Antifraude Integration Guide

Redirecionando para https://docs.cielo.com.br/risk-en/docs/ ...

About this documentation

This manual presents the API Antifraude Gateway Braspag integration for separated fraud analysis calls. For joint call integration with other services, see the service manual of interest: Pagador, API Cielo E-commerce, Split Cielo E-commerce or Split Pagador.

Overview

Braspag’s Antifraude Gateway is an API REST that offers risk management for your e-commerce with the analysis from the best anti-fraud providers in the world.

Why have a fraud analysis?

• Get the best conversion by controlling the chargeback rate;
• Identify fraudulent transactions;
• Increase security by analyzing Antifraude’s transaction history;
• Avoid brand fines for increasing the chargeback frequency.

Benefits of the Antifraude Gateway

The Braspag Antifraude Gateway facilitates the fraud analysis process in your e-commerce, allowing you to:

• Access to the best anti-fraud providers on the market, without the burden of direct integration;
• Simplified integration;
• Readiness: the main e-commerce platforms are already integrated with Braspag.

Antifraud providers

Anti-fraud providers offer neural network-based tools, non-relational databases, recommendations based on transaction history, behavior and repetitions by time interval, among other functions that make up the fraud analysis model.

When integrating with Antifraude Gateway, you choose which provider(s) you want to analyze your transactions with and which plan.

• Cybersource: a Visa group company, that has been operating fraud management since 1994. CYbersource’s plan options are:

  • Basic (Hierarchy): risk models standardized by the e-commerce industry;
  • Advanced: allows proposals for improvements in risk rules and monthly consulting with Cybersource and Braspag;
  • Complete (Enterprise): has a dedicated CyberSource risk analyst, who will proactively propose adjustments to the business ruleset in order to improve conversion and reduce chargeback rates.

• ACI Worldwide: a global mission-critical software company providing fraud control and prevention as well as real-time payment processing and management for corporations.

• ClearSale: authority in antifraud solutions, balancing advanced technology and specialized human inteligence to deliver excellent indicators and generate trust.

In this manual, check the requests and attached tables corresponding to your anti-fraud provider.

Fraud Analysis Flows

The Antifraude Gateway forwards transaction data to an anti-fraud provider for analysis. The providers use technologies such as machine identification, IP geolocation, social network analysis, proxy detection and replay counters. Braspag receives a recommendation from the provider in real time and can then take action based on the risk of fraud identified by the analysis. There are two possible flows for fraud analysis:

• AnalyseFirst: all transactions are first submitted to Antifraude for analysis and, if accepted, proceed to the acquirer’s authorization process.
• AuthorizeFirst: all transactions are first submitted for authorization by the acquirer and, if authorized, are sent for analysis by Antifraude.

*Review status is returned only if included in your plan.

AnalyseFirst

1. The merchant requests a fraud analysis from Antifraude;
2. Antifraude returns the status Accept, Reject or Review;
3. The merchant sends the transaction request to the payment gateway;
4. The payment gateway requests authorization from the acquirer;
5. The acquirer authorizes the transaction or authorizes and capture;
6. The payment gateway returns the authorization response.

AuthorizeFirst

1. The merchant sends the transaction request to the payment gateway;
2. The payment gateway requests authorization from the acquirer;
3. The acquirer authorizes the transaction;
4. The payment gateway returns the authorization response;
5. The merchant requests a fraud analysis from Antifraude;
6. Antifraude returns the status Accept, Reject or Review.

The chosen flow must be determined during integration, because it is part of the application architecture.

If, after integration, you wish to change the fraud analysis flow, you should request Braspag’s support, as there are details involved in a possible change, mainly in relation to speed rules.

Which flow is recommended for my e-commerce?

• The choice can be made according to the rules of your business, taking into account aspects such as the average ticket and type of product sold;
• You can build your application with both flows and apply the business rules according to your risk criteria.

Below are some characteristics of each flow, which can help you decide on the best model for your business:

AnalyzeFirst

• Antifraud will be able to see e-commerce credit card transactions;
• Avoids early awareness of the credit card limit, avoiding attrition/bad consumer experience;
• Favors the learning of the Antifraude engine;
• There is an analysis cost when the credit card used in the transaction does not have an available limit.

AuthorizeFirst

• Avoids the cost of analysis on credit card transactions that have no available limit;
• Antifraude will not be able to see e-commerce credit card transactions.

Environments

Sandbox

Production

Authentication

The API Antifraude Gateway Braspag uses the OAuth 2.0 market standard protocol to authorize access to its specific resources by environment, Sandbox and Production.

Obtaining access token

During onboarding, you will be given the ClientId and ClientSecret credentials. If you have not received the credentials, ask Braspag Support.

1. Concatenate the credentials in the ClientId:ClientSecret form;
2. Convert the result to base64, generating a string;

Example:

• client_id: braspagtestes
  
• client_secret: 1q2w3e4r5t6y7u8i9o0p0q9w8e7r6t5y4u3i2o1p
  
• String to encode in Base64: braspagtestes:1q2w3e4r5t6y7u8i9o0p0q9w8e7r6t5y4u3i2o1p
  
• Result after coding: YnJhc3BhZ3Rlc3RlczoxcTJ3M2U0cjV0Nnk3dThpOW8wcDBxOXc4ZTdyNnQ1eTR1M2kybzFw
  

3. Send the base64 string in the Authentication request (POST);
4. The Authentication API will validate the string and return the access_token.

The returned token (access_token) must be used in every request to the Antifraude Gateway API as an authorization key. The access_token has a validity of 20 minutes and it is necessary to generate a new one every time the validity expires.

See the image for the authentication flow and the sending of the access_token in the fraud analysis request.

Request

Parameters on the header

Parameters on the body

Response

{
  "access_token": "faSYkjfiod8ddJxFTU3vti_ ... _xD0i0jqcw",
  "token_type": "bearer",
  "expires_in": 599
}

Parameters on the body

Integrating with Cybersource

Below is an example of a fraud analysis request with Cybersource.

Attention: You should only send the BraspagTransactionId field if your flow is AuthorizeFirst and you are using Pagador Braspag. The BraspagTransactionId field is the identifier of the transaction in Pagador. Learn more at Pagador documentation.

