Card Event Notification File

A record of debit card properties which tie back to events in the corresponding Event Notification File.

Card Event Notification File Definition

The Card Event Notification File is created by Helix on an hourly basis. It has the following properties:

  1. Fixed-length
  2. ANSI encoded
  3. Line endings are Windows-style CarriageReturn + LineFeed (\r\n, or 0x0D0A)
  4. File will be available in the relative directory of /EventNotification
  5. File name follows a specific, case-sensitive pattern of: yyyyMMddhhmm_DEBITCARDEVENTNOTIFICATION.TXT

🚧

Format Disclaimer
Helix reserves the right to append new field(s) to the end of any Header or Content line without notice. This is to allow new data points to be added as needed in a timely fashion.

Implementation Note
Your code should be written such that unexpected characters after the "last" field but prior to the end of each line should be ignored. That is, if the file is documented as being 872 bytes per line, receiving a file with 984 bytes per line should not disrupt your processing. This applies to both Header and Content lines.

File Name Disclaimer
The date in file name should be used as a guideline for human eyes only. Any date-related programmatic dependencies should rely on the FileCreatedDate or FileEffectiveDate contained within the header line of each file, as these will be precise to the second and will be in the appropriate timezone.

Header Row

PropertyData Type (Length)AlignmentStart PositionDescription
RecordTypestring (1)Left1The flag for the header row. Will always be H.
FileNamestring (50)Left2The name of this request file excluding path.
Format: yyyyMMddhhmm_DEBITCARDEVENTNOTIFICATION.TXT
Example: 201901210939_DEBITCARDEVENTNOTIFICATION.TXT
RecordCountinteger (10)Right52The number of records represented within the file. This field is zero-padded on the left side.
Example: 0000000872
FileCreatedDatedatetime (34)Left62The date the file was created. Follows same format as API.
Example: 2014-10-20T10:30:31.456-05:00
See data format guidelines
FileEffectiveDatedatetime (34)Left96The date to which the data in the file pertains. Follows same format as API.
Example: 2014-10-20T23:59:59.999-05:00
See data format guidelines

Content Row

PropertyData Type (Length)AlignmentStart PositionDescription
UserEventIDinteger (19)Right1The unique identifier for an event. Use this field alone to cross reference against the Event Notification File or the Realtime Event sent via Azure Service Bus. This field is zero-padded on the left side.
Example: 0000000872
CustomerIdinteger (10)Right20The Helix-assigned unique ID for a customer. This field is zero-padded on the left side.
Example: 0000000872
CardIdinteger (10)Right30The Helix-assigned unique ID for the card to which this event applies. This field is zero-padded on the left side.
Example: 0008309285
TransactionIdinteger (19)Right40The Helix-assigned unique ID for the transaction object to which this event applies. May be 0000000000 if this event does not apply to a specific transaction. This field is zero-padded on the left side.
Example: 0008309285
AuthorizationTransactionIdinteger (19)Right59The unique identifier for the associated authorization transaction. May be 0000000000 if it does not apply. This field is zero-padded on the left side.
Example: 0008309285
RequestTypeCodestring (3)Left78The method of request from the debit rails. Possible values:
- REQ: (Request; Helix approved or denied the message)
- ADV: (Advice; The network provider approved or denied the message and notified Helix afterwards).
RESERVEDstring (12)Left81This range of bytes is reserved for future use.
MerchantCategoryCodestring (4)Left93The exact Merchant Category Code value received from the network provider.
MerchantGroupTypeCodestring (6)Left97A grouping of multiple Merchant Category Codes into fewer, more useful sets. See Merchant Group Codes for more information.
CashbackAmountinteger (10)Right103The amount of cashback provided when the transaction occurred. This field is zero-padded on the left side and two decimals will be assumed, e.g., 000000000000832 represents an amount of $8.32.
SurchargeAmountinteger (10)Right113The amount of the surcharge applied when the transaction occurred. This field is zero-padded on the left side and two decimals will be assumed, e.g., 000000000000832 represents an amount of $8.32.
CashDepositAmountinteger (10)Right123The amount of cash deposited when the transaction occurred. This field is zero-padded on the left side and two decimals will be assumed, e.g., 000000000000832 represents an amount of $8.32.
CheckDepositAmountinteger (10)Right133The amount of the check deposited when the transaction occurred. This field is zero-padded on the left side and two decimals will be assumed, e.g., 000000000000832 represents an amount of $8.32.
TerminalIdstring (15)Left143The identification code of the device at the merchant that accepted the card information.
MerchantIdstring (15)Left158The identification code of the merchant that accepted the card information.
MerchantLocationstring (25)Left173The location of the merchant at which the transaction originated.
MerchantCitystring (13)Left198The city of the merchant at which the transaction originated.
MerchantStateCodestring (2)Left211The two-character state abbreviation of the merchant at which the transaction originated.
MerchantZipCodestring (9)Left213The postal code of the merchant at which the transaction originated.
MerchantCountryCodestring (2)Left222The two-character country abbreviation of the merchant at which the transaction originated.
PanEntryModeTypeCodestring (10)Left224The method by which the card number was input to the merchant's device.

