- Added support for the new risk reasons outputs in minFraud Factors. The risk reasons output codes and reasons are currently in beta and are subject to change. We recommend that you use these beta outputs with caution and avoid relying on them for critical applications.
- Updated the validation for the Report Transactions API to make the
ip_address
parameter optional. Now thetag
and at least one of the following parameters must be supplied:ip_address
,maxmind_id
,minfraud_id
,transaction_id
. - Updated the validation for the Report Transactions API to check that
ip_address
,maxmind_id
, andminfraud_id
contain valid values. - Added
billing_phone
andshipping_phone
attributes to the minFraud Insights and Factors response models. These contain objects with information about the respective phone numbers. Please see our developer site for more information. - Added the processor
:payconex
toMinfraud::Components::Payment
.
- Equivalent domain names are now normalized when
hash_address
is used. For example,googlemail.com
will becomegmail.com
. - Periods are now removed from
gmail.com
email address local parts whenhash_address
is used. For example,[email protected]
will become[email protected]
. - Fastmail alias subdomain email addresses are now normalized when
hash_address
is used. For example,[email protected]
will become[email protected]
. - Additional
yahoo.com
email addresses now have aliases removed from their local part whenhash_address
is used. For example,[email protected]
will become[email protected]
for additionalyahoo.com
domains. - Duplicate
.com
s are now removed from email domain names whenhash_address
is used. For example,example.com.com
will becomeexample.com
. - Certain TLD typos are now normalized when
hash_address
is used. For example,example.comcom
will becomeexample.com
. - Additional
gmail.com
domain names with leading digits are now normalized whenhash_address
is used. For example,100gmail.com
will becomegmail.com
. - Additional
gmail.com
typos are now normalized whenhash_address
is used. For example,gmali.com
will becomegmail.com
. - When
hash_address
is used, all trailing periods are now removed from an email address domain. Previously only a single period was removed. - When
hash_address
is used, the local part of an email address is now normalized to NFC.
- Ruby 2.7+ is now required. If you're using Ruby 2.5 or 2.6, please use version 2.3.0 of this gem.
- Added the processors
:pxp_financial
and:trustpay
toMinfraud::Components::Payment
.
- Added the processor
:shopify_payments
toMinfraud::Components::Payment
. - Added the processor
:google_pay
toMinfraud::Components::Payment
. - Added the processor
:placetopay
toMinfraud::Components::Payment
. - In addition to the minfraud gem version, the User-Agent now includes the version of Ruby and the version of the HTTP client in all HTTP requests.
- Updated
maxmind-geoip2
to version that includes theanycast?
method onMaxMind::GeoIP2::Record::Traits
. This returnstrue
if the IP address belongs to an anycast network. This is available in minFraud Insights and Factors.
- Added the input
/credit_card/country
. This is the country where the issuer of the card is located. This may be passed instead of the/credit_card/issuer_id_number
if you do not wish to pass partial account numbers or if your payment processor does not provide them. You may provide this using thecountry
attribute onMinfraud::Components::CreditCard
.
- Adds the following new processor to
Minfraud::Components::Payment
::windcave
- The
last_4_digits
input toMinfraud::Components::CreditCard
has been deprecated in favor oflast_digits
and will be removed in a future release.last_digits
/last_4_digits
also now supports two digit values in addition to the previous four digit values. - Eight digit
issuer_id_number
inputs are now supported byMinfraud::Components::CreditCard
in addition to the previously accepted six digitissuer_id_number
. In most cases, you should send the last four digits forlast_digits
. If you send anissuer_id_number
that contains an eight digit IIN, and if the credit card brand is not one of the following, you should send the last two digits forlast_digits
:Discover
JCB
Mastercard
UnionPay
Visa
- Breaking change from 1.x: Removed deprecated methods
is_in_european_union
,is_anonymous
,is_anonymous_vpn
,is_hosting_provider
,is_public_proxy
, andis_tor_exit_node
. The non-deprecated equivalents arein_european_union?
,anonymous?
,anonymous_vpn?
,hosting_provider?
,public_proxy?
, andtor_exit_node?
. - Breaking change from 1.x: Removed deprecated methods for deprecated
subscores:
email_tenure
andip_tenure
. Foremail_tenure
, please use theemail_address
subscore instead. Forip_tenure
, please userisk_score
instead. - Breaking change from 1.x: Removed deprecated method for deprecated
attribute
ip_address.country.is_high_risk
. - Breaking change from 1.x: Switches HTTP client from faraday to http.rb. There should be no behavior change for most users, but this is technically a breaking change from the perspective of semver. Most users should not be affected as the changes are limited to attributes and classes that would not normally be accessed outside the gem.
