# Protecting a Transaction source: https://developer.mastercard.com/account-validation/documentation/use-cases/protect-transaction/index.md This example flow demonstrates use of the Account Validation API to help protect a transaction. In this example, you are a Mastercard Send Transaction Initiator and provide a funds transfer app that enables people to send money. Each user has an app profile with a linked sending card account for funding their transfers. This example does not prescribe the design and interactions of your app; those aspects are for you to define. For details of using the API and sample requests and responses, see [API Reference](https://developer.mastercard.com/account-validation/documentation/api-reference/index.md). If an API request fails validation, Mastercard returns an error response, see [Error Codes](https://developer.mastercard.com/account-validation/documentation/code-and-formats/index.md#error-codes). For details of using other Mastercard Send APIs, refer to those API documentation sets. ## Make a Payment {#make-a-payment} When the app user (Bob) makes a payment, fraud risks include Authorized Push Payment (APP) fraud, where the recipient is not who they claim to be. For example, Jenny (a fraudster) might contact Bob, posing as someone from a trusted organization, and try to trick him into transferring funds to her account (using a fake name). The app's Send Money flow can use the Account Validation API to help verify the recipient's name and card account prior to making the payment transfer. Example sequence: Diagram av-sequence-transaction The example sequence above shows: 1. Jenny contacts Bob, pretending to be from his vehicle leasing provider, XYZ Vehicles. She claims some of his monthly payments failed and that he must make immediate payment of $425 to the specified card account, in name of 'XYZ Vehicles', or else his lease vehicle will be taken from him at further cost. 2. In the app, Bob starts the Send Money flow. 3. For the receiving account, Bob provides Jenny's card account details and the name 'XYZ Vehicles'. 4. You send an [Account Validation API](https://developer.mastercard.com/account-validation/documentation/api-reference/index.md) POST request with the name and account details. This will check the fake name against the account name on record with the card issuer. 5. Mastercard sends a non-financial request to the card issuer to validate the supplied account details. 6. The card issuer checks and responds with matching response codes. 7. Mastercard translates the issuer's response codes into [status values](https://developer.mastercard.com/account-validation/documentation/code-and-formats/index.md#status-valuess) and provides those to you in the API response. For example: * `nameValidationResults.status` = 'NOT_MATCHED' We recommend you use additional account checks to provide further data for your validation decision logic, such as these Mastercard Send additional services: * [Account Information service](https://developer.mastercard.com/mastercard-send-account-info/documentation/) checks the sending and receiving eligibility of the card account with Mastercard. * [Account Verification Service (AVS)](https://developer.mastercard.com/mastercard-send-avs/documentation/) checks the postcode and billing address with the card issuer. 8. You use the returned [status values](https://developer.mastercard.com/account-validation/documentation/code-and-formats/index.md#status-valuess) and any other checking results to determine whether to trust the recipient and their card account. In this example, you detect possible APP fraud. 9. The app states that the transfer cannot occur. As possible APP fraud is detected, you determine further action to protect and notify the user, for example: * Advise Bob to contact the organization directly using a trusted contact method if he's been told payment is outstanding. * Provide next steps if Bob has accidentally revealed information that could expose his accounts to further fraud attempts. ## Add Funds {#add-funds} An alternative funding example is a user adding funds to a digital wallet or gaming app. Fraud risks include use of a stolen card and money laundering, and you might also need to verify the card account owner to satisfy applicable regulation. The wallet or app's Add Funds flow can use the Account Validation API to help verify the name and card account prior to making the funding transfer. The sequence is similar to that shown above.