Possible values for Shazam:
- KEY: Manually (key) entered
- MAG: Magnetic stripe read
- MAN: Manual, no terminal
- UNK: Unknown

Possible values for Visa DPS:
- UNK: Unknown
- MAN: Manual/no terminal
- MAG: Magnetic stripe read
- QRC: QR code
- OCR: OCR
- ICC: Integrated Circuit Card
- KEY: Key entered
- FIL: File
- MCR: MICR reader
- CLS: Contactless
- CLM: Contactless via Mag Stripe Rules
PinEntryModeTypeCodestring (10)Left234The method by which the card holder was validated at the merchant's device. Possible values:
- N/A: Not Applicable
- PIN: Network Provider-verified PIN
- PWD: Password authentication
- NOPIN: NO PIN entry capability
- PININOP: PIN pad inoperative
CardHolderPresenceTypeCodestring (10)Left244The presence of the card holder at the time the transaction was originated.

Possible values for Shazam:
- INSTALL: Cardholder not present, installment payment
- MAILTEL: Cardholder not present, mail or telephone order
- MOBILE: Mobile
- NOTPRESENT: Cardholder not present, unspecified
- PRESENT: Cardholder present
- RECUR: Cardholder not present, recurring payment
- TRANSFER: Money Transfer
- UNKNOWN: Unknown
- WEB: Web

Possible values for Visa DPS:
- INSTALL: Installment Payment
- MAILTEL: Mail/Telephone Order (unknown classification)
- NOTPRESENT: Customer not present
- PRESENT: Customer present
- RECUR: Recurring transaction
- TOPUP: Account top up
- MAILTEL1 : Single transaction for Mail/Telephone Order
CardPresenceTypeCodestring (10)Left254The presence of the physical card at the time the transaction was originated.

Possible values for Shazam:
- NOTPRESENT: Card not present
- PRESENT: Card present

