Device Data Capture (DDC)
This Device Data Collection page provides a set of options for our Customers to integrate one of these requirements for our 2C2P 3DSS API integration. By choosing one of the Device Data Collection option, 2C2P 3DSS can collect the 3DS 2.0 (EMV 3DS) required browser data elements to make the 3DS 2.0 request and invoke the 3DS Method URL if available.
3DSS will leverage this process to place the required Method URL on the merchant's site, within an iframe, if the Issuing Bank chooses to use one. (Per EMV 3DS requirements, a merchant must place and run the Method URL on their website if an Issuing Bank uses one).
Note:
• Please refer to the step number 1.4 in the above diagram.
• Please refer to the Appendix A for JWT creation/validation.
Request
Required data in DDC iframe
| Field Name | Data Type | Length | Example | Description | Requirement |
|---|---|---|---|---|---|
| ddcId | String | varchar(36) | This field is unique id for DDC (Reference Id for that session) | Required | |
| cardBIN | String | varchar(11) | Card BIN | Required | |
| callbackUrl | String | max 2048 chars | URL for the 3DS Requestor PGW | Required | |
| JWT | String | max 2048 chars |
<iframe name='collectionFrame' height="10" width="10" style="visibility: hidden; position: absolute; top: -1000px; left: -1000px;"></iframe>
<form id="collectionForm" target='collectionFrame' name="devicedata" method="POST" action="https://emv3dss.2c2p.com/V2/ddcCollect">
<!--
POST Parameters: bin=First 6 digits to full pan of the payment card number. For merchants unable to utilize the First 6 of the Cardnumber, optional Rest API is
available to generate a session identifier representing the session. JWT=JWT generated per merchant spec
-->
<input type="hidden" name="bin" value="410000" />
<input type="hidden" name="callbackUrl" value="specify the return URL for 3DS Requestor" />
<input type="hidden" name="ddcId" value=" Reference Id for that session" />
<input type="hidden" name="jwt" value="JWT generated per merchant spec" />
</form>
<script>window.onload = function () {
// Auto submit form on page load
document.getElementById('collectionForm').submit();
}
</script>
Callback
Common JWT Claims
| Claim Name | Description | Required |
|---|---|---|
| jti | JWT Id - A unique identifier for this JWT. This field should change each time a JWT is generated. | Y |
| iat | Issued At - The epoch time in seconds of when the JWT was generated. This allows us to determine how long a JWT has been around and whether we consider it expired or not. | Y |
| iss | Issuer - An identifier of who is issuing the JWT. We use this value to contain the Api Key identifier or name. | Y |
| aud | Audience – 2c2p populates this field on response JWT to contain the request jti field. This allows merchant to match up request JWTs with response JWTs. | Y |
| exp | Expiration - The numeric epoch time that the JWT should be consider expired. This value is ignored if its larger than 2hrs. By default we will consider any JWT older than 2hrs. | N |
| Field Name | Data Type | Length | Example | Description | Requirement |
|---|---|---|---|---|---|
| ddcId | String | varchar(36) | This field is unique id for DDC | Required | |
| status | String | varchar(36) | The status of DDC process | Required | |
| dataCollection | Object | Required | |||
| ddc | Boolean | DDC Collection completed | Required | ||
| threeDsMethodUrl | Boolean | DDC Collection for ACS completed | Required | ||
| errorNumber | Number | Error number indicating the result. 0 is success | |||
| errorDescription | String | A text description of the ErrorNumber field. |
{
"iss": "b319259f-639b-4907-b914-a5fcbb151c93",
"iat": 1535052764,
"exp": 1535059964,
"jti": "31dd6191-c217-47b9-9fdd-751767e641b2"
"aud": "36db6974-c220-4b3e-b45e-66f3c9a58ad2",
"payload": {
"status":"success",
"ddcId": " 8a871cfb-7a34-48d9-81cf-dafe5badedee
"dataCollection": {
"ddc": true
"threeDsMethodUrl": true
},
"errorNumber" : 0,
"errorDescription" : "success",
}
}
Updated 9 days ago