Overview

The Ingo Fraud Alert API will provide clients with access to disaggregated risk scores across Ingo Money customer payee data, for both check deposit and non-check-related uses.

API Versioning

The current API version is “1”.

The API supports 2 API versioning strategies.

  • Version Request Header
  • Query String Version parameter

The value of the header key or the query string parameter key to use is apiVersion.

URLs

  • UAT : https://insights-uat.ingo.money/identity/score [Will be used for certification]
  • PROD : https://insights.ingo.money/identity/score [Credentials will be delivered Post certification]

API Access

Connectivity

API requests must be performed using a secure transport layer over Https with a minimum TLS version of 1.2.

Logging

All API activity will be sanitized, recorded and retained as per Ingo’s data retention strategy.

Allowed IP configuration

The API’s are designed for machine to machine communication and are restricted by adding our partners IP addresses to an “Allowed List” of IP addresses.

A single IP, multiple IP’s or range of IP’s can be added to the list.

Credentials Provisioning

The Client Id and Client Secret will be provisioned by Ingo Client Services and provided via a PGP encrypted file format.

We will need a Public Key from a client to encrypt the credentials.