Guides
Start typing to search…

Link Detection

Link Detection verifies where users are redirected after payment completion. The system checks final redirect URLs against each merchant's whitelist of approved domains.

How It Works

  1. Transaction Selection
    When link detection is enabled for a merchant, transactions in NEW or PENDING status are selected for verification based on sampling rules.

  2. URL Validation Trigger
    When a selected transaction transitions to ACCEPT or DECLINE, the system asynchronously validates the redirect URL:

    • For ACCEPT → validates successReturnUrl
    • For DECLINE → validates failReturnUrl

  3. Bot Simulation
    A bot simulates a real user browser, follows all redirects, and captures the final destination URL.

  4. Whitelist Comparison
    The final URL is compared against the merchant's whitelist. Results are logged, and alerts can be triggered for unauthorized URLs.

Flow Diagram

Transaction Created (NEW/PENDING)
         ↓
    Selected for verification?
         ↓
    Transaction completes (ACCEPT/DECLINE)
         ↓
    Bot follows redirect URL
         ↓
    Final URL captured
         ↓
    Compare against whitelist
         ↓
    Log result / Trigger alert

Sampling Configuration

By default, every 50th transaction is verified.

Contact your manager to adjust this frequency based on your needs.

Configuration

Link Detection is configured per merchant through the Client Portal:

  1. Enable link detection — Activate the feature for specific merchants
  2. Configure domain whitelist — Add approved domains for each merchant
  3. Adjust sampling frequency — Set how often transactions are verified
  4. Set up alerts — Configure notifications for unauthorized redirects

Navigate to Merchants → [Merchant Name] → Link Detection in the Client Portal to access these settings.

Use Cases

  • Fraud Prevention: Detect when payment pages redirect to unauthorized domains
  • Compliance: Ensure redirects stay within approved domains
  • Partner Monitoring: Verify merchant behavior in affiliate programs
  • Phishing Detection: Identify potentially compromised return URLs

Requirements

For Link Detection to work, you must provide return URLs when submitting transactions:

{
  "externalId": "txn_12345",
  "status": "NEW",
  "successReturnUrl": "https://yoursite.com/payment/success",
  "failReturnUrl": "https://yoursite.com/payment/failed",
  ...
}

See the Transaction Process API Reference for full details.

Support

For configuration assistance, contact your Embermind manager.

Updated about 2 months ago