Analyzing a transaction at Cybersource

Request

{
  "MerchantOrderId": "4493d42c-8732-4b13-aadc-b07e89732c26",
  "TotalOrderAmount": 15000,
  "TransactionAmount": 14000,
  "Currency": "BRL",
  "Provider": "Cybersource",
  "BraspagTransactionId":"a3e08eb2-2144-4e41-85d4-61f1befc7a3b",
  "Tid": "12345678910111216AB8",
  "Nsu": "951852",
  "AuthorizationCode":"T12345",
  "SaleDate": "2016-12-09 10:01:55.662",
  "Card": {
    "Number" : "4444555566667777",
    "Holder": "Holder Name",
    "ExpirationDate": "12/2023",
    "Cvv": "999",
    "Brand": "VISA"
  },
  "Billing": {
    "Street": "Rua Saturno",
    "Number": "12345",
    "Complement": "Sala 123",
    "Neighborhood": "Centro",
    "City": "Rio de Janeiro",
    "State": "RJ",
    "Country": "BR",
    "ZipCode": "20080123"
  },
  "Shipping": {
    "Street": "Rua Neturno",
    "Number": "30000",
    "Complement": "sl 123",
    "Neighborhood": "Centro",
    "City": "Rio de Janeiro",
    "State": "RJ",
    "Country": "BR",
    "ZipCode": "123456789",
    "FirstName": "João",
    "LastName": "Silva",
    "ShippingMethod": "SameDay",
    "Phone": "552121114700"
  },
  "Customer": {
    "MerchantCustomerId": "10050665740",
    "FirstName": "João",
    "LastName": "Silva",
    "BirthDate": "2016-12-09",
    "Email": "emailcomprador@dominio.com.br",
    "Phone": "552121114700",
    "Ip": "127.0.0.1",
    "BrowserHostName":"www.dominiobrowsercomprador.com.br",
    "BrowserCookiesAccepted":true,
    "BrowserEmail":"emailbrowsercomprador@dominio.com.br",
    "BrowserType":"Chrome 58 on Windows 10",
    "BrowserFingerprint":"123456789"
  },
  "CartItems": [
    {
      "ProductName": "Mouse",
      "Category": "EletronicGood"
      "UnitPrice": "12000",
      "Sku": "abc123",
      "Quantity": 1,
      "Risk":"Low",
      "AddressRiskVerify":"No",
      "HostHedge":"Low",
      "NonSensicalHedge":"Normal",
      "ObscenitiesHedge":"High",
      "TimeHedge":"Low",
      "PhoneHedge":"Normal",
      "VelocityHedge":"High"
    },
    {
      "ProductName": "Teclado",
      "Category": "EletronicGood"
      "UnitPrice": "96385",
      "MerchantItemId": "3",
      "Sku": "abc456",
      "Quantity": 1,
      "Risk": "High"
    }
  ],
  "MerchantDefinedData": [
    {
      "Key": "1",
      "Value": "Valor definido com o Provedor a ser enviado neste campo."
    },
    {
      "Key": "2",
      "Value": "Valor definido com o Provedor a ser enviado neste campo."
    },
    {
      "Key": "3",
      "Value": "Valor definido com o Provedor a ser enviado neste campo."
    }
  ],
  "Bank":{
    "Address": "Rua Marte, 29",
    "Code": "237",
    "Agency": "987654",
    "City": "Rio de Janeiro",
    "Country": "BR",
    "Name": "Bradesco",
    "SwiftCode": "789"
  },
  "FundTransfer":{
    "AccountNumber":"159753",
    "AccountName":"Conta particular",
    "BankCheckDigit":"51",
    "Iban":"123456789"
  },
  "Invoice":{
    "IsGift": false,
    "ReturnsAccept": true,
    "Tender": "Consumer"
  },
  "Airline": {
    "JourneyType": "OneWayTrip",
    "DepartureDateTime": "2018-01-09 18:00",
    "Passengers": [
    {
        "FirstName": "Fulano",
        "LastName": "Tal",
        "PassangerId": "",
        "PassengerType": "Adult",
        "Email": "email@mail.com",
        "Phone": "1234567890",
        "Status": "Gold",
        "Legs" : [
        {
            "ArrivalAirport": "AMS",
            "DepartureAirport": "GIG"
        }]
    }]
  }
}

Parameters in the header

Parameters in the body

Response

{
   "TransactionId": "1eae3d39-a723-e811-80c3-0003ff21d83f",
   "Status": "Accept",
   "ProviderAnalysisResult": {
       "ProviderTransactionId": "5206061832306553904009",
       "ProviderStatus": "ACCEPT",
       "ProviderCode": "100",
       "ProviderRequestTransactionId": "AhjzbwSTGjifFZXHYduJEAFReTUyEoftDpA9+Ehk0kv9Atj2YEBMmAL2",
       "AfsReply": {
           "reasonCode": "100",
           "afsResult": "99",
           "hostSeverity": "3",
           "consumerLocalTime": "11:36:23",
           "afsFactorCode": "D^F^Z",
           "addressInfoCode": "COR-BA",
           "hotlistInfoCode": "NEG-AFCB^NEG-BA^NEG-CC^NEG-EM^NEG-PEM^NEG-SA^REV-PPH^REV-SUSP",
           "internetInfoCode": "FREE-EM^RISK-EM",
           "suspiciousInfoCode": "RISK-TB",
           "velocityInfoCode": "VEL-NAME",
           "scoreModelUsed": "default_lac"
       },
       "DecisionReply": {
           "casePriority": "3",
           "activeProfileReply": {},
           "velocityInfoCode": "GVEL-R1^GVEL-R2^GVEL-R4^GVEL-R6^GVEL-R7^GVEL-R9"
       }
   },
   "Links": [
       {
           "Method": "GET",
           "Href": "http://localhost:1316/Analysis/v2/1eae3d39-a723-e811-80c3-0003ff21d83f",
           "Rel": "Self"
       }
   ]
}

Parameters in the header

Parameters in the body

Querying a transaction at Cybersource

To know the status of a transaction at Cybersource, we recommend that you set up the Notification Post and also do the query by poll, which is presented below:

Request

Parameters in the header

Response

{
   "TransactionId": "1eae3d39-a723-e811-80c3-0003ff21d83f",
   "Status": "Accept",
   "ProviderAnalysisResult": {
       "ProviderTransactionId": "5206061832306553904009",
       "ProviderStatus": "ACCEPT",
       "ProviderCode": "100",
       "ProviderRequestTransactionId": "AhjzbwSTGjifFZXHYduJEAFReTUyEoftDpA9+Ehk0kv9Atj2YEBMmAL2",
       "AfsReply": {
           "reasonCode": "100",
           "afsResult": "99",
           "hostSeverity": "3",
           "consumerLocalTime": "11:36:23",
           "afsFactorCode": "D^F^Z",
           "addressInfoCode": "COR-BA",
           "hotlistInfoCode": "NEG-AFCB^NEG-BA^NEG-CC^NEG-EM^NEG-PEM^NEG-SA^REV-PPH^REV-SUSP",
           "internetInfoCode": "FREE-EM^RISK-EM",
           "suspiciousInfoCode": "RISK-TB",
           "velocityInfoCode": "VEL-NAME",
           "scoreModelUsed": "default_lac"
       },
       "DecisionReply": {
           "casePriority": "3",
           "activeProfileReply": {},
           "velocityInfoCode": "GVEL-R1^GVEL-R2^GVEL-R4^GVEL-R6^GVEL-R7^GVEL-R9"
       }
   },
   "Links": [
       {
           "Method": "GET",
           "Href": "http://localhost:1316/Analysis/v2/1eae3d39-a723-e811-80c3-0003ff21d83f",
           "Rel": "Self"
       }
   ],
  "MerchantOrderId": "4493d42c-8732-4b13-aadc-b07e89732c26",
  "TotalOrderAmount": 15000,
  "TransactionAmount": 14000,
  "Currency": "BRL",
  "Provider": "Cybersource",
  "BraspagTransactionId":"a3e08eb2-2144-4e41-85d4-61f1befc7a3b",
  "Card": {
    "Number" : "4444555566667777",
    "Holder": "Holder Name",
    "ExpirationDate": "12/2023",
    "Cvv": "999",
    "Brand": "VISA"
  },
  "Billing": {
    "Street": "Rua Saturno",
    "Number": "12345",
    "Complement": "Sala 123",
    "Neighborhood": "Centro",
    "City": "Rio de Janeiro",
    "State": "RJ",
    "Country": "BR",
    "ZipCode": "20080123"
  },
  "Shipping": {
    "Street": "Rua Neturno",
    "Number": "30000",
    "Complement": "sl 123",
    "Neighborhood": "Centro",
    "City": "Rio de Janeiro",
    "State": "RJ",
    "Country": "BR",
    "ZipCode": "123456789",
    "FirstName": "João",
    "LastName": "Silva",
    "ShippingMethod": "SameDay",
    "Phone": "552121114700"
  },
  "Customer": {
    "MerchantCustomerId": "10050665740",
    "FirstName": "João",
    "LastName": "Silva",
    "BirthDate": "2016-12-09",
    "Email": "emailcomprador@dominio.com.br",
    "Phone": "552121114700",
    "Ip": "127.0.0.1",
    "BrowserHostName":"www.dominiobrowsercomprador.com.br",
    "BrowserCookiesAccepted":true,
    "BrowserEmail":"emailbrowsercomprador@dominio.com.br",
    "BrowserType":"Chrome 58 on Windows 10"
  },
  "CartItems": [
    {
      "ProductName": "Mouse",
      "Category": "EletronicGood",
      "UnitPrice": "12000",
      "Sku": "abc123",
      "Quantity": 1,
      "Risk":"Low",
      "AddressRiskVerify":"No",
      "HostHedge":"Low",
      "NonSensicalHedge":"Normal",
      "ObscenitiesHedge":"High",
      "TimeHedge":"Low",
      "PhoneHedge":"Normal",
      "VelocityHedge":"High"
    },
    {
      "ProductName": "Teclado",
      "Category": "EletronicGood",
      "UnitPrice": "96385",
      "MerchantItemId": "3",
      "Sku": "abc456",
      "Quantity": 1,
      "Risk": "High"
    }
  ],
  "MerchantDefinedData": [
    {
      "Key": "1",
      "Value": "Valor definido com o Provedor a ser enviado neste campo."
    },
    {
      "Key": "2",
      "Value": "Valor definido com o Provedor a ser enviado neste campo."
    },
    {
      "Key": "3",
      "Value": "Valor definido com o Provedor a ser enviado neste campo."
    }
  ],
  "Bank":{
    "Address": "Rua Marte, 29",
    "Code": "237",
    "Agency": "987654",
    "City": "Rio de Janeiro",
    "Country": "BR",
    "Name": "Bradesco",
    "SwiftCode": "789"
  },
  "FundTransfer":{
    "AccountNumber":"159753",
    "AccountName":"Conta particular",
    "BankCheckDigit":"51",
    "Iban":"123456789"
  },
  "Invoice":{
    "IsGift": false,
    "ReturnsAccept": true,
    "Tender": "Consumer"
  },
  "Airline": {
    "JourneyType": "OneWayTrip",
    "DepartureDateTime": "2018-01-09 18:00",
    "Passengers": [
    {
        "FirstName": "Fulano",
        "LastName": "Tal",
        "PassangerId": "",
        "PassengerType": "Adult",
        "Email": "email@mail.com",
        "Phone": "1234567890",
        "Status": "Gold",
        "Legs" : [
        {
            "ArrivalAirport": "AMS",
            "DepartureAirport": "GIG"
        }]
    }]
  }
}

Parameter in the header

Parameters in the body

Update on the Cybersource status

In case of manual review by the e-commerce itself, we recommend that the result of the review (new status) be sent to Cybersource in order to refine the fraud analysis process of your store.

Follow the example request below to change the status of transactions:

• From Review to Accept or Reject;
• From Accept to Reject.

Request

To request the status update you must generate the access token (access_token) and send it in the request header.

{
    "Status": "Accept",
    "Comments": "Dados do cliente OK"
}

Parameters in the header

Parameters in the body

Response

• When the transaction is received for processing

{
    "Status": "Accept",
    "ChangeStatusResponse": {
        "Status": "OK",
        "Message": "Change Status request successfully received. New status: Accept."
    }
}

Parameters in the header

Parameters in the body

• When the transaction is not found in the database.
  
  

Parameters in the header

• When the transaction is not eligible for change of status.
  
  Parameters in the header

• When the new status sent is different from Accept or Reject.
  
  Parameters in the header

• When the type or size of a field is not sent as specified in the manual.

{
    "Message": "The request is invalid.",
    "ModelState": {
        "request.Status": [
            "Error converting value \"Review\" to type 'Antifraude.Domain.Enums.StatusType'. Path 'Status', line 2, position 16."
        ],
        "request.Comments": [
            "The field Comments must be a string or array type with a maximum length of '255'."
        ]
    }
}

Parameters in the header

Parameters in the body

Fingerprint with Cybersource

What is Fingerprint?

The Fingerprint is the digital identification of the shopper’s device. This identification is made up of a series of data collected on the checkout page of the website or application, such as:

• Shopper’s device IP;
• Browser version;
• Operational system;
• Language and country compatibility.
  
  

Fingerprint identifies the device used per browsing session and persists for approximately 24 hours. If the page is closed and the shopper returns to the site by opening a new page, or if you close the application and open it again, you must generate a new session and a new session ID.

The Fingerprint is important for fraud analysis because, often, only the cart data is not enough to guarantee an assertive analysis. The data collected by Fingerprint complements the analysis and increases the security of your store.

Who creates Fingerprint?

For analysis via Cybersource, Fingerprint is created before the fraud analysis request by Threatmetrix, the company that identifies the device.

To establish communication between your checkout page and Threatmetrix and send the shopper’s data, you need to insert a Fingerprint code in your e-commerce; read more about it at How to set up Fingerprint in Cybersource?

Fingerprint Flow with Cybersource

Fingerprint creation takes place separately from the fraud analysis request.

See the representation of the Fingerprint creation flow and fraud analysis request:

Fingerprint creation step

1. The shopper fills in the requested data on the merchant’s checkout page (website or application);
2. The merchant’s checkout page, already set up with the Fingerprint code, collects the shopper’s data and sends it to Threatmetrix requesting the identification of the device (Fingerprint creation);
3. Threatmetrix creates the Fingerprint of the shopper’s device.