Possible values for VisaDPS:
- NOTPRESENT: Card not present
- PRESENT: Card present
- PREAUTH: Pre-authorized purchase
TerminalUnattendedTypeCodestring (10)Left264Possible values:
- ATTENDED: Terminal was attended
- NOTERM: No terminal
- UNATTENDED: Terminal was unattended
TerminalPremisesTypeCodestring (10)Left274Location of the merchant's device in relation to the merchant's location. Possible values:
- ECOMM: Electronic Commerce
- OFFPREM: Off premise
- ONPREM: On premise
CustomerTagstring (50)Left284The tag property of the customer object.
CardTagstring (50)Left334The tag property of the card object.
Amountinteger (10)Right384The amount of funds this transaction represents. This field is zero-padded on the left side and two decimals will be assumed, e.g., 000000000000832 represents an amount of $8.32.
AvailableDatedatetime (34)Left394The date the transaction was made available / is projected to be made available. Follows same format as API.
Example: 2014-10-20T10:30:31.456-05:00
See data format guidelines
CreatedDatedatetime (34)Left428The date the transaction was created. Follows same format as API.
Example: 2014-10-20T10:30:31.456-05:00
See data format guidelines
CustomField1string (50)Left462The customField1 property of the transaction object.
Descriptionstring (255)Left512The NACHA-supplied description for this transaction.
DenialReasonstring (255)Left767Text describing why a transaction was denied from taking place.
FeeCodestring (3)Left1022The programmatic value for the type of fee this transaction represents. Possible values:
- RGD: Regulation D Fee
- RTN: Return Item Fee
- NSF: Insufficient Funds Fee
FeeDescriptionstring (50)Left1025A human-readable description of the feeCode
FriendlyDescriptionstring (255)Left1075A human-readable, automatically generated description of the transaction that caused the event. Driven by the typeCode of the transaction.
FromAccountAmountinteger (10)Right1330Total balance of the customer account that was debited, after the debit was applied, including funds that have holds placed on them. Represents all settled transactions to date. This field is zero-padded on the left side, and two decimals will be assumed. e.g., 000000000000832 represents an amount of $8.32.
FromAccountIdinteger (10)Right1340The unique identifier for the customer account that was debited. This field is zero-padded on the left side.
Example: 0008309285
FromAccountNumberMaskedstring (50)Left1350Masked version of the Account number of the customer account that was debited.
Example: ********1234
FromAvailableAmountinteger (10)Right1400Balance available for immediate withdrawal from the customer account that was debited after the debit was applied. This field is zero-padded on the left side and two decimals will be assumed, e.g., 000000000000832 represents an amount of $8.32.
FromCategorystring (50)Left1410The caller-specified category to which the customer account that was debited belongs.
FromCreatedDatestring (34)Left1460Date the customer account was created.
FromCustomField1string (50)Left1494The customField1 property of the account object that was debited.
FromCustomField2string (50)Left1544The customField2 property of the account object that was debited.
FromCustomField3string (50)Left1594The customField3 property of the account object that was debited.
FromCustomField4string (50)Left1644The customField4 property of the account object that was debited.
FromCustomField5string (50)Left1694The customField5 property of the account object that was debited.
FromLegalName1string (100)Left1744The first legal name used to identify the customer account that was debited.
FromLegalName2string (100)Left1844A secondary legal name used to identify the customer account that was debited.
FromNamestring (50)Left1944A caller-specified, user-friendly name for the customer account that was debited.
FromPendingAmountinteger (10)Right1994Balance of pending deposit transactions on the customer account that was debited, after the debit was applied. This field is zero-padded on the left side, and two decimals will be assumed, e.g., 000000000000832 represents an amount of $8.32.
FromPrimaryCustomerIdinteger (10)Right2004Denotes the customer considered the primary owner for the account that was debited. This field is zero-padded on the left side.
Example: 0008309285
FromSubCategorystring (50)Left2014The caller-specified subcategory to which the customer account that was debited belongs.
FromTagstring (50)Left2064A caller-specified, unique identifier for the customer account that was debited.
InstitutionNamestring (50)Left2114The name of the institution from which the transaction originated.
MasterIdlong integer (19)Right2164The unique identifier created by Helix used to group related transactions together that caused this event. This field is zero-padded on the left side.
Example: 0000000123458309285
ModifiedByIdinteger (10)Right2183The unique identifier for the Customer, Admin User, or 0 for system generated events. This field is zero-padded on the left side.
Example: 0008309285
PayloadTypeIdinteger (10)Right2193The "type" of payload in the data node. Represents a predefined set of properties that could potentially appear in the data node. (properties with null values for a particular instance of the payload will be excluded)
SettledDatedatetime (34)Left2203The date the transaction was settled / is projected to settle. Follows same format as API.
Example: 2014-10-20T10:30:31.456-05:00
See data format guidelines
SubTypestring (255)Left2237The description of the SubTypeCode for this transaction.
SubTypeCodestring (6)Left2492The Merchant Category Code of the merchant where the transaction originated. Categorizes merchants with similar lines of business together.
Tagstring (50)Left2498The tag property from the transaction object.
ToAccountAmountinteger (10)Right2548Total balance of the customer account that was credited, after the credit was applied, including funds that have holds placed on them. Represents all settled transactions to date. This field is zero-padded on the left side and two decimals will be assumed, e.g., 000000000000832 represents an amount of $8.32.
ToAccountIdinteger (10)Right2558The unique identifier for the customer account that was credited. This field is zero-padded on the left side.
Example: 0008309285
ToAccountNumberMaskedstring (50)Left2568Masked version of the Account number of the customer account that was credited.
Example: ********1234
ToAvailableAmountinteger (10)Right2618Balance available for immediate withdrawal from the customer account that was credited after the credit was applied. This field is zero-padded on the left side and two decimals will be assumed, e.g., 000000000000832 represents an amount of $8.32.
ToCategorystring (50)Left2628The caller-specified category to which the customer account that was credited belongs.
ToCreatedDatedatetime (34)Left2678Date the customer account was created.
ToCustomField1string (50)Left2712The customField1 property of the account object that was credited.
ToCustomField2string (50)Left2762The customField2 property of the account object that was credited.
ToCustomField3string (50)Left2812The customField3 property of the account object that was credited.
ToCustomField4string (50)Left2862The customField4 property of the account object that was credited.
ToCustomField5string (50)Left2912The customField5 property of the account object that was credited.
ToLegalName1string (100)Left2962The first legal name used to identify the customer account that was credited.
ToLegalName2string (100)Left3062A secondary legal name used to identify the customer account that was credited.
