Why request the IP address of the customer?


Post-payment and credit card payment methods require the customer ip_address to be validated and thus, we need the actual IP address of the end user within the ip_address field. This means that the optional parameter “ip_address (optional) within the JSON request is now a “required” field when processing post-payment and/or credit card transactions.

Please note! When validating the localhost ip_address instead of the end user’s ip_address, it may result in transactions being marked with the status uncleared or even be rejected/declined.

   "customer": {
        "ip_address": "",
        "forwarded_ip": "" 


The X-FORWARDED-FOR header of the customer request when using a proxy.

forwarded_ip is to be used when there is a proxy. In all other cases they need to use the ip_address to retrieve the IP address of the customer.

Uncleared status or Declined

Due to the validation on the IP address of the end user (customer) a transaction can unnecessarily be marked with the status uncleared or even be declined.

Before a payment is accepted, a fraud check will take place on the transaction. The required ip_address field is one of the checks processed in the validation of the payment. When provided with an empty or incorrect IP address (by providing the ip_address of the webshop instead of the customer), the chances that the transaction will be marked with the status uncleared are very high.

Credit cards and post-payment methods represent a high risk for fraud. Therefore, the validation of each transaction will automatically take place to protect the merchants processing with MultiSafepay.