactions remain secure.
- Emergency Key Changes: If the client determines that any API key has been compromised or otherwise disclosed, the key can be changed immediately by contacting the Radial Production Support Line and requesting a P1 ticket for the change.
API key example
The following sample API key has been deactivated and will not work. You must use your assigned API key for the respective environments.
Client (Used by): ABCTEST
Allowed Store codes: ABCTEST
Key Value: 7aabe0a107ac0b3744fbd17cbf9fd23d
Key Start Date: 1 May 2012
Key Expiration Date: 10 May 2012
Adding the API Key data to the Request Header
You can add the API Key data as a Request Header programmatically when the request is prepared to be sent to the Radial Fraud Insight API. The following example shows this technique in two tools: the REST Client for Firefox and Java.
REST Client for Firefox
- Set the Method as POST.
- In the URL, paste the URL that Radial provides to you.
- Click Headers, then add a custom header with name apikey and value that you were provided.
- Provide the order status request in the Request Body as shown below.
- Click SEND.
The following figure shows the status code in the Response Headers section.
If the status code is 200 or 50, the response from the Fraud Insight appears in the Response Body field.
If the status code is 40x, it indicates that an error occurred because the URL or apikey pair did not reach the Fraud Insight product. Therefore, Fraud Insight could not produce a response.
Java code
The following example shows one of many possible ways to implement adding the API Key as a Request Header.
This example does not show implementation of SSL Certificate needed for SSL usage.
import org.apache.commons.httpclient.*
String baseEndPoint = " https://api-na.gsipartners.com/v1.0/stores/ABCTEST/risk/insight/request.xml";
HttpClientParams params = new HttpClientParams();
params.setConnectionManagerTimeout(5000);
params.setSoTimeout(10000);
HttpClient httpClient = new HttpClient(params);
PostMethod method = new PostMethod(baseEndPoint);
//set the security credentials to the request header
method.addRequestHeader("apikey", "4d3ba833daec4b56f68006a6b0fbab");
method.setRequestEntity(new StringRequestEntity(xml, "text/xml", "UTF-8"));
httpClient.executeMethod(method);
String response = method.getResponseBodyAsString();