ToNamestring (50)Left3162The name property of the account object that was credited.
ToPendingAmountinteger (10)Right3212Balance of pending deposit transactions on the customer account that was credited, after the credit was applied. This field is zero-padded on the left side and two decimals will be assumed, e.g., 000000000000832 represents an amount of $8.32.
ToPrimaryCustomerIdinteger (10)Right3222Denotes the customer considered the primary owner for the account that was credited. This field is zero-padded on the left side.
Example: 0008309285
ToSubCategorystring (50)Left3232The caller-specified subcategory to which the customer account that was credited belongs.
ToTagstring (50)Left3282A caller-specified, unique identifier for the customer account that was credited.
Typestring (50)Left3332A human-readable representation of the type of transaction that caused this event.
TypeCodestring (6)Left3382The typeCode of the transaction object.
EventTypeIdinteger (10)Right3388The Event Type Id of event that occurred.
NetworkProviderTypeIdinteger (1)Left3398The id of card's network provider.
- 1: Shazam
- 2: VisaDps
PointOfServicePanEntryModestring (2)Left3399Useful when determining how the PAN was entered.
- 00: Unspecified
- 01: Manual
- 02: Magnetic stripe
- 03: Optical Code
- 04: OCR
- 05:Integrated circuit card
- 06: Manual (key-entered)
- 07: Contactless chip transaction using chip data rules
- 90: Full magnetic stripe read
PointOfServicePinEntryModestring (1)Left3401Useful when determining how the PIN was entered.
- 0: Unspecified
- 1: PIN entry capability
- 2: No PIN entry capability
- 6: PIN pad inoperative
Cvv2PresenceIndicatorstring (1)Left3402CVV2 Presence Indicator
- 0: CVV2 Value is deliberately bypassed or is not provided by the merchant
- 1: CVV2 Value is present
- 2: CVV2 Value is on the card but is illegible
- 9: Cardholder states that the card has no CVV2 imprint
Cvv2Resultstring (1)Left3403CVV2 Result
- M: Match
- N: No Match
- P: Not Processed
- S: CVV2 should be on the card, but the merchant has indicated that CVV2 is not present
- U: Issuer is not certified and/or has not provided Visa with the encryption keys
Tokenstring (19)Left3404Payment Account Reference Number (PAR) with a maximum length of 29. This field only applies if PrivatelyDefinedData_ProcessingFlags=T
TokenAssuranceLevelstring (2)Left3423Cardholder Verification Method. This field only applies if PrivatelyDefinedData_ProcessingFlags=T.
- 1: Unknown
- 2: None
- 3: Signature
- 4: Online PIN
- 5: Offline PIN or Passcode
- 6: Cardholder Device Code
- 7: Fingerprint biometric verified by cardholder device
- 8: Cardholder device pattern
DigitalWalletTokenRequestorTypeIdinteger (2)Right3425Digital Commerce Indicator. This field only applies if PrivatelyDefinedData_ProcessingFlags=T.
- 01: Visa Digital Commerce
- 10: Apple Pay
- 20: Google Pay
- 30: Samsung Pay
- 40: Visa Checkout (Click to Pay)
- 50: Facebook
- 60: Netflix
Note: Other tokenized merchants may be undefined
TokenExpirationDatestring (4)Left3427The year and month the token expires (YYMM). This field only applies if PrivatelyDefinedData_ProcessingFlags=T
PaymentAccountReferenceNumberstring (29)Left3431The Payment Account Reference Number
MessageTypeIndicatorstring (4)Left3460The four-digit message type identifier from the original request message.
OutputMessageTypeIndicatorstring (4)Left3464The four-digit message type identifier from the response message.
OutputResponseCodestring (2)Left3468The two-digit status code from the response message sent by Helix.
SystemTraceAuditNumberstring (6)Left3470The System Trace Audit Number as defined by the network provider. Useful when interfacing with the network provider's support tools or staff.
AcquirerInstitutionCountryCodestring (3)Left34763 digit numeric code for the country where the acquiring institution is located.
AuthorizationIdentificationResponsestring (12)Left3479The authorization code for the transaction.
ResponseCodestring (2)Left3491The code that defines the disposition of a message when present in a response, advice, or reversal.
- 00: Approved or completed successfully
- 01: Refer to card issuer
- 02: Refer to card issuer, special conditions
- 03: Invalid merchant
- 04: Pick-up card
- 05: Do not honor
- 06: Error
- 07: Pick-up card, special conditions
- 08: Honor with identification
- 09: Request in progress
- 10: Approved for partial amount
- 11: Approved (VIP)
- 12: Invalid transaction
- 13: Invalid amount
- 14: Invalid card number (no such number)
- 15: No such issuer
- 16: Approved, update Track 3
- 19: Re-enter transaction
- 20: Invalid response
- 23: Unacceptable transaction fee
- 24: File update not supported by receiver. Use only in 03xx messages.
- 25: Unable to locate record on file. Use only in 03xx messages.
26: Duplicate file update record, no action. Use only in 03xx messages.
- 27: File update field edit error. Use only in 03xx messages. See Field 44 - Additional Response Data to determine the field number in error.
- 28: File update record locked out. Use only in 03xx messages
- 29: File update not successful, contact acquirer. Use only in 03xx messages.
- 30: Format error. See Field 44 - Additional Response Data to determine the field number in error.
- 31: Bank not supported by switch
- 33: Expired card, pick-up
- 34: Suspected fraud, pick-up
- 35: Card acceptor contact acquirer, pick-up
- 36: Restricted card, pick-up
- 37: Card acceptor call acquirer security, pick-up
- 38: Allowable PIN tries exceeded, pick-up
- 39: No credit amount
- 40: Requested function not supported
- 41: Lost card, pick-up
- 42: No universal account
- 43: Stolen card, pick-up
- 44: No investment account
- 45: Check Rejected - NSF
- 46: Check Rejected - Stop Payment
- 47: Check Rejected - Two Signatures Required
- 48: Check Rejected - Closed Account
- 49: Check Rejected - Other Reason
- 50: Check Rejected - Hold on Funds
- 51: Insufficient funds
- 52: No checking account
- 53: No savings account
- 54: Expired card
- 55: Incorrect PIN
- 56: No card record
- 57: Transaction not permitted to cardholder
- 58: Transaction not permitted to terminal
- 59: Suspected fraud
- 60: Card acceptor contact acquirer
- 61: Exceeds amount limit
- 62: Restricted card
- 63: Security violation
- 65: Exceeds frequency limit
- 66: Card acceptor call acquirer security
- 67: Hard capture, pick-up
- 75: Allowable number of PIN tries exceeded
- 76: Key synchronization error
- 87: Check already posted
- 88: Information not on file
- 89: Card verification value (CVV) verification failed (no pickup)
- 90: Cutoff is in progress
- 91: Issuer or switch is inoperative
- 92: Financial institution or intermediate network unknown for routing
- 93: Transaction cannot be completed, violation of law
- 94: Duplicate transaction
- 96: System malfunction
D1 - NSF - Overdraft Fee Eligible
- LK: Cardholder Blocked
R0 - Payment Cancellation Order
- R1: Revocation of Authorization Order
- R3: Preauthorized Payment Revocation Order (block all recurring transactions for closed account)
- X4: Consumer Transaction Controls Decline
PinValidationCodestring (1)Left3493Indicates whether the entered PIN was Valid (1).
AdditionalAmounts_Purchaseinteger (10)Right3494The amount of the partial pay. This field is zero-padded on the left side, and two decimals will be assumed. e.g.: 000000000000832 represents an amount of $8.32.
AdditionalAmounts_Gratuityint (10)Right3504The amount of gratuity provided when the transaction occurred. This field is zero-padded on the left side, and two decimals will be assumed. e.g.: 000000000000832 represents an amount of $8.32.
Advice_OriginatorCodestring (1)Left3514Advice Reason Codes

