Skip to main content

Offsite Integration

In the offsite transaction monitoring process, Shufti's clients are responsible for collecting all relevant transaction data from the end user and submitting it to Shufti for analysis and verification. This includes essential information such as transaction details, sender and recipient data, and any supporting documentation required for compliance checks. Shufti then processes this information to identify potential risks, ensuring the transaction adheres to regulatory standards and business requirements.

Additionally, Shufti supports batch verification, enabling clients to submit multiple transactions at once for review. This allows efficient, large-scale monitoring and ensures that even past transactions are screened for compliance and risk management.

Create Transaction Endpoint

Use this endpoint to submit a transaction for Transaction Trust Monitoring (TTM).

Endpoint Information

  • Endpoint URL: POST https://api.shuftipro.com/create/transaction
  • Content-Type: application/json
  • Authentication: Basic Authentication

Authentication (Required Before Calling This Endpoint)

This endpoint uses the same authentication flow as the main API.

  1. Set up your Shufti account
  2. Get your client_id and secret_key
  3. Authorize requests using Basic Auth

For complete authorization steps and examples, refer to:

Once authentication is set up, come back to this page and call the transaction endpoint below.

Prerequisites

Before sending requests to this endpoint, ensure:

  • TTM (Transaction Trust Monitoring) feature is enabled for your client account
  • TTM seller ID is configured for your client account

Request Example

For the full list of supported request fields and their definitions, see the Complete List of Datapoints.

create-transaction-request
{
"trans_id": "txn-87392HDK239JD",
"trans_ts": "2025-12-01T14:30:00Z",
"trans_amt": 250.75,
"trans_currency": "EUR",
"transaction_type": "Transfer",
"cust_id": "CUST9X4LM2P8",
"cust_name": "Sarah Martinez",
"cust_email": "[email protected]",
"phone": "+33612345678",
"cust_dob": "1988-03-22Z",
"cust_nationality": "French",
"cust_signup_ts": "2024-06-10T09:15:00Z",
"cust_account_balance": 8500,
"source_of_wealth": "Business Income",
"slr_ind_cat": "7995",
"slr_ind_mcc": "713290",
"slr_asp": 125.5,
"slr_crncy": "EUR",
"pmt_method": "Credit Card",
"ip": "185.45.192.78",
"device_id": "dev8k2m9n4p1q5r",
"device_score": 85,
"device_fingerprint": "FP78K9L2M3N4",
"device_reputation": "Excellent",
"platform_id": "PAYMENT-HUB-EU",
"browser_user_agent": "Mozilla 5.0 Safari 17.2",
"ba_bic": "DEUTDEFF500",
"ba_iban": "DE89370400440532013000",
"ba_name": "Sarah Martinez",
"ba_rtn_num": "026009593",
"bin_ctry": "DE",
"bin_brand": "Mastercard",
"aml_screening": {
"name": {
"full_name": "Sarah Martinez"
},
"filters": [
"Sanctions",
"PEP"
]
},
"beneficiary_id": "BEN7H9K2L4M6",
"beneficiary_name": "Michael Chen",
"beneficiary_email": "[email protected]",
"beneficiary_dob": "1992-07-18Z",
"beneficiary_phone": "+8613912345678",
"beneficiary_nationality": "Chinese",
"beneficiary_ba_bic": "ICBKCNBJ110",
"beneficiary_ba_iban": "GB82WEST12345698765432",
"beneficiary_ba_name": "Michael Chen",
"beneficiary_ba_rtn_num": "121000248",
"beneficiary_bin_ctry": "CN",
"beneficiary_bin_brand": "UnionPay",
"beneficiary_aml_screening": {
"name": {
"full_name": "Michael Chen"
},
"filters": [
"Sanctions",
"Adverse Media"
]
}
}