Fraud analysis step

1. The merchant sends the fraud analysis request with the Customer.BrowserFingerprint field to the Antifraude Gateway;
2. The Antifraude Gateway validates the request and requests the fraud analysis to Cybersource;
3. Cybersource consults the Fingerprint in the Threatmetrix, performs the fraud analysis and sends the recommendation (Accept/Reject/Review) to the Antifraude Gateway;
4. The Antifraude Gateway returns the result of the fraud analysis to the merchant;
5. The merchant returns the transaction status (approved or not approved) to the shopper.

Where to send the Fingerprint?

In the fraud analysis request with Cybersource, the value of the Customer.BrowserFingerprint field will be the ProviderIdentifier, which must be generated by the e-commerce.

Note that the value of this field is not the Fingerprint itself, but an indication of the Fingerprint of the transaction. This indication will be used by Cybersource to query the Fingerprint in the device identification service and thus use it to compose the fraud analysis.

How to set up Fingerprint in Cybersource?

Fingerprint consists of implementing a script on your checkout page (front-end), in the part where the shopper fills in the registration data.

Fingerprint configuration will be different for each type of client application (web, Android or iOS), but the variables used are the same; see the table with Fingerprint variables.

Fingerprint variables

The following table presents the Fingerprint configuration variables with Threatmetrix and Cybersource.

Setting up Fingerprint on Cybersource – Web

You will need to insert a JavaScript script in the front-end code of your checkout page.

1. Fill in the Threatmetrix URL

The Threatmetrix URL will be inserted in the script and therefore must be filled in correctly.

The Threatmetrix URL template is https://h.online-metrix.net/fp/tags.js?org_id=OrgId&session_id=ProviderMerchantIdProviderIdentifier

In the URL, replace the OrgId, ProviderMerchantId and ProviderIdentifier values as directed in the Threatmetrix URL Variables table.

2. Add the tags to the script

Insert the URL filled in step 1 into the script and noscript tags of the JavaScript template.

The JavaScript model is represented in the following image.

Access our GitHub to view and copy the JavaScript template.

• Insert the script tag inside the head tag for correct performance:

<head>
<script type="text/javascript" src="https://h.online-metrix.net/fp/tags.js?org_id=ProviderOrgId&session_id=ProviderMerchantIdProviderIdentifier"></script>
</head>

• Insert the noscript tag inside the body tag, so that the device data collection is carried out even if the browser’s JavaScript is disabled. The noscript tag is a redundancy to collaborate with data collection.

<body>
<noscript>
<iframe style="width: 100px; height: 100px; border: 0; psition:absolute; top: -5000px;" src="https://h.online-metrix.net/fp/tags?org_id=ProviderOrgId&session_id=ProviderMerchantIdProviderIdentifier"></iframe>
</noscript>
</body>

3. Apply the JavaScript template

Insert the Javascript with tags (step 2) into the front-end code of your checkout page.

You must put the code at checkout, in the part of filling in the registration data. Thus, the data that make up the Fingerprint will be collected while the shopper fills in the form.

In the fraud analysis request, send only the value ProviderIdentifier in the Customer.BrowserFingerprint field.

Setting up Fingerprint on Cybersource – Android

1. Add SDK to your project

Download the Android SDK.

Then add the SDK to your project.

2. Add the libraries

Add the libraries and dependencies to the project:

• TMXProfiling-6.0-138.aar
• MXProfilingConnections-6.0-138.aar
  
  Learn more about building libraries on Android in the Android for Developers documentation.

3. Include permissions

In Manifest, you must include the following permissions:

<uses-permission android:name="android.permission.INTERNET">

</uses-permission>

4. Import the libraries

Import the following libraries:

• import com.threatmetrix.TrustDefender.TMXConfig
• import com.threatmetrix.TrustDefender.TMXEndNotifier
• import com.threatmetrix.TrustDefender.TMXProfiling
• import com.threatmetrix.TrustDefender.TMXProfilingHandle
• import com.threatmetrix.TrustDefender.TMXProfilingOptions

5. Parameterize the SDK

You must parameterize the SDK with the following parameters:

TMXConfig config = new TMXConfig()

.setOrgId("OrgId")

In the “OrgId” field, indicate the value corresponding to the environment in the Threatmetrix:

• Sandbox: “1snn5n9w”;
• Production: “k8vif92e”.

.setFPServer("h.online-metrix.net")

.setContext(getApplicationContext());

.setTimeout(20, TimeUnit.SECONDS)

TMXProfiling.getInstance().init(config);

6. Create the session id variable

The ProviderMerchantId value must be concatenated with the ProviderIdentifier variable (defined by your e-commerce) to create the session identification (MyVariable).

MyVariable = ProviderMerchantId + ProviderIdentifier

Example:

MyVariable = braspag_XXXX + ProviderIdentifier

In the fraud analysis request, send only the value ProviderIdentifier in the Customer.BrowserFingerprint field. If the ProviderIdentifier generated by your e-commerce is “202201080949”, in the field Customer.BrowserFingerprint send the value “202201080949”.

7. Implement Profiling

Implement Profiling with EndNotifier.

TMXProfilingOptions options = new TMXProfilingOptions().setCustomAttributes(null);options.setSessionID(MyVariable)

TMXProfilingHandle profilingHandle = TMXProfiling.getInstance().profile(options,new CompletionNotifier());

class CompletionNotifier implements TMXEndNotifier

{
Override public void complete(TMXProfilingHandle.Result result)
{ // Once Profile is done. Check the status code in the results dictionary, and use the session Id in the API.
}
}

Download the Cybersource support material .

Setting up Fingerprint on Cybersource – iOS

1. Add SDK to your project

Download the iOS SDK.

Then add the SDK to your project.

2. Import the libraries and dependencies

Add the following libraries and dependencies to your project:

• import RLTMXProfiling
• import RLTMXProfilingConnections
• import RLTMXBehavioralBiometrics

3. Parameterize the SDK

Parameterize the SDK with the following parameters:

self.profile.configure(configData:[

RLTMXOrgID : "OrgID",

In the “OrgID” field, indicate the value corresponding to the environment in the Threatmetrix:

• Sandbox: “1snn5n9w”;
• Production: “k8vif92e”.

RLTMXFingerprintServer : "h.online-metrix.net",

RLTMXProfileTimeout : self.profileTimeout,

RLTMXLocationServices : true,

RLTMXProfilingConnectionsInstance : profilingConnections,

])

4. Create the session id variable

The ProviderMerchantId value must be concatenated with the ProviderIdentifier variable (defined by e-commerce) to create the session identification (MyVariable).

MyVariable = ProviderMerchantId + ProviderIdentifier

Example:

MyVariable = braspag_XXXX + ProviderIdentifier

self.profile.sessionID = @”MyVariable”

In the fraud analysis request, send only the value ProviderIdentifier in the Customer.BrowserFingerprint field. If the ProviderIdentifier generated by your e-commerce is “202201080949”, in the field Customer.BrowserFingerprint send the value “202201080949”.

