This guide is written for companies offering airline, hotel, train, or car rental reservations, including online travel agencies (OTA). Use Sift Scores to stop fraudsters from purchasing reservations with stolen credit cards.
Send User Events
A core integration includes the following (when applicable):
User creates an account
- If users can create accounts, send a $create_account event.
- If users can checkout anonymously, follow our tutorial.
You interact with a payment gateway
- Send a $transaction event for each payment gateway interaction, as well as each other payment method accepted for the order (e.g. points).
- When a payment gateway informs you of a chargeback, send a fraud label.
User purchases a reservation
- When a user purchases a reservation, send a $create_order event, taking advatage of all
'$items'fields you can, such as:
'$category' : e.g. 'flight' / 'hotel' / 'car_rental' / 'train'
'$brand' : e.g. 'United Airlines' / 'Holiday Inn' / 'Enterprise' / 'Amtrak'
'$product_title' : 'First class'(ticket class, etc.)
- Send custom fields on the
$create_orderto capture differences between users and reservations. For example:
'website_brand' : e.g. 'hotelsrightnow.com', 'airplanestomorrow.com'(if you operate multiple brands)
'site_language' : e.g. 'ES', 'FR', 'PR'(if you operate in multiple languages)
'order_source' : e.g 'web' / 'iOS' / 'Android'
flight_days_to_departure: number of days as an integer from when the order is placed to when the flight departure date is. Booking with departure within 24 hours will have value of 0. Optionally use
flight_hours_to_departureif more appropriate.
flight_duration: in hours for total travel time as an integer.
flight_route: send the departure and final arrival airport codes for the route, e.g.
flight_departure_time: A unix timestamp in milliseconds representing the departure date and time
flight_departure_day: Send a three letter string representing the day of week (e.g.
flight_departure_hour: Send an integer between
23for the hour of departure as an integer.
flight_departure_week: Send an integer between
51representing the week of the year of the flight to help capture seasonal trends
flight_departure_country: if you offer both domestic and international travel,
flight_destination_country: if you offer both domestic and international travel,
flight_country_pair: If you offer both domestic and international travel, send the departure and arrival country as a pair, e.g.,
flight_departure_airport: The IATA 3 letter airport code for the departure airport.
flight_arrival_airport: The IATA 3 letter airport code for the arrival airport.
flight_num_segments: Total segments for the trip as an integer. A one-way direct flight will have value of 1.
train_days_to_departure: number of days as an integer from when the order is placed to when the train departure time is. Booking with departure within 24 hours will have value of 0. Optionally use
train_hours_to_departureif more appropriate.
train_duration: in hours for total travel time as an integer
train_route: send the departure and final arrival station codes (or names) for the route in
train_departure_time: A unix timestamp in seconds or milliseconds representing the departure date and time
train_departure_day: Send a three letter string representing the day of week (e.g.
train_departure_hour: Send an integer between
23for the hour of departure as an integer.
train_departure_week: Send an integer between
51representing the week of the year of the train departure to help capture seasonal trends.
train_departure_country: If you offer both domestic and international travel,
train_arrival_country: If you offer both domestic and international travel,
train_country_pair: If you offer both domestic and international travel, send the departure and arrival country as a pair
train_arrival_station: station code or name
train_departure_station: station code or name
days_to_rental: the days as an integer from when the order is placed to when the rental pickup day is. Same day booking will have value of 0.
rental_duration: in days for total time vehicle is booked.
rental_pickup_time: A unix timestamp in seconds or milliseconds representing the pickup date and time
rental_pickup_airport: if the pickup is at an airport, then send the IATA 3 letter airport code
age_group : 'under 21' / '21-25' / '25+'
liability + collision,
hotel_checkin_airport: if the hotel is at an airport, then send the IATA 3 letter airport code
hotel_duration: The number of days the reservation is for
days_to_checkin: Number of days as integer from order date to hotel check-in day. Same day bookings will have a value of 0.
If you offer Flight reservations:
If you offer Train reservations:
If you offer car rentals:
If you offer hotel reservations:
The following events can be sent to capture a more complete picture of users when applicable: $update_account, $login, $logout, $chargeback. When a user performs a search, you can send a custom event
Send Feedback to Sift
One of the key strengths of the Sift Science platform is that as you give it feedback it continues to learn and adapt to patterns. By providing continuous feedback on who your good and bad users are, we will evolve our detection and improve the accuracy of risk scores. You’ll be able to stop bad actors even as they change their attack vectors. In addition to sending an optional historical backfill:
- Create a Feedback focused Workflow where you review high scoring users and tell us how well we are predicting your fraudsters.
- If you are already doing manual review in your existing system, just send the outcome of each review to our Labels API
Once you’re up and running with Sift, continuing to send feedback will improve your score accuracy in real-time, catching bad users as soon as they appear. This is an important part of a successful integration.
Make Decisions with Sift
Scores are an indication of how risky a user is for a given abuse type. You can use these scores
as a means to block bad users, add friction to users you are unsure about (e.g., SMS verification), and let good users sail right through. You’ll likely be making this check at
The two ways to do this are:
- Create a Sift Workflow You can build application logic into Sift with our Workflow product. Workflows let you set up criteria that get evaluated whenever specified events occur. Learn more in our Workflows tutorial.
- Build application logic in your system An alternate approach is to request abuse specific risk scores to be returned in the response of the user events you send. See our API documentation
Any questions? We're happy to talk it through.