1:Advice originated by card acceptor
2: Advice originated by acquirer
3: Advice originated by stand-in agent
Advice_ReasonCodestring (1)Left3515The identifying reason for an advice and/or reversal.
PrivatelyDefinedData_IssuerNetworkIdCodestring (3)Left3516
PrivatelyDefinedData_AdditionalTransactionElement_FallbackIndicatorstring (1)Left3519Indicates whether the transaction was processed as magnetic stripe even though the card and terminal are EMV capable.
PrivatelyDefinedData_ProcessingFlag_SpecialTransactionIndicatorstring (1)Left3520The special transaction indicator
- A: Payment Account Status Inquiry (ASI) Transaction
- B: Token account verification
- C: Cloud based payment/HCE
- D: Device Binding
- T: Tokenized Message
- V: Verified by Visa enrollment authorization request
- blank: No special transaction considerations
PrivatelyDefinedData_ProcessingFlag_ISAIndicatorstring (1)Left3521Visa International Service Assessment, used to indicate whether a transaction is single or multi-currency.
- C: Single Currency ISA (0.8%)
- S: Multi-Currency ISA (1.0%)
- R: ISA assessed and rebated
- blank: Transaction does not qualify for fee assessment.
PrivatelyDefinedData_ProcessingFlag_PartialAuthIndicatorstring (1)Left3522Transaction eligibility for Partial Authorization Indicator
- Y: Acquirer supports a partial authorization for transaction
- blank: Acquirer does not support a partial authorization for transaction
PrivatelyDefinedData_RiskData_ScoreSourcestring (1)Left3523Defines the Falcon processing option used. Valid values:
-0: No Falcon processing
-1: Online
-2: Online Plus
-3: Real-Time
PrivatelyDefinedData_RiskData_ScoreValuestring (4)Left3524Numeric score generated by Falcon ranging from 0000 to 0999. Higher score indicates a greater likelihood of fraud. If the card is currently in fraud monitoring suppression, the Score Value is 9998 or 9999. This field is populated for Falcon Real-Time transactions only.
PrivatelyDefinedData_RiskData_ResponseCodestring (1)Left3528Response code generated by Falcon Expert. Valid values:
- 0: No response code generated
- 1: Approve
- 2: Decline
- 3: Refer
- 4: Approve with identification
- 5: Pick up card
- blank: Card is currently in fraud monitoring suppression
PrivatelyDefinedData_RiskData_FalconReason1string (2)Left3529Falcon Reason 1
- 00: No Code
- 01: Unusual Time
- 02: Unusual MCC
- 03: High Risk MCC
- 04: Suspicious High Dollar
- 05: Suspicious Dollar Amounts
- 06: Suspicious Geographic
- 07: Suspicious Apprv Decln
- 08: Suspicious Auth Velocity
- 09: Suspicious Post Velocity
- 10: Suspicious Transaction Type
- 11: Suspicious Account Info
- 12: Suspicious Keyed Activity
- 13: High Risk Keyed Activity
- 14: Suspicious ATM Cash
- 15: Suspicious non-ATM Cash
- 16: Suspicious Cash
- 17: Suspicious Phone
- 18: Suspicious Unattended Gas
- 19: Suspicious CAT Activity
- 20: High Risk MCC Amount
- 21: Suspicious Foreign Activity
- 22: CVV Expiration Date Mismatch
- 51: Suspicious Payment Activity
- 52: Suspicious Payment Amount
- 53: Suspicious Payment Amount Nums
- blank: Card is currently in fraud monitoring suppression
PrivatelyDefinedData_RiskData_FalconReason2string (2)Left3531Falcon Reason 2 - See values in _FalconReason1.
PrivatelyDefinedData_RiskData_FalconReason3string (2)Left3533Falcon Reason 3 - See example values in _FalconReason1.
PrivatelyDefinedData_RiskData_VisaRiskScorestring (2)Left3535A value that indicates the degree of risk associated with the transaction. Higher values indicate higher authorization risk. Valid values: 01-99, blank if card is in fraud monitoring or data is not present.
PrivatelyDefinedData_RiskData_VisaRiskReasonstring (2)Left3537A code that represents the logic behind the VisaRiskScore.
PrivatelyDefinedData_RiskData_VisaRiskConditionCode1string (2)Left3539Contains a value relative to a high-risk Compromised Account Management System (CAMS) event.
PrivatelyDefinedData_RiskData_VisaRiskConditionCode2string (2)Left3541Contains the Compromised Event Reference (CER) ID assigned to a significant CAMS event.
PrivatelyDefinedData_RiskData_VisaRiskConditionCode3string (2)Left3543Reserved for future release
PrivatelyDefinedData_RiskData_VAAConditionCode1Rankstring (2)Left3545Grouping value assigned to VAA Risk Condition Code 1.
- 0: Low Risk for Fraud
- 1: Medium Risk for Fraud
- 2: High Risk for Fraud
- blank: Card is currently in fraud monitoring suppression
PrivatelyDefinedData_RiskData_RTDResultCodestring (1)Left3547The Real Time Decisioning result code.
- D: Transaction declined by RTD
- R: Transaction referred b RTD
- blank: No RTD result code provided
PrivatelyDefinedData_RiskData_TravelStatusIndicatorstring (1)Left3548Describes the cardholder's travel status.
- A: Cardholder may be traveling, destination matches
- B: Cardholder may be traveling, destination unknown
- blank: Card is currently in fraud monitoring suppression
TextInfostring (255)Left3549Contents will vary based on ISO message type.
Track2Data_ServiceCodestring (3)Left3804The Service Code encoded on Track 2 of the magnetic stripe
RetrievalReferenceNumberstring (12)Left3807The Retrieval Reference Number as defined by the network provider. Useful when interfacing with the network provider's support tools or staff.
NetworkManagementInformationCodestring (3)Left3819
FalconCaseStatusstring (255)Left3822Falcon Case Status Possible values:
- ACTIVE
- OPEN
- CLOSED
FalconCaseSubStatusstring (255)Left4077Falcon Case Sub Status Possible values:
-CONFIRMED_FRAUD
-UNABLE_NOT_FRAUD
-ACTIVE_CASE_SUBSTATUS_DLR_IVR_DISCONNECT
-ACTIVE_CASE_SUBSTATUS_DLR_SMS_FRD_CNFD
-ACTIVE_CASE_SUBSTATUS_CCS_TO_ANALYST
-ACTIVE_CASE_SUBSTATUS_DLR_EML_FRD_CNFD
-ACTIVE_CASE_SUBSTATUS_CCS_LEFT_MESSAGE
-ACTIVE_CASE_SUBSTATUS_DLR_ACTIVE
-ACTIVE_CASE_SUBSTATUS_CCS_OPEN
-NOT_FRAUD
-ACTIVE_CASE_SUBSTATUS_DLR_IVR_FRD_CNFD
-UNABLE_CONFIRMED_FRAUD
-ACTIVE_CASE_SUBSTATUS_SMS_CALL_REQUEST
-ACTIVE_CASE_CALLBACK
-ACTIVE_CASE_SUBSTATUS_CCS_NO_CONTACT
-ACTIVE_CASE_SUBSTATUS_VIP
-ACTIVE_CASE_INVESTIGATION
FalconBlockCodestring (255)Left4332One or more can be present as a result of case updates. Possible values:
-VRU_FRAUD_BLOCK_SERVICE|
-NO_BLOCK_SERVICE|
-REMOVE_BLOCK_SERVICE|
-TEMPORARY_BLOCK_SERVICE|
-FRAUD_BLOCK_SERVICE|
-VRU_REMOVE_BLOCK_SERVICE|
-CASE_ACTION_TYPE_SERVICE_CCS_BAD_PHONE|
-REMOVE_BLOCK_SERVICE|
-VRU_REMOVE_BLOCK_SERVICE|
FalconFraudCodestring (255)Left4587The Falcon Fraud Code only populated when the case has a sub status of CONFIRMED_FRAUD. Possible values:
-CASE_FRAUD_TYPE_MAIL_PHONE_FRD
-CASE_FRAUD_TYPE_SKIMMING_FRD
-CASE_FRAUD_TYPE_PHISH
-CASE_FRAUD_TYPE_ID_THEFT
-CASE_FRAUD_TYPE_APP_FRD
-CASE_FRAUD_TYPE_INT_ORDER_FRD
-CASE_FRAUD_CHCK_FRD_AP_CUST_VICT
-CASE_FRAUD_TYPE_VISA_STOLEN