5. Implement Profiling

Add the doProfileRequest() function to your application and specify the following options:

let profileHandle: RLTMXProfileHandle =

self.profile.profileDevice(profileOptions:[RLTMXCustomAttributes: [],

RLTMXSessionID: [MyVariable], callbackBlock:{(result: [AnyHashable : Any]?) -> Void in

Download the Cybersource support material.

Integrating with ACI Worldwide

Analyzing a transaction at ACI Worldwide

When your antifraude provider is ACI Worldwide, send the value “RedShield” in the Provider field.

Request

{
  "MerchantOrderId": "4493d42c-8732-4b13-aadc-b07e89732c26",
  "TotalOrderAmount": 15000,
  "TransactionAmount": 14000,
  "Currency": "BRL",
  "Provider": "RedShield",
  "OrderDate": "2016-12-09 12:35:58.852",
  "BraspagTransactionId":"a3e08eb2-2144-4e41-85d4-61f1befc7a3b",
  "Tid": "12345678910111216AB8",
  "Nsu": "951852",
  "AuthorizationCode":"T12345",
  "SaleDate": "2016-12-09 10:01:55.662",
  "SplitingPaymentMethod": "None",
  "IsRetryTransaction": false,
  "Card": {
    "Number" : "4444555566667777",
    "Holder": "Holder Name",
    "ExpirationDate": "12/2023",
    "Cvv": "999",
    "Brand": "VISA",
    "EciThreeDSecure": "5"
  },
  "Billing": {
    "Street": "Rua Neturno",
    "Number": "12345",
    "Complement": "Sala 123",
    "Neighborhood": "Centro",
    "City": "Rio de Janeiro",
    "State": "RJ",
    "Country": "BR",
    "ZipCode": "20080123"
  },
  "Shipping": {
    "Street": "Rua Saturno",
    "Number": "30000",
    "Complement": "sl 123",
    "Neighborhood": "Centro",
    "City": "Rio de Janeiro",
    "State": "RJ",
    "Country": "BR",
    "ZipCode": "123456789",
    "Email": "emailentrega@dominio.com.br",
    "FirstName": "João",
    "MiddleName": "P",
    "LastName": "Silvao",
    "ShippingMethod": "SameDay",
    "Phone": "552121114700",
    "WorkPhone": "552121114721",
    "Mobile": "5521998765432",
    "Comment": "Em frente ao 322"
  },
  "Customer": {
    "MerchantCustomerId": "10050665740",
    "FirstName": "João",
    "MiddleName": "P",
    "LastName": "Silva",
    "BirthDate": "1983-10-01",
    "Gender": "Male",
    "Email": "emailcomprador@dominio.com.br",
    "Phone": "552121114700",
    "WorkPhone": "552121114721",
    "Mobile": "5521998765432",
    "Ip": "127.0.0.1",
    "BrowserFingerprint": "04003hQUMXGB0poNf94lis1ztuLYRFk+zJ17aP79a9O8mWOBmEnKs6ziAo94ggAtBvKEN6/FI8Vv2QMAyHLnc295s0Nn8akZzRJtHwsEilYx1P+NzuNQnyK6+7x2OpjJZkl4NlfPt7h9d96X/miNlYT65UIY2PeH7sUAh9vKxMn1nlPu2MJCSi12NBBoiZbfxP1Whlz5wlRFwWJi0FRulruXQQGCQaJkXU7GWWZGI8Ypycnf7F299GIR12G/cdkIMFbm6Yf0/pTJUUz1vNp0X2Zw8QydKgnOIDKXq4HnEqNOos1c6njJgQh/4vXJiqy0MXMQOThNipDmXv9I185O+yC2f3lLEO0Tay66NZEyiLNePemJKSIdwO9O5ZtntuUkG6NTqARuHStXXfwp8cyGF4MPWLuvNvEfRkJupBy3Z8hSEMEK7ZWd2T2HOihQxRh4qp+NANqYKBTl3v6fQJAEKikeSQVeBN8sQqAL0BZFaIMzbrnMivi6m6JRQUIdvEt+MbJEPFc0LjRycC5ApUmJO+Aoo9VKL1B8ftMSQ1iq1uTKn16ZOmDpzZrZhMPbH83aV0rfB2GDXcjpghm9klVFOw7EoYzV7IDBIIRtgqG9KZ+8NH/z6D+YNUMLEUuK1N2ddqKbS5cKs2hplVRjwSv7x8lMXWE7VDaOZWB8+sD1cMLQtEUC0znzxZ4bpRaiSy4dJLxuJpQYAFUrDlfSKRv/eHV3QiboXLuw9Lm6xVBK8ZvpD5d5olGQdc+NgsqjFnAHZUE+OENgY4kVU9wB84+POrI4MkoD4iHJ5a1QF8AZkZDFo1m1h9Bl+J2Ohr6MkBZq8DG5iVaunHfxUdHou5GL7lS1H7r+8ctfDXi8AfOPjzqyODJQ74Aiel35TKTOWG8pq1WO6yzJ1GNmMuMWZBamlGXoG/imnjwHY9HQtQzpGfcm0cR8X2Fd1ngNFGLDGZlWOX0jWtOwU6XVGT37JFD9W/cx4kzI+mPNi65X5WFPYlDG9N0Lbh5nOj3u3DXqRCiKCUrsEkMt8z9fxO9pLLGVQUKIYR2wTw53CiWK96FOpPevDWtH2XR0QkfOd02D73n81x6hEMCy0s3hRLn08Th9FlNHDMJBqLj+Tz8rG2TtNki3mJC7Ass1MT2qnKBI77n6vsQkAp59TfbZm/tBXwAoYdLJXge8F/numhd5AvQ+6I8ZHGJfdN3qWndvJ2I7s5Aeuzb8t9//eNsm73fIa05XreFsNyfOq1vG2COftC6EEsoJWe5h5Nwu1x6PIKuCaWxLY+npfWgM0dwJPmSgPx7TNM31LyVNS65m83pQ+qMTRH6GRVfg7HAcS5fnS/cjdbgHxEkRmgkRq1Qs48sbX9QC8nOTD0ntb6FcJyEOEOVzmJtDqimkzDq+SXR1/63AYe4LEj+ogRgN+Z8HAFhGFzd/m6snVviELfRqJ4LLQIk9Y/fzqnsF6I5OGxfdT2sxxK2Vokpi3jWhCcEknw7dYlHYpOnCHZO7QVgjQTngF2mzKf4GeOF4ECFsWTgLy6HFEitfauYJt1Xh1NfZZerBMwXLFzdhzoTQxGlcXc8lZIoEG1BLYv/ScICf8Ft9PEtpEa+j0cDSlU99UoH2xknwR1W9MRGc5I/euE63/IMJTqguZ3YcnJpjSVnAGSpyz/0gKjypJ3L86rHFRGXt0QbmaXtSl2UmmjI0p0LCCdx7McatCFEVI6FwPpPV0ZSMv/jM75eBid1X/lTV4XNzjowzR/iFlKYMzHZtVO9hCBPKlTwblRXNn4MlvNm/XeSRQ+Mr0YV5w5CL5Z/tGyzqnaLPj/kOVdyfj8r2m5Bcrz4g/ieUIo8qRFv2T2mET46ydqaxi27G4ZYHj7hbiaIqTOxWaE07qMCkJw==",
    "Status": "NEW"
  },
  "CartItems": [
    {
      "ProductName": "Mouse",
      "UnitPrice": "6500",
      "MerchantItemId": "4",
      "Sku": "abc123",
      "Quantity": 1,
      "OriginalPrice": "7000",
      "GiftMessage": "Te amo!",
      "Description": "Uma description do Mouse",
      "ShippingInstructions": "Proximo ao 546",
      "ShippingMethod": "SameDay",
      "ShippingTrackingNumber": "123456"
    },
    {
      "ProductName": "Teclado",
      "UnitPrice": "7500",
      "MerchantItemId": "3",
      "Sku": "abc456",
      "Quantity": 1,
      "OriginalPrice": "8000",
      "GiftMessage": "Te odeio!",
      "Description": "Uma description do Teclado",
      "ShippingInstructions": "Proximo ao 123",
      "ShippingMethod": "SameDay",
      "ShippingTrackingNumber": "987654"
    }
  ],
  "CustomConfiguration": {
    "MerchantWebsite": "www.test.com"
  },
  "MerchantDefinedData": [
    {
      "Key": "USER_DATA4",
      "Value": "Valor definido com o Provedor a ser enviado neste campo."
    },
    {
      "Key": "Segment",
      "Value": "8999"
    },
    {
      "Key": "MerchantId",
      "Value": "Seller123456"
    }
  ],
  "Airline": {
    "ThirdPartyBooking": "Y",
    "Bookingtype": "Corporate",
    "TicketDeliveryMethod": "Delivery",
    "BookingReferenceNumber": "L5W4NW",
    "Passengers": [
    {
        "FirstName": "Fulano",
        "MiddleName": "D",
        "LastName": "Tal",
        "PassengerType": "Adult",
        "Email": "email@mail.com",
        "Phone": "1234567890",
        "TicketNumber": "123541",
        "LoyaltyMemberNumber": "159753852",
        "Legs" : [
        {
            "ArrivalAirport": "AMS",
            "DepartureAirport": "GIG",
            "ArrivalCountry": "NLD",
            "DepartureCountry": "BRA",
            "AirlineCode": "KLM",
            "DepartureDateTime": "2018-01-09 18:00",
            "ClassOfService": "Standard"
        }]
    }]
  }
}

