[UPDATED] Upcoming changes to the Shopify Order Risks API
IMPORTANT UPDATE AUGUST 3, 2018:
These changes will go live for all shops on September 17, 2018.
On October 16th 2017, we'll be changing how we display fraud risk information on the order page in the Shopify admin. This will also impact how risk information is exposed in the Order Risks API.
Today, all order risks for an order are grouped together on the order page regardless of who generated the order risk. Going forward, order risks from Shopify and third-party apps will be displayed separately on the order page.
In regards to the Order Risks API, Shopify generated order risks with will be exposed as one single order risk with the Shopify recommendation. This means that the current behaviour of exposing multiple Shopify generated order risks will be discontinued. For example:
If you are using the Order Risks API to read Shopify’s order risks to parse out specific information, we advise that you make the appropriate adjustments since there will no longer be multiple Shopify generated orders risks exposed after October 16th.
The information used to create many of the current order risks is still available to you in other Shopify APIs, or from other sources. For example, the Orders API provides details of the order such as the customer browser IP address, and shipping and billing address. The Transactions API provides AVS and CVV results, and BIN/IIN for cards processed by Shopify Payments. See payment details section for more info about fields and how to interpret the information.
If you are currently using the Order Risks API to post order risks, no changes are required.
This is one step in our continuous investment in our fraud prevention platform. At a future date we will improve our API to better meet the current and future needs of our merchants. If you have any questions or would like to contribute with your thoughts in this area please comment in this thread below.
All the best,