Blacklist Customer
Overview
The Blacklist Customer API allows authorized personnel to flag customer accounts for restriction due to fraudulent activity, policy violations, or other risk factors. This command prevents the customer from conducting certain transactions.
Command Details
Command Name: BlacklistCustomerCommand
Operation Type: Command (Write Operation)
Use Cases
- Fraud Prevention: Block customers involved in fraudulent activities
- Policy Enforcement: Restrict accounts violating bank policies
- Risk Management: Prevent transactions from high-risk customers
- Regulatory Compliance: Comply with sanctions or watchlist requirements
API Endpoint
POST /api/bpm/cmd
Content-Type: application/json
Authorization: Bearer {access_token}
Request Structure
Request Body
{
"commandName": "BlacklistCustomerCommand",
"data": {
"contactEncodedKey": "string",
"reason": "string",
"notes": "string"
}
}
Request Fields
| Field Name | Type | Mandatory | Description |
|---|---|---|---|
contactEncodedKey | String | Yes | Unique identifier of the customer |
reason | String | Yes | Reason for blacklisting |
notes | String | No | Additional notes or details |
Sample Requests
1. Blacklist Customer
{
"commandName": "BlacklistCustomerCommand",
"data": {
"contactEncodedKey": "8a8e87e87d1234567890abcd",
"reason": "Fraudulent activity detected",
"notes": "Multiple failed transaction attempts with invalid credentials"
}
}
Response Structure
Success Response
{
"isSuccessful": true,
"statusCode": "00",
"message": "Customer blacklisted successfully.",
"data": {
"contactEncodedKey": "8a8e87e87d1234567890abcd",
"isBlacklisted": true,
"blacklistDate": "2025-12-18T10:30:00Z"
}
}
Error Handling
| Status Code | Message | Cause |
|---|---|---|
CBS_400 | Validation error | Missing required fields |
CBS_403 | Forbidden | Insufficient permissions |
CBS_404 | Customer not found | Invalid contact encoded key |
CBS_409 | Already blacklisted | Customer is already blacklisted |
CBS_500 | Internal server error | System error |
Code Examples
cURL
curl -X POST https://api.example.com/api/bpm/cmd \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-d '{
"commandName": "BlacklistCustomerCommand",
"data": {
"contactEncodedKey": "8a8e87e87d1234567890abcd",
"reason": "Fraudulent activity detected"
}
}'
Notes
- Requires special permissions to blacklist customers
- Blacklisted customers cannot perform most transactions
- Action is logged for audit purposes
- Can be reversed using Undo Blacklist Customer command