Transaction After Suspicious PII Update
Depending on your use case, sometimes PII updates by themselves may not warrant a review or monitoring until money movement occurs. Scenarios like this are where combining data-storing events with monitoring events is valuable.
| Type | Values |
|---|---|
| Monitoring Event Type | transaction |
| Data-storing Event Type | person_updated and bank_account_updated |
| Minimum Required Fields | 1. external_entity_id or entity_token2. external_account_id3. counterparty.external_counterparty_idorcounterparty.account_number4. timestamp5. transaction_created_date6. amount |
| Recommended Fields | 1. transaction_latest_date2. status3. process_method4. category5. interaction_point6. type_code7. return_code8. is_triggered_by_user |
Please reference events API for a full set of supported fields.
With this example, there are 3 event types involved to complete the lifecycle of this alert:
- Data Storing Event: PII Updates
- Monitoring Event: Transaction
- Data Storing Event: Account Updates
PII Update Request
First, to record the PII updates, we follow a similar approach to the Verifying PII Updates scenario.
Unlike the previous scenario, where you receive information under evaluations[], we are treating this as a data-storing event, which will only return hydrated and updated information associated with the entity. Although Alloy is not performing any monitoring of this event, the request for the update is stored in our system and can be referenced by any future events.
{
"event_type": "person_updated",
"data": {
"external_entity_id": "9e82d5e7-ada0-4957-a8fd-4d937c99bae8",
"timestamp": "2024-03-25T22:28:42.692Z",
"emails": [
{
"email_address": "[email protected]"
}
]
}
}
{
"status_code": 201,
"event_request_token": "EV-w3Fy5VxnzOyUhpshW7yI",
"_links": {
"self": {
"href": "/v1/events/EV-w3Fy5VxnzOyUhpshW7yI"
}
},
"event": {
"event_type": "person_updated",
"event_status": "PROCESSED",
"data": {
"entity_token": "P-pHoEYGBD5I0O7weUUOoo",
"external_entity_id": "efa4cfa2-379c-4f9e-aab5-1a9a933cde15",
"created_at": 1711506386196,
"person_details_updated_at": 1711508054042,
"gender": null,
"birth_date": null,
"name_first": "John",
"name_middle": null,
"name_last": "Doe",
"document_ssn": null,
"document_license": null,
"document_passport": null,
"addresses": [
{
"line_1": "41 E. 11th",
"line_2": null,
"city": "New York",
"state": "NY",
"postal_code": "10003",
"created_at": 1711506385710,
"type": "primary",
"evaluation_token": null
}
],
"emails": [
{
"email_address": "[email protected]"
},
{
"email_address": "[email protected]"
}
],
"phones": [
{
"phone_number": "+19998887777"
}
],
"type": "person",
"_embedded": {
"document_ssns": [],
"birth_dates": []
},
"_links": {
"self": {
"href": "/v1/entities/persons/P-pHoEYGBD5I0O7weUUOoo"
}
}
},
"evaluations": [],
"journey_applications": []
}
}
Transaction Request
Let's assume, a day later, this same Entity requested a large transfer. We can now use a monitored event type and reference the PII change that was made yesterday. To register the new transaction, we will submit a transaction event type that is linked to the corresponding source workflow.
{
"event_type": "transaction",
"data": {
"external_entity_id": "9e82d5e7-ada0-4957-a8fd-4d937c99bae8",
"external_account_id": "105a61e2-0dd9-4c63-858b-e9d7009cdd1d",
"counterparty": {
"account_number": "456789123",
"account_name": "Counterparty Account Test",
"name_first": "John",
"name_last": "Doe",
"country_code": "CU",
"address_line_1": "123 Counterparty Street",
"address_line_2": "APT 5A",
"address_city": "New York",
"address_state": "NY",
"address_postal_code": "11111",
"address_country_code": "CU"
},
"external_transaction_id": "61bf128b-4d63-4dd9-b38d-8228d2bb3d3b",
"timestamp": "2024-03-29T03:35:16.892Z",
"transaction_created_date": "2024-03-29T03:35:16.892Z",
"amount": 100000,
"currency": "USD",
"process_method": "ACH",
"category": "Deposit",
"interaction_point": "Online Form",
"description": "Inbound ACH Transaction",
"type_code": "A725",
"type_description": "ODFI ACH Deposit",
"is_triggered_by_user": true,
"is_international_override": true,
"status": "Acknowledged"
}
}
In the source workflow, we can build a rule utilizing Alloy's Entity History service to trigger an alert for any transfer request made by an Entity with a recent PII Change. This service allows us to look-back at historical data that was previously submitted with another event type at the time of the transaction request.
Transaction Response
Based on the value returned from evaluations[].summary.outcome, you can determine whether to pause and review the transaction, account or approve the request. The outcome return is fully customizable, please contact your Implementation team for additional detail.
If the request is determined to be suspicious that require additional reviews, or actions, an alert will be generated with journey_applications section populated. We recommend subscribing to the Journeys Webhooks for any asynchronous response that might dictate your business logic.