Parameters in the header

Parameters in the body

Response

{
   "TransactionId": "fdf8f357-a723-e811-80c3-0003ff21d83f",
   "Status": "Accept",
   "ProviderAnalysisResult": {
       "ProviderRequestId": "8a829449620619e801620b31d1c85d5a",
       "Result": {
           "ProviderCode": "000.000.000",
           "ProviderDescription": "Transaction succeeded"
       },
       "ResultDetails": {
           "CSITransactionLink": "https://csi-stage.redworldwide.com/index.red#transactiondetail/000548000001XAR20180309093717761",
           "ProviderStatus": "ACCEPT",
           "ProviderTransactionId": "381069636258",
           "ProviderResponseCode": "0150",
           "ProviderOrderId": "000548000001XAR20180309093717761"
       },
       "Ndc": "8a82941859d5969a0159db3f6ecc1418_60d2e8536e244db2bf04146872b00d38"
   },
   "Links": [
       {
           "Method": "GET",
           "Href": "http://localhost:1316/Analysis/v2/fdf8f357-a723-e811-80c3-0003ff21d83f",
           "Rel": "Self"
       }
   ]
}

Parameters in the header

Parameters in the body

Querying a transaction at ACI Worldwide

Request

{
  "TransactionId": "fdf8f357-a723-e811-80c3-0003ff21d83f",
   "Status": "Accept",
   "ProviderAnalysisResult": {
       "ProviderRequestId": "8a829449620619e801620b31d1c85d5a",
       "Result": {
           "ProviderCode": "000.000.000",
           "ProviderDescription": "Transaction succeeded"
       },
       "ResultDetails": {
           "CSITransactionLink": "https://csi-stage.redworldwide.com/index.red#transactiondetail/000548000001XAR20180309093717761",
           "ProviderStatus": "ACCEPT",
           "ProviderTransactionId": "381069636258",
           "ProviderResponseCode": "0150",
           "ProviderOrderId": "000548000001XAR20180309093717761"
       },
       "Ndc": "8a82941859d5969a0159db3f6ecc1418_60d2e8536e244db2bf04146872b00d38"
   },
   "Links": [
       {
           "Method": "GET",
           "Href": "http://localhost:1316/Analysis/v2/fdf8f357-a723-e811-80c3-0003ff21d83f",
           "Rel": "Self"
       }
   ],
  "MerchantOrderId": "4493d42c-8732-4b13-aadc-b07e89732c26",
  "TotalOrderAmount": 15000,
  "TransactionAmount": 14000,
  "Currency": "BRL",
  "Provider": "RedShield",
  "OrderDate": "2016-12-09 12:35:58.852",
  "BraspagTransactionId":"a3e08eb2-2144-4e41-85d4-61f1befc7a3b",
  "SplitingPaymentMethod": "None",
  "IsRetryTransaction": false,
  "Card": {
    "Number" : "4444555566667777",
    "Holder": "Holder Name",
    "ExpirationDate": "12/2023",
    "Cvv": "999",
    "Brand": "VISA",
    "EciThreeDSecure": "5"
  },
  "Billing": {
    "Street": "Rua Neturno",
    "Number": "12345",
    "Complement": "Sala 123",
    "Neighborhood": "Centro",
    "City": "Rio de Janeiro",
    "State": "RJ",
    "Country": "BR",
    "ZipCode": "20080123"
  },
  "Shipping": {
    "Street": "Rua Saturno",
    "Number": "30000",
    "Complement": "sl 123",
    "Neighborhood": "Centro",
    "City": "Rio de Janeiro",
    "State": "RJ",
    "Country": "BR",
    "ZipCode": "123456789",
    "Email": "emailentrega@dominio.com.br",
    "FirstName": "João",
    "MiddleName": "P",
    "LastName": "Silvao",
    "ShippingMethod": "SameDay",
    "Phone": "552121114700",
    "WorkPhone": "552121114721",
    "Mobile": "5521998765432",
    "Comment": "Em frente ao 322"
  },
  "Customer": {
    "MerchantCustomerId": "10050665740",
    "FirstName": "João",
    "MiddleName": "P",
    "LastName": "Silva",
    "BirthDate": "1983-10-01",
    "Gender": "Male",
    "Email": "emailcomprador@dominio.com.br",
    "Phone": "552121114700",
    "WorkPhone": "552121114721",
    "Mobile": "5521998765432",
    "Ip": "127.0.0.1",
