feat(router): add card testing check in payments eligibility flow

[sai-harsha-vardhan]

Type of Change

• Bugfix
• New feature
• Enhancement
• Refactoring
• Dependency updates
• Documentation
• CI/CD

Description

Reference:
Card Testing Gaurd - #7108
Payments Eligibility Flow - #9774

This PR adds the Card Testing Gaurd check to the existing Payments eligibility checks flow to avoid detection before committing larger fraudulent purchases

Additional Changes

• This PR modifies the API contract
• This PR modifies the database schema
• This PR modifies application configuration/environment variables

Motivation and Context

How did you test it?

Tested Manually

1. Enable Card Testing under Business Profile
   CURL

curl --location '{{BASE_URL}}/account/{{merchant_id}}/business_profile/{{profile_id}}' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'api-key: {{API_KEY}}' \
--data '{
     "card_testing_guard_config": {
        "card_ip_blocking_status": "enabled",
        "card_ip_blocking_threshold": 3,
        "guest_user_card_blocking_status": "disabled",
        "guest_user_card_blocking_threshold": 10,
        "customer_id_blocking_status": "disabled",
        "customer_id_blocking_threshold": 5,
        "card_testing_guard_expiry": 3600
    }
}'

Response

{
    "merchant_id": "merchant_1760017865",
    "profile_id": "pro_KoXFud9EIdWKmhHEmtDa",
    "profile_name": "US_default",
    "return_url": "https://example.com/success",
    "enable_payment_response_hash": true,
    "payment_response_hash_key": "UZcedwKRCOBL7mnKPEypzeJBc18oy9BfTyMQ1MOKci37MbKC6fs9bKMBfTVTJE2R",
    "redirect_to_merchant_with_http_post": false,
    "webhook_details": {
        "webhook_version": "1.0.1",
        "webhook_username": "ekart_retail",
        "webhook_password": "password_ekart@123",
        "webhook_url": "https://eop67yav2axa2pv.m.pipedream.net",
        "payment_created_enabled": true,
        "payment_succeeded_enabled": true,
        "payment_failed_enabled": true,
        "payment_statuses_enabled": null,
        "refund_statuses_enabled": null,
        "payout_statuses_enabled": null
    },
    "metadata": null,
    "routing_algorithm": null,
    "intent_fulfillment_time": 900,
    "frm_routing_algorithm": null,
    "payout_routing_algorithm": null,
    "applepay_verified_domains": null,
    "session_expiry": 900,
    "payment_link_config": null,
    "authentication_connector_details": null,
    "use_billing_as_payment_method_billing": true,
    "extended_card_info_config": null,
    "collect_shipping_details_from_wallet_connector": false,
    "collect_billing_details_from_wallet_connector": false,
    "always_collect_shipping_details_from_wallet_connector": false,
    "always_collect_billing_details_from_wallet_connector": false,
    "is_connector_agnostic_mit_enabled": false,
    "payout_link_config": null,
    "outgoing_webhook_custom_http_headers": null,
    "tax_connector_id": null,
    "is_tax_connector_enabled": false,
    "is_network_tokenization_enabled": false,
    "is_auto_retries_enabled": false,
    "max_auto_retries_enabled": null,
    "always_request_extended_authorization": null,
    "is_click_to_pay_enabled": false,
    "authentication_product_ids": null,
    "card_testing_guard_config": {
        "card_ip_blocking_status": "enabled",
        "card_ip_blocking_threshold": 3,
        "guest_user_card_blocking_status": "disabled",
        "guest_user_card_blocking_threshold": 10,
        "customer_id_blocking_status": "disabled",
        "customer_id_blocking_threshold": 5,
        "card_testing_guard_expiry": 3600
    },
    "is_clear_pan_retries_enabled": false,
    "force_3ds_challenge": false,
    "is_debit_routing_enabled": false,
    "merchant_business_country": null,
    "is_pre_network_tokenization_enabled": false,
    "acquirer_configs": null,
    "is_iframe_redirection_enabled": null,
    "merchant_category_code": null,
    "merchant_country_code": null,
    "dispute_polling_interval": null,
    "is_manual_retry_enabled": null,
    "always_enable_overcapture": null,
    "is_external_vault_enabled": "skip",
    "external_vault_connector_details": null,
    "billing_processor_id": null
}

2. Perform 3 or more failure payments using same card number + ip address combination

3. Call Payments eligibility API with the same card number and ip address to see Deny as the next_action with appropritate error message
   CURL

curl --location '{{BASE_URL}}/payments/{{PAYMENT_ID}}/eligibility' \
--header 'Content-Type: application/json' \
--header 'api-key: {{API_KEY}}' \
--data '{
    "client_secret": "pay_UvTqxnVPNNChhe1vKk1W_secret_AF9avGOwxxvcwqHhmYv0",
    "payment_method_type": "card",
    "payment_method_data": {
        "card": {
            "card_number": "4111111111111111",
            "card_exp_month": "01",
            "card_exp_year": "2050",
            "card_holder_name": "John Smith",
            "card_cvc": "349",
            "card_network": "Visa"
        },
        "billing": {
            "address": {
                "line1": "1467",
                "line2": "Harrison Street",
                "line3": "Harrison Street",
                "city": "San Fransico",
                "state": "CA",
                "zip": "94122",
                "country": "US",
                "first_name": "John",
                "last_name": "Doe"
            },
            "phone": {
                "number": "8056594427",
                "country_code": "+91"
            }
        }
    },
    "browser_info": {
        "user_agent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36",
        "accept_header": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
        "language": "nl-NL",
        "color_depth": 24,
        "screen_height": 723,
        "screen_width": 1536,
        "time_zone": 0,
        "java_enabled": true,
        "java_script_enabled": true,
        "ip_address": "125.0.0.1"
    }
}'

Response

{
    "payment_id": "pay_vwNY2VRzck6RnRUrGldc",
    "sdk_next_action": {
        "next_action": {
            "deny": {
                "message": "Blocked due to suspicious activity"
            }
        }
    }
}

Checklist

• I formatted the code cargo +nightly fmt --all
• I addressed lints thrown by cargo clippy
• I reviewed the submitted code
• I added unit tests for my changes where possible

[semanticdiff-com]

Review changes with  

Changed Files

File	Status
crates/router/src/types/api/payments.rs	96% smaller
crates/router/src/core/card_testing_guard/utils.rs	68% smaller
crates/router/src/core/payments.rs	8% smaller
api-reference/v1/openapi_spec_v1.json	0% smaller
crates/api_models/src/payments.rs	0% smaller
crates/common_utils/src/ext_traits.rs	0% smaller
crates/router/src/core/payments/operations/payment_confirm.rs	0% smaller