- Breaking change from 1.x:
user_id
is no longer supported as a way to configure your MaxMind account ID. Useaccount_id
instead. - Breaking change from 1.x: Removed the
Minfraud.configuration
method. - Breaking change from 1.x: Localized names are no longer exposed via
methods on
names
objects, only as hash keys. For example, useresponse.ip_address.country.names['en']
instead ofresponse.ip_address.country.names.en
. The latter was deprecated. - Adds mobile country code (MCC) and mobile network code (MNC) to minFraud
Insights and Factors responses. These are available at
response.ip_address.traits.mobile_country_code
andresponse.ip_address.traits.mobile_network_code
. We expect this data to be available by late January, 2022. - Adds the following new processors to
Minfraud::Components::Payment
::boacompra
:boku
:coregateway
:fiserv
:neopay
:neosurf
:openbucks
:paysera
:payvision
:trustly
- Depend on the
maxmind-geoip2
gem. This allows us to delete classes from that gem that we previously had included in this gem. There is no functional difference.
- Adds new processor to
Minfraud::Components::Payment
::cardknox
,:creditguard
,:credorax
,:datacap
,:dlocal
,:onpay
, and:safecharge
. - Adds
rule_label
to minFraud output/disposition
. - Adds support for the
/credit_card/was_3d_secure_successful
input. This is available by setting thewas_3d_secure_successful
attribute onMinfraud::Components::CreditCard
. - Ruby 2.5+ is now required. If you're using Ruby 2.1, 2.2, 2.3, or 2.4, please use version 1.5.0 of this gem.
- Adds the
hash_address
attribute toMinfraud::Components::Email
. If this istrue
, the MD5 hash of theaddress
will be sent instead of the plain textaddress
. Use this if you prefer to send the hash of theaddress
rather than the plain text. Note that this normalizes theaddress
, so we recommend using it as opposed to hashing theaddress
manually. - The email
domain
input is now automatically set if the emailaddress
input is set but thedomain
is not. - Adds new payment processors
:apple_pay
and:aps_payments
toMinfraud::Components::Payment
. - Adds support for the IP address risk reasons in the minFraud Insights
and Factors responses. This is available at
.ip_address.risk_reasons
. It is an array ofIPRiskReason
objects.
- Do not throw an exception if the response does not include IP address
information. Previously we would incorrectly try to retrieve fields from
nil
, leading to aNoMethodError
.
- IMPORTANT: Ruby 2.0 is no longer supported. If you're using Ruby 2.0, please use version 1.3.0.
- Adds handling for the
REQUEST_INVALID
error code. - The IP address is no longer a required input.
- Adds new payment processor
:tsys
toMinfraud::Components::Payment
.
- Adds support for persistent HTTP connections. Connections persist automatically.
- IMPORTANT: Ruby 1.9 is no longer supported. If you're using Ruby 1.9, please use version 1.2.0 or older.
- Adds support for client side validation of inputs. An
InvalidInputError
exception will be raised if an input is invalid. This can be enabled by settingenable_validation
totrue
when configuringMinfraud
. It is disabled by default. - Adds the
residential_proxy?
method toMaxMind::GeoIP2::Record::Traits
for use with minFraud Insights and Factors.
- Adds new processor types to
Minfraud::Components::Payment
::cashfree
,:first_atlantic_commerce
,:komoju
,:paytm
,:razorpay
, and:systempay
. - Adds support for three new Factors outputs:
/subscores/device
(the risk associated with the device),/subscores/email_local_part
(the risk associated with the part of the email address before the @ symbol) and/subscores/shipping_address
(the risk associated with the shipping address). - Adds support for providing your MaxMind account ID using the
account_id
attribute instead of theuser_id
attribute. In a future release, support for theuser_id
attribute will be removed.
- Adds support for the minFraud Report Transaction API. Reporting transactions to MaxMind helps us detect about 10-50% more fraud and reduce false positives for you.
- Adds support for the new credit card output
/credit_card/is_business
. This indicates whether the card is a business card. It may be accessed viaresponse.credit_credit.is_business
on the minFraud Insights and Factors response objects. - Adds support for the new email domain output
/email/domain/first_seen
. This may be accessed viaresponse.email.domain.first_seen
on the minFraud Insights and Factors response objects. - Rename
ErrorHandler#inspect
toErrorHandler#examine
in order not to break LSP. - Adds classes for the Score, Insights, and Factors responses. This allows us to provide API documentation for the various response attributes.
- Removes
hashie
as a required dependency. - Adds new processor types to
Minfraud::Components::Payment
::affirm
,:afterpay
,:cardpay
,:ccavenue
,:cetelem
,:ct_payments
,:dalenys
,:datacash
,:dotpay
,:ecommpay
,:epx
,:g2a_pay
,:gocardless
,:interac
,:klarna
,:mercanet
,:oney
,:payeezy
,:paylike
,:payment_express
,:paysafecard
,:posconnect
,:smartdebit
,:synapsefi
, and others. - Adds support for passing custom inputs to minFraud. GitHub #6.
- Adds
:email_change
,:password_reset
, and:payout_change
as types toMinfraud::Components::Event
. - Adds support for the
session_id
andsession_age
inputs.
- Prevents boolean value conversion to string to avoid warnings
- Adds
amount
attribute to theMinfraud::Components::Order
instances
- Adds
token
attribute to theMinfraud::Components::CreditCard
instances according to the MinFraud Release Notes introduced on November 17, 2016
- Adds support for Ruby >= 1.9