Reputation Gateway¶
Traity’s social credit score is more human, and outperforms traditional scores for different risks and perils.
Traditional credit scores don’t apply to everyone, especially migrants, students or freelancers. Give a fairer treatment to the great customers of the future with an alternative credit scoring approach, specially suited for fintechs, startups, insurers and banks.
Integration of Reputation Gateway is very flexible. You can add it in any part of your application’s flow that better adapts to your needs. Users will be redirected to our site so they can start building their TrustScore and once they finish, they will go back to your site to complete the process in your platform. At that point, you will be able to read their TrustScore to take more and better informed decisions. Find the documentation and sample codes to learn how to add the ReputationGateway in just a few minutes:
Contents¶
Getting started¶
An account at https://developers.traity.com is required to start using the Reputation Gateway. If you already have an account in traity.com, you can use the same credentials.
Traity’s Reputation Gateway relies on REY, a decentralized infrastructure for risk scoring based on Ethereum’s blockchain, so during the app creation process you will be asked wether you want to use your own blockchain keys or let have Traity generate a new one and manage it in your behalf.
In case you want to use your own blockchain key, you will be asked to provide your key’s public address in order to identify you when you sign the necessary payloads to communicate with the ReputationGateway.
You can also have your private key generated and managed by Traity.
In that case, you will authenticate into our API using the provided app id and app secret that available from your developers dashbard at https://developers.traity.com
Adding the ReputationGateway to your flow is as easy as redirecting your users to Traity’s onboarding so they can start building their TrustScore. Users should be redirected to the following URL and include a session token.
https://rg.traity.com/w/<SESSION-TOKEN>
The session parameter is a JWT token that contains the necessary information to identify you. It will also indicate where should users be redirected once they finish the process on Traity, which means it should be a URL of an application of your own where you will have control to read the user’s TrustScore.
The session token can be generated as follows:
a) Using your application secret:
require 'jwt'
token = JWT.encode({ appId: ENV['APP_ID'],
callback_url: '<YOUR CALLBACK URL>' },
ENV['APP_SECRET'], 'HS512')
const jwt = require('jsonwebtoken')
const payload = { appId: process.env.APP_ID, callback_url: '<YOUR CALLBACK URL>' }
const token = jwt.sign(payload, process.env.APP_SECRET, { algorithm: 'HS512' })
<?php
// php-jwt is used in this example: https://github.com/firebase/php-jwt
use \Firebase\JWT\JWT;
$token = JWT::encode(array(
'appId' => APP_ID,
'callback_url' => 'http://dev.example.com/finish'
), APP_SECRET);
?>
<a href="https://rg.traity.com/w/<?php echo $token ?>">Build Your TrustScore</a>
Having that token, now you can add the link into your website. You can customize it as much as you want.
<a href="https://rg.traity.com/w/eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJyZWFkZXIiOiIweGU0YmIzRmI0NmU4Mjc1N2Y5RkM2MmMyMjZmYzE4ODJBMkIxMzhkMmUiLCJ3aWRnZXQiOnsibmFtZSI6IlNpbHBoIENvLiIsImxvZ28iOiJodHRwczovL3B1dS5zaC9BRXlCVy9jMTU0YjE2ZDQwLnBuZyIsImNhbGxiYWNrX3VybCI6Imh0dHBzOi8vZXhhbXBsZS5jb20ifX0.">Connect your Online Reputation wit Traity</a>
Now, you just to have to decide in which part of your application’s flow you do you want to include our service. Each business is be different and has its own needs so there might be multiple scenarios to consider:
For example, a user has followed the traditional flow within your app and according to your current scoring system, that person is not eligible for your product. So, you might want to offer them the possibility of using their TrustScore as a complementary data point, increasing your potential customer base from those that were initially rejected.
Also, you could completely substitute your current data collection flow, which might require some sort of manual review, and replace it with our process to have a reliable score that allows you to make decisions in real time.
Re-engaging with initially rejected customers
Using Traity as the main scoring system
Reading the TrustScore¶
When users finish the process in Traity, they will redirected to the url you specified in the callback_url
parameter during the widget session’s link initialization. A GET call will be made to that url
and it will include a parameter called request that will be needed to read user’s TraityScore from your site.
There are two approaches to read a user’s score. One is using the secret you got while creating your app in our Developers’ dashboard and second one is to use the decentralized option, where you can use your own blockchain keys to sign the request and get access to the user’s score. In both cases, a bearer token will be generated and you will be to read the users score by making a GET http request to the following URI:
https://rg.traity.com/score
a) Using your application secret:
If you are using your app secret, you just need to generate a new JWT token signed with it.
This new token should contain the payload you just received and should be included inside the Authorization header as a bearer token as follows:
require 'jwt'
authorization = JWT.encode({ request: params[:request] }, ENV['APP_SECRET'], 'HS512')
response = Faraday.get('https://rg.traity.com/score',
nil,
'Authorization': "Bearer #{authorization}").body
score = JSON.parse(response)
require 'jwt'
authorization = JWT.encode({ request: params[:request] }, ENV['APP_SECRET'], 'HS512')
response = Faraday.get('https://rg.traity.com/score',
nil,
'Authorization': "Bearer #{authorization}").body
score = JSON.parse(response)
<?php
// php-jwt is used in this example: https://github.com/firebase/php-jwt
use \Firebase\JWT\JWT;
$url = 'https://rg.traity.com/score';
$authorization = JWT::encode(array('request' => $_GET['request']), APP_SECRET);
$header = array('Accept: application/json',
'Authorization: Bearer '.$authorization);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_HTTPGET, true);
$reply = curl_exec($curl);
//error handling for cURL
if ($reply === false) {
throw new Exception('Curl error: ' . curl_error($curl));
}
curl_close($curl);
$decoded_data = json_decode($reply, true);
echo '<pre>';
print_r($decoded_data);
?>
Successful requests made to the score endpoint will return responses similar to this:
{
"score": 89.0,
"breakdown": {
"online_identity": 72.0,
"behavioural_reputation": 63.0
"network": 80.0,
}
}
Warning
User’s permission will last 24 hours starting at the moment the process of building the TrustScore is completed. An error will be raised if score is tried to be accessed with the same token after that period of time.
See also
Reputation Gateway is based on REY, the decentralized risk scoring protocol. More information about the permission JWT token and its different claims can be found at https://rey.readthedocs.io/en/latest/contents/reference.html
Interpreting the TrustScore¶
Live Demo¶
You can test our service to get a glance of how does it actually work at https://staging.traity.com/scoring/demo (if you want to see how does it look in mobile, click here)
This link will send you to the Traity’s Reputation Gateway widget where you will be able to build your own TrustScore. Once you finish the process, you will be redirected to a sample page that will read your score with your permission.
Support¶
If you need any assistance with the integration of Reputation Gateway in your site or have any question, please go to https://traity.com/scoring to contact or write us directly at scoring@traity.com..
Learn more about our product at https://traity.com/scoring