    "BrowserFingerprint": "04003hQUMXGB0poNf94lis1ztuLYRFk+zJ17aP79a9O8mWOBmEnKs6ziAo94ggAtBvKEN6/FI8Vv2QMAyHLnc295s0Nn8akZzRJtHwsEilYx1P+NzuNQnyK6+7x2OpjJZkl4NlfPt7h9d96X/miNlYT65UIY2PeH7sUAh9vKxMn1nlPu2MJCSi12NBBoiZbfxP1Whlz5wlRFwWJi0FRulruXQQGCQaJkXU7GWWZGI8Ypycnf7F299GIR12G/cdkIMFbm6Yf0/pTJUUz1vNp0X2Zw8QydKgnOIDKXq4HnEqNOos1c6njJgQh/4vXJiqy0MXMQOThNipDmXv9I185O+yC2f3lLEO0Tay66NZEyiLNePemJKSIdwO9O5ZtntuUkG6NTqARuHStXXfwp8cyGF4MPWLuvNvEfRkJupBy3Z8hSEMEK7ZWd2T2HOihQxRh4qp+NANqYKBTl3v6fQJAEKikeSQVeBN8sQqAL0BZFaIMzbrnMivi6m6JRQUIdvEt+MbJEPFc0LjRycC5ApUmJO+Aoo9VKL1B8ftMSQ1iq1uTKn16ZOmDpzZrZhMPbH83aV0rfB2GDXcjpghm9klVFOw7EoYzV7IDBIIRtgqG9KZ+8NH/z6D+YNUMLEUuK1N2ddqKbS5cKs2hplVRjwSv7x8lMXWE7VDaOZWB8+sD1cMLQtEUC0znzxZ4bpRaiSy4dJLxuJpQYAFUrDlfSKRv/eHV3QiboXLuw9Lm6xVBK8ZvpD5d5olGQdc+NgsqjFnAHZUE+OENgY4kVU9wB84+POrI4MkoD4iHJ5a1QF8AZkZDFo1m1h9Bl+J2Ohr6MkBZq8DG5iVaunHfxUdHou5GL7lS1H7r+8ctfDXi8AfOPjzqyODJQ74Aiel35TKTOWG8pq1WO6yzJ1GNmMuMWZBamlGXoG/imnjwHY9HQtQzpGfcm0cR8X2Fd1ngNFGLDGZlWOX0jWtOwU6XVGT37JFD9W/cx4kzI+mPNi65X5WFPYlDG9N0Lbh5nOj3u3DXqRCiKCUrsEkMt8z9fxO9pLLGVQUKIYR2wTw53CiWK96FOpPevDWtH2XR0QkfOd02D73n81x6hEMCy0s3hRLn08Th9FlNHDMJBqLj+Tz8rG2TtNki3mJC7Ass1MT2qnKBI77n6vsQkAp59TfbZm/tBXwAoYdLJXge8F/numhd5AvQ+6I8ZHGJfdN3qWndvJ2I7s5Aeuzb8t9//eNsm73fIa05XreFsNyfOq1vG2COftC6EEsoJWe5h5Nwu1x6PIKuCaWxLY+npfWgM0dwJPmSgPx7TNM31LyVNS65m83pQ+qMTRH6GRVfg7HAcS5fnS/cjdbgHxEkRmgkRq1Qs48sbX9QC8nOTD0ntb6FcJyEOEOVzmJtDqimkzDq+SXR1/63AYe4LEj+ogRgN+Z8HAFhGFzd/m6snVviELfRqJ4LLQIk9Y/fzqnsF6I5OGxfdT2sxxK2Vokpi3jWhCcEknw7dYlHYpOnCHZO7QVgjQTngF2mzKf4GeOF4ECFsWTgLy6HFEitfauYJt1Xh1NfZZerBMwXLFzdhzoTQxGlcXc8lZIoEG1BLYv/ScICf8Ft9PEtpEa+j0cDSlU99UoH2xknwR1W9MRGc5I/euE63/IMJTqguZ3YcnJpjSVnAGSpyz/0gKjypJ3L86rHFRGXt0QbmaXtSl2UmmjI0p0LCCdx7McatCFEVI6FwPpPV0ZSMv/jM75eBid1X/lTV4XNzjowzR/iFlKYMzHZtVO9hCBPKlTwblRXNn4MlvNm/XeSRQ+Mr0YV5w5CL5Z/tGyzqnaLPj/kOVdyfj8r2m5Bcrz4g/ieUIo8qRFv2T2mET46ydqaxi27G4ZYHj7hbiaIqTOxWaE07qMCkJw==",
    "Status": "NEW"
  },
  "CartItems": [
    {
      "ProductName": "Mouse",
      "UnitPrice": "6500",
      "MerchantItemId": "4",
      "Sku": "abc123",
      "Quantity": 1,
      "OriginalPrice": "7000",
      "GiftMessage": "Te amo!",
      "Description": "Uma description do Mouse",
      "ShippingInstructions": "Proximo ao 546",
      "ShippingMethod": "SameDay",
      "ShippingTrackingNumber": "123456"
    },
    {
      "ProductName": "Teclado",
      "UnitPrice": "7500",
      "MerchantItemId": "3",
      "Sku": "abc456",
      "Quantity": 1,
      "OriginalPrice": "8000",
      "GiftMessage": "Te odeio!",
      "Description": "Uma description do Teclado",
      "ShippingInstructions": "Proximo ao 123",
      "ShippingMethod": "SameDay",
      "ShippingTrackingNumber": "987654"
    }
  ],
  "CustomConfiguration": {
    "MerchantWebsite": "www.test.com"
  },
  "MerchantDefinedData": [
    {
      "Key": "USER_DATA4",
      "Value": "Valor definido com o Provedor a ser enviado neste campo."
    },
    {
      "Key": "Segment",
      "Value": "8999"
    },
    {
      "Key": "MerchantId",
      "Value": "Seller123456"
    }
  ],
  "Airline": {
    "ThirdPartyBooking": "Y",
    "Bookingtype": "Corporate",
    "TicketDeliveryMethod": "Delivery",
    "BookingReferenceNumber": "L5W4NW",
    "Passengers": [
    {
        "FirstName": "Fulano",
        "MiddleName": "D",
        "LastName": "Tal",
        "PassengerType": "Adult",
        "Email": "email@mail.com",
        "Phone": "1234567890",
        "TicketNumber": "123541",
        "LoyaltyMemberNumber": "159753852",
        "Legs" : [
        {
            "ArrivalAirport": "AMS",
            "DepartureAirport": "GIG",
            "ArrivalCountry": "NLD",
            "DepartureCountry": "BRA",
            "AirlineCode": "KLM",
            "DepartureDateTime": "2018-01-09 18:00",
            "ClassOfService": "Standard"
        }]
    }]
  }
}

Parameters in the header

Response

Parameters in the header

Parameters in the body

Fingerprint with ACI Worldwide

The Fingerprint is the digital identification of the shopper’s device. This identification is made up of a series of data collected on the checkout page of the website or application.