-CASE_FRAUD_TYPE_NON_RECEIPT
-CASE_FRAUD_CHCK_FRD_CUST_RESP
-CASE_FRAUD_DEP_BAD_CRDT_OVDRFT
-CASE_FRAUD_TYPE_FRIENDLY_FRD
-CASE_FRAUD_TYPE_ZERO_LOSS_FRD
-CASE_FRAUD_TYPE_SCAMFRD
-CASE_FRAUD_TYPE_NMBR_PRTNG
-CASE_FRAUD_TYPE_FIRST_PARTY_FRD
-CASE_FRAUD_TYPE_KIDNAP
-CASE_FRAUD_TYPE_CHECK_KITING
-CASE_FRAUD_CHCK_FRD_CUST_VIST
-CASE_FRAUD_TYPE_CNTRFIT_FRD
-CASE_FRAUD_DEP_BAD_ADVNC
-CASE_FRAUD_TYPE_OTHER
-CASE_FRAUD_TYPE_VISA_LOST
-CASE_FRAUD_TYPE_LOST_STOLEN
-CASE_FRAUD_TYPE_CONV_CHECK_FRD
-CASE_FRAUD_TYPE_TAKEOVER_FRD
-CASE_FRAUD_DEP_FRD_INT_EMP
-CASE_FRAUD_TYPE_MALWARE
-CASE_FRAUD_TYPE_SIM_RLTD
-CASE_FRAUD_TYPE_SEF
TransactionFeeAmountinteger (10)Right4842The Total Transaction Fee Amount contains the surcharge amount.
SettlementFeeAmountinteger (10)Right4852The Settlement Fee Amount contains the surcharge amount in the issuer's currency.
AdditionalFees_CCAinteger (10)Right4862
AdditionalFees_ICAinteger (10)Left4872
CardAcceptorRegionCodestring (2)Left4882The region code of the card acceptor.
CardAcceptorCountryCodestring (2)Left4884The country code of the card acceptor.
NationalPointOfServiceCondition_TerminalUnattendedstring (1)Left4886Terminal Unattended
- 0: Attended
- 1: Unattended
NationalPointOfServiceCondition_TerminalOperatorstring (1)Left4887Terminal Operator
- 0: Customer operated
- 1: Card acceptor-operated
- 2: Administrative
NationalPointOfServiceCondition_TerminalPremisesstring (1)Left4888Terminal Premise
- 0: On premise
- 1: On premise
- 3: Electronic commerce
NationalPointOfServiceCondition_CardPresentationstring (1)Left4889Presentation Type
- 0: Customer present
- 1: Customer not present
- 2: Mail/Telephone Order
- 4: Recurring transaction
- 5: Installment Payment
- 6: Account top up
- 7: Pre-authorized purchase
- 9: Single transaction for Mail/telephone Order
NationalPointOfServiceCondition_CardPresencestring (1)Left4890Card Presence
- 0: Card present
- 1: Card not present
- 8: Pre-authorized purchase
NationalPointOfServiceCondition_CardRetentionstring (1)Left4891Card Retention
- 0: Device does not have card retention capability
- 1: Device has card retention capability
NationalPointOfServiceCondition_CardTransactionstring (1)Left4892Card Transaction
- 0: Original transaction/clearing
- 1: Incremental authorization
- 2: Delayed charges
- 3: No show
- 4: Merchant authorized transaction
- 5: Resubmission
- 6: Reauthorization
NationalPointOfServiceCondition_SecurityConditionstring (1)Left4893Security Condition
- 0: No security concern
- 1: Suspected fraud
- 2: Identification verified
- 3: Secure Electronic Commerce transaction
- 4: Non-authorized security transaction at a 3-D Secure capable merchant. Merchant attempted to authenticate the cardholder using 3-D Secure.
- 5: Non-authenticated security transaction
- 6: Non-secure transaction
- 7: Non-authenticated security transaction at a SET capable merchant
- 8: CVV, dynamic CVV, or iCVV validated and valid
- 9: CVV, dynamic CVV, or iCVV validated and invalid
NationalPointOfServiceCondition_TerminalTypestring (2)Left4894Terminal Type
- 00: Administrative terminal
- 01: POS terminal
- 02: ATM
- 03: Home terminal
- 04: ECR
- 05: Dial terminal
- 06: Travelers check machine
- 07: Fuel machine
- 08: Scrip machine
- 09: Coupon machine
- 10: Ticket machine
- 11: Point-of-banking terminal
- 12: Teller
- 13: Franchise teller
- 14: Personal banking
- 15: Public utility
- 16: Vending
- 17: Self-service
- 18: Authorization
- 19: Payment
- 20: VRU
- 21: Smart phone
- 22: Interactive television
- 23: Personal Digital Assistant (PDA)
- 24: Screen Phone
- 25: Internet terminal
- 26: MICR terminal
- 27: Mobile acceptance solution
NationalPointOfServiceCondition_TerminalEntryCapabilitystring (1)Left4896Terminal Entry Capability Mode
- 0: Unknown
- 1: Manual/no terminal
- 2: Magnetic stripe read
- 3: QR code
- 4: OCR
- 5: ICC
- 6: Key entered
- 9: File
- S: MICR reader
- T: Contactless
- U: Contactless via Mag Stripe Rules
PrivatelyDefinedData_TransactionLevel_CredentialOnFileIndicatorstring (1)Left4897Indicates whether a Credential on File is present.
- Y: Credential on File
- N: Not a Credential on File
PrivatelyDefinedData_TransactionLevel_CryptocurrencyPurchaseIndicatorstring (1)Left4898Identifies Visa transactions used to purchase cryptocurrency.
- Y: Purchase of Cryptocurrency
- N: Not a Purchase of Cryptocurrency
AvsResultstring (1)Left4899Address Verification Service Result
- A: Address matches, ZIP code does not
- B: Street address match for international transaction, but postal code not verified due to incompatible formats
- C: Street address and postal code not verified for international transaction due to incompatible formats
- D: Street address and postal code match for international transaction
- G: Address information not verified for international transaction. Issuer is not an AVS participant, or AVS data was present in the request but issuer did not return an AVS result, or Visa performs AVS on behalf of the issuer and there was no address record on file for this account.
- I: Address information not verified
- M: Street address not verified
- N: Nothing matches
- P: Postal code match for international transaction, but street address not verified due to incompatible formats
- R: Retry, system unable to process
- U: No address data
- Y: Address and 5-digit ZIP code match
- Z: 5-digit postal/ZIP code matches, street address does not match or street address not included in request.
CardControlTagstring (50)Left4900Tag of the card control that was evaluated against this authorization.
CardControlRuleTagstring (50)Left4950Tag of the rule that matched this authorization.
CardControlRuleSourcestring (8)Left5000Source of the card control rule that matched this authorization. Possible values:
- Customer
- Program
- NULL
CardControlResultinteger (1)Left5008Result of executing the matched card control rule. Possible values:
0: Declined
1: Allowed
NULL: Non-matched control or rule
InAuthHelixResultinteger (2)Right5009Helix result from In Auth processing. Possible values:
1: Success
2: Error
3: Timeout
4: Customer token not set
5: Program HTTP error
6: Unknown timeout
InAuthProgramResultinteger (2)Right5011Program result from In Auth processing. Possible values:
1: Approve
2: Decline
3: Abstain
InAuthProgramResponseDurationinMSinteger (10)Right5013Program response duration in milliseconds for In Auth.
TapToPhoneIndicatorstring (4)Right5023Tap to Phone Indicator result. Possible values:
0001: Tap-to-Phone Indicator
LockStatusinteger (1)Left5027Card lock status. Possible values:
0: Unlocked
1: Locked
LockReasonTypeCodestring (3)Left5028The reason the lock was applied to the card. Possible values:
UNK: Unknown
STL: Stolen
LST: Lost