{
"status_code": 201,
"event_request_token": "EV-TOZyhD4Sf7kIrNg9Mc5a",
"_links": {
"self": {
"href": "/v1/events/EV-TOZyhD4Sf7kIrNg9Mc5a"
}
},
"event": {
"event_type": "transaction",
"event_status": "PROCESSED",
"data": {
"description": "Test ACH Transaction",
"card_process_mode": null,
"device_type_code": null,
"type_code": "A725",
"type_description": "ODFI ACH Deposit",
"is_approved": null,
"approval_code": null,
"is_reversal": null,
"batch_identifier": "EV-TOZyhD4Sf7kIrNg9Mc5a",
"meta": null,
"category": "Deposit",
"is_triggered_by_user": true,
"is_international_override": true,
"amount": "100000",
"interaction_point": "Online Form",
"status": "Acknowledged",
"status_detail": null,
"process_method": "ACH",
"return_code": null,
"return_code_reason": null,
"entry_mode": null,
"iso_message": null,
"response_code": null,
"archived_at": null,
"counterparty": {
"account_number": "456789123",
"cif_number": null,
"account_type": null,
"product_code": null,
"product_name": null,
"opening_date": null,
"maturity_date": null,
"closing_date": null,
"activation_date": null,
"expiration_date": null,
"meta": null,
"routing_number": null,
"card_network": null,
"account_name": "Counterparty Account Test",
"tokenization_method": null,
"merchant_category_code": null,
"name_on_card": null,
"account_number_last4": null,
"avs": null,
"account_class": null,
"country_code": "CU",
"description": null,
"program_name": null,
"unlink_timestamp": null,
"currency": "USD",
"external_counterparty_id": null,
"counterparty_token": "A-BgZ8m9uZGL65rnmjxzSV",
"merchant_category_description": null
},
"external_account_id": "105a61e2-0dd9-4c63-858b-e9d7009cdd1d",
"account_token": "A-XRkKSpgKm99RbjtStqgD",
"transaction_created_date": "2024-03-29T03:35:03.300Z",
"transaction_latest_date": "2024-03-29T03:35:03.300Z",
"currency": "USD",
"entity_token": "P-pHoEYGBD5I0O7weUUOoo",
"transaction_settled_date": null,
"external_entity_id": "9e82d5e7-ada0-4957-a8fd-4d937c99bae8",
"external_transaction_id": "1b548e6b-fe5e-4056-be14-ec27c0e24736"
},
"evaluations": [
{
"error": null,
"evaluation_token": "L-0Yelv3TYBJw9cOD9WHHy",
"workflow_token": "fTT7X2uAxiEFmbQzQKV1ZGLVN9hQ1fZL",
"workflow_version_id": 34,
"prefiltered": false,
"summary": {
"result": "success",
"outcome": "Account Review",
"tags": [
"Suspicious PII Change"
]
},
"_links": {
"self": {
"href": "/v1/evaluations/L-0Yelv3TYBJw9cOD9WHHy"
}
}
}
],
"journey_applications": []
}
}
Account Status Update
With this example, we have configured the account to be reviewed when the transfer request was made by an Entity who had an email change in the last 5-days. Depending on the outcome of the agent review, the account can remain active, where no additional action is needed, or the account can be frozen or deactivated if found suspicious. In a case, where the account is deemed suspicious and you would like to freeze the account from transacting, you can submit a data-storing bank_account_updated event for account status.
{
"event_type": "bank_account_updated",
"event_lifecycle_id": "X99-43jf-434klj",
"event_status": "successful",
"data": {
"external_account_id": "105a61e2-0dd9-4c63-858b-e9d7009cdd1d",
"external_entity_id": "9e82d5e7-ada0-4957-a8fd-4d937c99bae8",
"timestamp": "2024-03-25T22:44:52.284Z",
"account_balance": 185000,
"status": "Frozen",
"status_detail": "Awaiting verification",
"supplemental_data": {}
}
}
{
"status_code": 201,
"event_request_token": "EV-74ddyRtVhBq3eF1EuyAk",
"_links": {
"self": {
"href": "/v1/events/EV-74ddyRtVhBq3eF1EuyAk"
}
},
"event": {
"event_type": "bank_account_updated",
"event_status": "PROCESSED",
"data": {
"account_number": "10426757",
"account_number_encrypted": "b848f6488f3568c8c8ef90ad4...",
"account_number_hashed": "de92be6b6473badcec68d9a6c23f...",
"cif_number": null,
"account_type": null,
"product_code": "DDA01",
"product_name": "Alloy Business Checking",
"opening_date": "2023-03-22T00:00:00.000Z",
"maturity_date": null,
"closing_date": null,
"activation_date": null,
"expiration_date": null,
"meta": {
"somedata": "string"
},
"routing_number": "000123456789",
"external_ingestion_identifier": null,
"card_network": "visa",
"account_name": "John Doe Business",
"tokenization_method": null,
"merchant_category_code": null,
"name_on_card": null,
"account_number_last4": null,
"avs": null,
"account_class": "deposit",
"country_code": "US",
"description": null,
"program_name": null,
"mcc_description": null,
"is_linked_account": false,
"link_timestamp": null,
"unlink_timestamp": null,
"currency": "USD",
"account_hash": null,
"account_balance": "0.00",
"credit_limit": null,
"status": "Frozen",
"status_detail": "Awaiting verification",
"as_of_date": "2024-03-25T00:00:00.000Z",
"external_account_id": "105a61e2-0dd9-4c63-858b-e9d7009cdd1d",
"account_token": "A-veYTeL4YRlFnRsxinwt7"
},
"evaluations": [],
"journey_applications": []
}
}
Updated 8 months ago