Key | parent | P | fe story points | be story points | story points | Status |
---|---|---|---|---|---|---|
SM-4552 | EPFS Slacker Integration in Transactions | 5.0 | 5.0 | Done |
Role: User
Objective: wants to get the created transaction to be evaluated by the fraud system,
Reason: so that the user knows whether the transaction was approved or not.
Functional requirements:
Provides synchronous API for domain MS to risk-score respective operation and decide what authorization level is required to proceed with the operation. For different operations different input parameters are required to analyse the risk.
The authorization levels have defined semantics such as deny operation, approve operation, require additional authentication (e.g. step-up) with appropriate credentials, manual review required, etc.
an endpoint needs to be created by BO
UI requirements:
The user will create the transaction and will see the loader. The user gets the answer immediately in form of the status screen of the transaction (failed/in process/successful).
Process flow:
https://safibank.atlassian.net/l/cp/0fuVFPb4
Low risk scenario - transaction accepted
High risk scenario - transaction rejected
User creates a transaction
The call to the slacker-manager API is happening for fraud check
Slacker will evaluate the transaction
if the transaction has low risk of fraud probability
the transaction is approved
the processing of the transaction will start
if the transaction has high risk of fraud probability
the transaction is rejected
the processing of the transaction will not start
if the transaction requires additional authentication
the step-up is needed >> https://safibank.atlassian.net/l/cp/J49fmdKJ
The user will get a push notification with the result of the fraud check
Execution steps:
User creates a transaction
The loader is displayed while the transaction is checked by the fraud system
User will receive a push notification of the evaluation
The transaction was approved and its status screen is displayed with “in process/pending” message
Internal dependencies:
Slacker
Domain manager
External dependencies:
Alternative scenarios:
User creates a transaction
The loader is displayed while the transaction is checked by the fraud system
User will receive a push notification of the evaluation
The transaction was rejected and its status screen is displayed with “failed” message
Acceptance criteria:
User creates a transaction
the slacker-manager API is called for fraud check
Slacker evaluates the transaction
if the transaction has low risk of fraud probability
the transaction is approved and its' processing starts
if the transaction has high risk of fraud probability
the transaction is rejected and processing will not start
if the transaction needs additional authentication (only passcode input for EPFS scope)
step-up is needed in the form of requesting user to input passcode before submitting the transaction > https://safibank.atlassian.net/l/cp/9QHWZmiQ
a status screen is displayed to the user with the transaction state (in process or pending for OTC/failed/successful)
Links to wireframes/UI: n/a