FRD: Suspected Fraud
DMG: Physical Damage
ADM: Administrative**
TMP: Temporary
PIN: PIN Retries Exceeded**

* Can be set via /card/hotlist API endpoint only. Cannot be subsequently unlocked.

** Can be set via Helix Admin Console or background processing only
LockTypeCodestring (3)Left5031The type of lock applied to the card. Possible values:
UNL: Unlocked
CST: Customer Locked (locked via the API, or, if a Helix Admin Console user specifies the lock can be unlocked by the customer via the API)
SYS: System Locked (locked via Helix Admin Console or an automated process; the Helix Admin Console user-specified customer should not be able to unlock it via the API or the network provider deemed the card is locked and was reflected as such in Helix) Note: customers can unlock most CST locks but none of the SYS locks. See /card/unlock for more details
VisaTransactionIdstring (15)Left5034The Visa DPS original transaction identifier
TransactionLocalDatestring (4)Left5049The local month and day the transaction takes place at the card acceptor location
TransactionLocalTimestring (6)Left5053The time the transaction takes place as expressed in the local time of the card acceptor location
PrivatelyDefinedData_RiskData_MasterCardFraudScorestring (3)Left5059Available if client participates in a Mastercard or non-Visa Network Fraud Scoring service.
Valid value: 000-999, XXX, or ZZZ
Values:
000: Actual score (where 999 is more likely to be fraudulent than a score of 000)
XXX: Unable to return scores
ZZZ: Fraud server is unavailable
PrivatelyDefinedData_RiskData_MasterCardRiskCondition1string (2)Left5062Available if client participates in Mastercard Fraud Scoring service.

