The MIDSuite Client API provides several services that help payment platforms and merchants evaluate transactions, detect fraud, and verify customer identities. Each service focuses on a specific type of risk analysis and can be used independently or combined into more advanced workflows.

Integrators can choose between two common integration approaches:

Option A — Individual Service CallsCall one or more services directly from your application. This approach provides the simplest integration and gives your system full control over when and how each service is executed.

Option B — Pipeline APIUse the Pipeline API to execute multiple services in a single request. Pipelines allow MIDSuite to orchestrate the evaluation process based on a predefined configuration.

Both approaches provide access to the same underlying services and can be selected based on the complexity of your risk evaluation workflow.

PreCheck

PreCheck performs card-level validation and transaction safety checks before attempting payment authorization. It helps identify potentially invalid or risky card data early in the checkout process.

Typical capabilities include:

• Address Verification Service (AVS) checks

• CVV validation results

• Card status evaluation and risk advice

PreCheck responses provide an advice value indicating whether the transaction appears acceptable, should be retried, or should be declined.

Common use cases include:

• Validating card details before authorization

• Reducing gateway declines caused by invalid input

• Screening transactions before applying deeper fraud checks

Rules

The Rules service provides a deterministic fraud decision engine that evaluates transactions against configurable risk rules.

Based on the data provided in the request, the Rules engine returns a status such as:

• ACCEPT – transaction appears safe

• REVIEW – transaction may require manual review

• DENY – transaction should be rejected

• INCOMPLETE – insufficient information to evaluate

• NO_MATCH – no rules matched the request

Rules are typically used to enforce business-specific fraud policies, such as geographic restrictions, transaction patterns, or risk thresholds.

Sentry

Sentry performs behavioral and contextual risk analysis using signals related to the customer, device, and transaction environment.

Inputs may include information such as:

• Customer IP address

• Device information

• Account details

• Order metadata

• Shopping cart data

Sentry produces request confidence score:

• requestConfidence – overall risk assessment of the request (higher is better)

This score can be incorporated into fraud decision workflows or used as an input to the Rules engine.

ID Verify

ID Verify provides advanced identity verification capabilities for confirming that a customer’s identity matches the information provided during a transaction.

This service supports verification of identity attributes such as:

• Driver’s license

• Passport

• National identity number

• Tax identification number

Additional verification checks may include:

• Email verification

• Phone number verification

• Cardholder name matching

ID Verify is considered a premium verification service and is typically used when a higher level of identity assurance is required.

Common scenarios include:

• High-risk transactions

• Account verification and KYC workflows

• Age verification and regulatory compliance

Pipeline

The Pipeline API allows multiple services to be executed within a single orchestrated request.

Rather than calling each service individually, a pipeline runs a predefined sequence of services configured in the MIDSuite portal. Pipelines are referenced using a

pipelineId

, which corresponds to a configuration created and managed within the MIDSuite merchant portal.

Pipelines can combine services such as:

• PreCheck

• Rules

• Sentry

• ID Verify

The order and combination of services in a pipeline are fully configurable, allowing organizations to implement sophisticated risk evaluation workflows without managing multiple API calls.

Choosing an Integration Strategy

The appropriate integration strategy depends on the complexity of your fraud and verification workflow.

Use individual services when:

• Your application controls the decision flow

• You only need one or two services

• You want to evaluate results between service calls

Use the Pipeline API when:

• You want a single API call to run multiple services

• Your workflow requires consistent orchestration

• You want evaluation logic managed through MIDSuite configuration

Both approaches provide flexible access to MIDSuite’s risk and verification capabilities, allowing teams to tailor integrations to their specific operational and security requirements.