Skip to main content

Resolve alerts

Portal displayAPI manualStatusDescription
Needs attentionnullIndicates that the alert requires review and resolution.
In reviewIN_REVIEWIndicates that the alert is being actively investigated or reviewed.
True positive: RejectTRUE_POSITIVE_REJECTIndicates that the activity was confirmed or suspected to be fraudulent or high-risk, and the associated activity was rejected (e.g. transaction blocked).
True positive: AcceptTRUE_POSITIVE_ACCEPTIndicates that the activity was confirmed or suspected to be fraudulent or high-risk, and the associated activity was accepted (e.g. transaction approved with override).
False positiveFALSE_POSITIVEIndicates the alert was reviewed, and confirmed or assumed to be genuine or low-risk.

via API

Given the activity results update its status by calling Update Activity results endpoint 
curl -X 'PATCH' \
  'https://api.uat.frankie.one:443/v2/individuals/{{your_entity_id}}/results/activity' \
  -H 'accept: application/json' \
  -H 'api_key: X' \
  -H 'X-Frankie-CustomerID: {{your_customer_id}}' \
  -H 'X-Frankie-Username: {{example@frankieone.com}}' \
  -H 'Content-Type: application/json' \
  -d '{
  "processResults": [
    "01K9DYRS7PYYZXRCS62SE7KTWG"
  ],
  "manualStatus": "TRUE_POSITIVE_ACCEPT",
  "comment": {
    "text": "Update after speaking to customer over the phone directly.",
    "entityId": "{{your_entity_id}}",
    "entityType": "INDIVIDUAL"
  }
}'

via Portal

See Features for more details

Re-evaluate the results

This is crucial for the entity’s overall risk score, which are calculated based on historical activity, and device or customer characteristics.
Once all alerts have been resolve, you must re-run the workflow for the entity.
  1. To update the status: The overall workflowResult.status will only be changed by the system from REVIEW to PASS or CLEAR after the workflow is executed again and the steps included in the monitoring workflow confirms that no unresolved hits remain.
  2. To clear issues: The re-execution will cause the steps to re-evaluate the issues. If all PROs that previously caused an ACTIVITY issue are now classified as FALSE_POSITIVE, the issue will be cleared from the workflow result.
This re-evaluation ensures that your entity’s compliance status is officially updated, reflects the latest risk assessment, and maintains an accurate audit trail.

via API

To trigger a re-evaluation via API, you will execute the workflow again. Refer to the Execute a workflow for the given service profile documentation.

via Portal

The Portal will automatically re-run the workflow for you once all alerts associated with an activity have been resolved (i.e. no alerts with “Needs attention” and “In review” status remain).

Detecting manual overrides

It’s crucial to know if a workflow’s result was changed by a person. When an operator manually changes the status (e.g., from FAIL to PASS), the following fields are populated:
  • statusOverrideRequestId: The unique ID of the override request.
  • statusOverrideBy: The user who performed the override.
  • statusOverrideAt: The timestamp of the override.
To detect an override, check if statusOverrideRequestId exists and is not empty.

(Optional) Retrieve all activities

Fetch historical information about the transactions to help get context of the user behavior and investigate. 
curl -X 'GET' \  
  'https://api.uat.frankie.one:443/v2/individuals/d2859e0c-1f63-4208-947a-038bcb7b1e5e/activities?sortField=ACTIVITY_AT&sort=ASC&limit=20&page=1' \                           
  -H 'accept: application/json' \
  -H 'api_key: X ' \ 
  -H 'X-Frankie-CustomerID: {{your_customer_id}}' \
  -H 'X-Frankie-Username: {{example@frankieone.com}}'

Next step

Your implementation is complete. If you encounter errors at any step, see the full list of error codes and response structures. Error handling →