The functionality for pending orders is used to delay the shipping of orders that are suspected for fraud until the order has been reviewed. Currently, this functionality is only applicable for merchants in US & UK regions. Note that the pending functionality is not enabled by default and must be activated for each account.
The pending process begins when an order is identified as potentially fraudulent, the status is set to pending, Klarna reviews the order manually, and then the status is sent to the merchant. Merchants must be able to check the status of the orders in order to appropriately respond to the status set by Klarna (accepted or rejected).
After the customer has completed the order in the checkout the order can have the
PENDING showing that the order is being reviewed for fraud. When an order is assigned the PENDING fraud status it should not be processed for shipping, but instead, be put on hold until it has been reviewed. During this step, the customer should be made aware that the order is in progress and will not be shipped immediately. The ability for a merchant to hold pended orders until Klarna completes the fraud checks is a critical step.
After the order has been reviewed it will either be approved and be assigned the
FRAUD_RISK_ACCEPTED, or the order will be rejected and assigned the
FRAUD_RISK_REJECTED. The review process is generally completed within 4 - 8 business hours and can last a maximum of 24 hours.
The events sent to merchant notification URL are as follows:
FRAUD_RISK_ACCEPTED- An order was accepted, possibly after review
FRAUD_RISK_REJECTED- An order was rejected after review
FRAUD_RISK_STOPPED- An order was stopped for some reason
When the order has been reviewed and assigned a new status, a
POST request will be sent to the URL specified by the notification URL parameter specified at the time of order creation. The body of the POST request will be an event of one of the types
FRAUD_RISK_REJECTED together with
ORDER_IDof the order triggering the notification
Klarna will try to send the push notifications every ten minutes for a total of 24 hours or until the
POST request is replied with a 200. After 24 hours we will stop sending notifications.
With pending enabled, there are two possible initial values of
fraud_status. It can be set to either
ACCEPTED means we accepted the fraud risk automatically when the order was created.
PENDING means that we are waiting for the order to be reviewed.
The merchant will only get the push notification when the
fraud_status transitions from
Having pending enabled does not mean stop requests will not be sent anymore. There will be orders that were not pended on creation that the fraud agents found to be fraudulent for some other reason, in that case, they will send stop requests.
It is highly recommended to validate the notification by retrieving the order using a regular get API call upon receiving the notification and check if the
fraud_status matches the notification.
The result of the fraud review process can be overridden by the merchant if needed.
To accept an order that has been rejected by Klarna you must capture it within 4 hours of receiving the notification
POST request. The capture is done as usual with the order management API. Accepting a rejected order by capturing it will transfer the risk of the order to the merchant. If the order is not captured within 4 hours the order will be cancelled.