Skip to main content
Fraud models and rules improve when they learn what happened after a decision. Lifecycle events report the real outcome of a transaction — authorization, capture, chargeback, and more — back to Specter, which fans them out to participating backends and uses them to auto-populate blacklists. Submit an event with POST /api/events. Events are processed synchronously: the response includes a backend_notifications entry for every backend call made before returning. Retrieve a persisted event with GET /api/events/{id}.

Event types

TypeDescription
authorizationCard authorization outcome (AVS/CVV results reveal data quality).
capturePayment captured.
refundAmount refunded.
voidAuthorization voided.
chargebackChargeback filed — the ground truth for fraud.
fraud_reportAn explicit fraud report.

Request

An event references the originating decision_id; its data is a free-form map stored with the event and forwarded to backends that support the event type. 
{
  "type": "chargeback",
  "decision_id": "dec_01J...",
  "occurred_at": "2026-03-17T12:00:00Z",
  "data": { "amount": 1999, "reason": "4853" }
}

Backend fan-out

Specter Connect Backend fan-out applies to Specter Connect instances. Specter forwards each event to every backend that participated in the original decision and supports the event type. Backends are reached through a Link integration. A backend declares which event types it supports. When an event targets a type a backend does not support, Specter records status: "skipped" — not an error. The backend_notifications array in the response reports the outcome of every backend call.

Blacklist auto-population

A blacklist rule can listen for specific event types (fraud_report, chargeback, failed) and automatically add the originating decision’s field values to the blacklist — so a card that produces a chargeback is blocked on its next attempt.

Blacklist

Auto-populate blocks from fraud and chargeback events.

Decisions

Resolve REVIEW decisions and notify backends.