Success Response

success-response-200
{
"status": true,
"message": "Transaction submitted successfully",
"data": {
"transaction_id": "a2f8c9d1-3e4b-4a5c-8d7f-1b2e3a4c5d6e",
"device_id": "dev8k2m9n4p1q5r",
"score": 0.3245678901234567,
"approved": 1,
"evidence": {
"signals": [
{
"id": "7a2d9c4e",
"category": "geo",
"type": "good",
"related_to": [
"phone",
"bin_ctry",
"ip_country"
]
},
{
"id": "b3e8f1a9",
"category": "seller",
"type": "neutral",
"related_to": [
"slr_ind",
"slr_ind_cat",
"seller_id"
]
},
{
"id": "c9d4e2b7",
"category": "transaction",
"type": "good",
"related_to": [
"device_reputation",
"device_score"
]
},
{
"id": "d1f5a8c3",
"category": "transaction",
"type": "neutral",
"related_to": [
"ip"
]
},
{
"id": "e4b2c9d6",
"category": "transaction",
"type": "good",
"related_to": [
"trans_amt"
]
},
{
"id": "f8a3d1e7",
"category": "user",
"type": "good",
"related_to": [
"cust_email",
"cust_account_balance"
]
}
]
},
"rule_hits": {
"decisive_hit": null,
"all": []
},
"validation": {
"ok": true
},
"sanctions_lists": {
"hit": "NO_HIT"
},
"aml_screening": {
"hit": "NO_MATCH"
}
}
}

Risk Assessment Interpretation

  • Score Range: 0.0 (lowest risk) to 1.0 (highest risk)
  • Approval Status:
    • 0 = Transaction declined
    • 1 = Transaction approved
    • 2 = Transaction manual review
    • 3 = Transaction custom action (when rule hits with custom action)

Response Fields Description

Root Level

FieldTypeDescription
statusbooleanIndicates whether the request was successful.
messagestringHuman-readable status message.
dataobjectContains detailed transaction analysis results.

Data Object

FieldTypeDescription
transaction_idstringUnique transaction identifier in UUID format.
device_idstringProcessed device identifier.
scorenumberFraud risk score from 0 to 1 (lower is better).
approvedintegerApproval status (1 approved, 0 declined).
evidenceobjectEvidence signals that influenced the score.
rule_hitsobjectInformation about triggered rules.
validationobjectValidation status and errors (if any).
sanctions_listsobjectSanctions screening result (when applicable).
aml_screeningobjectAML screening result (when requested).

Evidence Object

FieldTypeDescription
signalsarrayArray of signal objects indicating risk factors.

Signal Object

FieldTypeDescription
idstringUnique signal identifier.
categorystringSignal category (for example: geo, transaction, user, seller).
typestringSignal type: good, bad, or neutral.
related_toarray/nullField names associated with this signal.

Rule Hits Object

FieldTypeDescription
decisive_hitobject/nullRule that determined outcome; null when none applies.
allarrayArray of all rules that were triggered.

Rule Object (inside decisive_hit or all)

FieldTypeDescription
idstringUnique rule identifier (UUID).
short_idintegerShort numeric identifier of the rule.
versionintegerRule version number.
actionstringRule action (for example: reject, accept, review).
rule_namestringHuman-readable rule name.

Validation Object

FieldTypeDescription
okbooleanIndicates whether validation passed completely.
errorsarrayValidation errors (present only when ok is false).

Validation Error Object

FieldTypeDescription
datapointstringName of the field with validation issue.
messagestringValidation error detail.

Sanctions Lists Object

FieldTypeDescription
hitstringPossible values: HIT, NO_HIT, ERROR.

AML Screening Object

FieldTypeDescription
hitstringPossible values: MATCH, POTENTIAL_MATCH, NO_MATCH, ERROR.

Error Responses

Validation Error (HTTP 400)

{
"status": false,
"message": "Validation failed",
"errors": {
"trans_id": [
"Transaction ID is required"
]
}
}

Unauthorized (HTTP 401)

{
"status": false,
"message": "Unable to identify authenticated client"
}

Forbidden (HTTP 403)

{
"status": false,
"message": "TTS feature is not enabled for your account"
}

Configuration Error (HTTP 400)

{
"status": false,
"message": "Seller ID not configured for this client"
}

Server Error (HTTP 500)

{
"status": false,
"message": "An error occurred while processing transaction submission",
"error": "Error description"
}

Validation Failed (HTTP 422)

{
"status": false,
"message": "An error occurred while processing transaction submission",
"error": "Validation failed: Invalid transaction data provided"
}

HTTP Status Codes

Status CodeDescription
200Transaction submitted successfully.
400Bad request due to invalid or missing required data.
401Unauthorized; authentication failed.
403Forbidden; TTS feature is not enabled.
404Not found; seller configuration missing.
422Unprocessable entity; validation failed.
500Internal server error.