Values:
NL: (Network Monitor Alert Only)
NM: (Network Monitor)
XX: Suspicious transaction
YY: Four or more swiped transactions on a self-service terminal in the past two days
ZZ: Suspicious activity during the past three days
PrivatelyDefinedData_RiskData_MasterCardRiskCondition2string (2)Left5064Available if client participates in Mastercard Fraud Scoring service.

Values:
00: No suspicious activity
01: Suspicious pattern of transaction amounts–cardholder
02: Suspicious pattern of account activity at device or merchant
03: Suspicious pattern of geographical distances between transaction locations
04: Unusual amount or number of transaction fees
05: Unusual transaction frequency–account
06: Suspicious geographic location of transactions
07: Suspicious pattern of transaction merchant categories–account
08: Unusual/Suspicious pattern of transaction amounts–device
09: High/Unusual transaction frequency–device
10: Suspicious pattern of transaction time
11: Unusual/abnormal transmitted data
PrivatelyDefinedData_RiskData_MasterCardFraudScoreReasonstring (2)Left5066Available if client participates in Mastercard Fraud Scoring service.

Values:
00: No suspicious activity
01: Suspicious pattern of transaction amounts–cardholder
02: Suspicious pattern of account activity at device or merchant
03: Suspicious pattern of geographical distances between transaction locations
04: Unusual amount or number of transaction fees
05: Unusual transaction frequency–account
06: Suspicious geographic location of transactions
07: Suspicious pattern of transaction merchant categories–account
08: Unusual/Suspicious pattern of transaction amounts–device
09 High/Unusual transaction frequency–device
10: Suspicious pattern of transaction time
11: Unusual/abnormal transmitted data

{ "file_type": "fixed_length" }