This page is your complete guide to describe how to set up secure voucher redemption and reduce fraud-related rejections
Viator’s fraud prevention platform runs checks on every transaction where Viator is the merchant of records and flags any transaction that meets at least one fraud suspicious criteria.
In the past, every flagged transaction was automatically rejected.
Who is this guide for?
Full + Booking Access Affiliates who use either the API payments solution or the iframe solution and share Viator vouchers with customers in addition to booking confirmation emails with voucher details provided to customers by Viator.
The Viator API now supports a new field that informs you whether a transaction has been flagged as potential fraud. When that happens, you are required to secure voucher redemption.
This flow is part of Certification – we will check that the isVoucherRestrictionRequired field is correctly validated on your end. If you fail to comply with this requirement, transactions will be blocked by our fraud system resulting in a bad user experience and a loss of revenue.
This flow is part of Certification. If you fail to comply with this requirement, transactions will be blocked by our fraud system resulting in a bad user experience and a loss of revenue.
How to ensure vouchers are delivered securely
When a transaction is flagged as potentially fraudulent, this information is sent in the bookings/cart/book response in the isVoucherRestrictionRequired field. This information is only sent at cart and item level if booking is successful. For manual confirmation bookings, this information is sent in bookings/status endpoint.
Below is an example response for a fraud flagged transaction where a partner is certified as securely delivering vouchers access. The response is from booking/cart/book and only the relevant attributes are shown for brevity.
…
“status” : “CONFIRMED”,
“voucherInfo” : {
“format” : “HTML”,
“type” : “STANDARD”,
“url” : “https://www.viator.com/ticket?code=1234”,
“isVoucherRestrictionRequired” : true
}
…
In this case the partner is required to secure voucher redemption and not provide direct access to the voucher. This means partners can not display or load the voucher in any of their pages after checkout- it will be sent by email ensuring that the voucher is delivered securely to the end customer.
Below is an example of the Viator email that will be sent to the customer:
Below is an example response for a fraud flagged transaction where a partner is yet to implement the changes to securely deliver vouchers access. The response is from booking/cart/book and only the relevant attributes are shown for brevity.
…
“status” : “REJECTED”,
“rejectionReasonCode”:”ISSUE_WITH_PAYMENT”,
“voucherInfo” : {
“format” : “HTML”,
“type” : “STANDARD”,
“url” : “https://www.viator.com/ticket?code=1234”,
“isVoucherRestrictionRequired” : true
}
…