Integration with your checkout page (website)

How does it work?

1. The store’s checkout page sends the attributes of the shopper’s device to Iovation, thus creating the black box;
2. The merchant receives the encrypted character string from Iovation and writes it on the checkout page in a field of type hidden;
3. The merchant sends the black box to Braspag, together with the other transaction data to be analyzed;
4. Braspag receives all the data, validates it and sends it to ACI Worldwide;
5. ACI Worldwide receives all data, sends the black box to Iovation to decrypt;
6. ACI Worldwide receives shopper device attributes from Iovation.

How to set it up?

1. Include Iovation’s javascript on your checkout page;
2. Add configuration parameters in JavaScript;
3. Create a hidden field on your page to write the black box in it and send it along with the transaction data to be analyzed.

Including Iovation’s JavaScript

To include JavaScript, add the <script> element to your checkout page.

This is the URL for the Iovation version of snare.js: <script type=”text/javascript” src=”https://mpsnare.iesnare.com/snare.js”></script>

Configuration parameters

Example

Integration into iOS and Android mobile apps

Downloading the SDK If you haven’t already downloaded the iOS or Android SDK, you must do so before proceeding. To do so, access one of the links as desired.

• Download Deviceprint SDK iOS
• Download Deviceprint SDK Android

About the integration Add the Iovation Mobile SDK to your apps to collect information about shoppers’ devices. A black box will be generated which contains all available device information.

Integrating with iOS apps

iOS Integration Files and Requirements

This release supports iOS 5.1.1 or higher on the following devices:

• iPhone 3GS and later
• iPod Touch 3rd generation or later
• All iPads

Installing the SDK on iOS

1. Download and unzip the SDK;

2. In Xcode, drag iovation.framework into your project’s navigation area

3. In the dialog box that appears:
   • Select Copy items if needed to copy the framework to the project directory
   • Check the checkbox for the targets where you plan to use the framework

4. Click Finish

5. Add the following frameworksto the application target in XCode: ExternalAccessory.framework. If you find that Wireless Accessory Configuration is enabled in Xcode 6 or higher and you don’t need it, disable it and re-add the ExternalAccessory.framework CoreTelephony.framework

6. Optionally add these frameworks if your application makes use of them: AdSupport.framework. If your app displays ads Note: Do not include if your app does not use ads, as the App Store rejects apps that include the framework but do not use ads CoreLocation.framework. If your app uses local monitoring Note: Do not include unless your application requests user geolocation permission

Using the +ioBegin function

The +ioBegin function collects information about the device and generates a black box. This black box must be sent through the Customer.BrowserFingerPrint field together with the other data for analysis.

Syntax

NSSstring * bbox = [iovation ioBegin]

Return values

bbox - string which contains the black box

Example

Integrating with Android apps

Android Integration Files and Requirements

Version 1.2.0 of the Iovation Mobile SDK for Android supports Android versions 2.1 and higher.

Installing the SDK on Android

1. Download and unzip deviceprint-lib-1.2.0.aar;
2. Launch the IDE of your choice;
3. In Eclipse and Maven, deploy the .aar extension file to your local Maven repository using maven-deploy. More details at: Maven Guide;
4. In Android Studio, select File -> New Module. Expand More Modules and choose Import existing .jar or .aar package;
5. Select the deviceprint-lib-1.2.0.aar file, and click on Finish;
6. Make sure device-lib is a build dependency in the build.gradle file.

Using the ioBegin function

The ioBegin function collects information about the device and generates a black box. This black box must be sent through the Customer.BrowserFingerPrint field together with the other data for analysis.

*Syntax

public static String ioBegin(Context context)

*Parameters

context - an instance of the android.content.Context class used to access information about the device

Return Values

string containing the black box

IMPORTANT The black box returned from ioBegin must never be empty. An empty black box that contains only 0500 indicates that the protection offered by the system may have been compromised.

IMPORTANT The device-lib-1.2.0.aar file must be packaged with the application.

• Compiling the sample app in Android Studio

IMPORTANT If the option to run the module does not appear, select File -> Project Structure and open the Modules panel. From there, set the Android SDK version in the list.

1. Download and unzip deviceprint-lib-1.2.0.aar;
2. In Android Studio, select File -> Open or click on Open Project through the quick-start option;
3. In the directory where you unzipped deviceprint-lib-1.2.0.aar, open the sample app’s android-studio-sample-app directory;
4. Open the file DevicePrintSampleActivity;
5. With some settings, Android Studio may detect an Android Framework in the project and not configure it. In this case, open the Event Log and click on Configure;
6. A popup will open for you to select the Android Framework. Click OK to correct the errors;
7. In Android Studio, select File -> New Module. Expand More Modules and choose Import existing .jar or .aar package;
8. Select the deviceprint-lib-1.2.0.aar file, and click on Finish;
9. Make sure device-lib is a build dependency in build.gradle file
   ;
10. Open the Device Print Sample Activity folder;
11. In the project navigation option, open src/main/java/com/iovation/mobile/android/sample/DevicePrintSampleActivity.java;
12. Right click and select Run DevicePrintSampleAct;
13. Select a connected physical device or a virtual Android to run the app;
14. The app will compile and run.

The example is simple, there is a button and when clicked a text box is filled with the black box. For a richer example, see the Android Studio sample app included in the SDK.

Integrating with ClearSale

The integration with ClearSale consists of two steps, fingerprint configuration and fraud analysis request.

Fingerprint with ClearSale

Fingerprint is the digital identification of the shopper’s device. This identification is made up of a series of data collected on the checkout page of the website or application, such as:

• Precise location*;
• Device advertising identifiers*;
• Device characteristics (screen, battery, keyboard, free disk space, model, device name);
• Software characteristics (version, language, build, parental control);
• Network information (connections, IP);
• SimCard network carrier.
  
  

*If device user granted permission.

Fingerprint flow with ClearSale

For analysis via ClearSale, the Fingerprint is created before the fraud analysis request via a JavaScript script.

The creation of the Fingerprint takes place separately from the fraud analysis request.

See the representation of the Fingerprint creation flow and fraud analysis request:

Fingerprint creation stage

1. The shopper fills in the requested data on the e-commerce’s checkout page (website or app);

2. The e-commerce’s checkout page, already configured with the Fingerprint code, collects the shopper’s data and runs the device identification script (Fingerprint creation).

Fraud analysis stage

3. The e-commerce sends the fraud analysis request with the field Customer.BrowserFingerprint (with the value of session_id) to the Antifraude Gateway;

4. The Antifraude Gateway validates the request and requests fraud analysis from ClearSale;

5. ClearSale performs fraud analysis taking into account the device’s Fingerprint and sends the recommendation to accept, reject or review* the transaction to the Antifraude Gateway;

6. The Antifraude Gateway returns the fraud analysis results to the store;