DEVICE DATA CAPTURE (DDC)

The Device Data Capture provides for the customers to integrate one of these requirements for our 3DSS API integration. The 2C2P's 3DSS can collect the 3DS 2.0 (EMV 3DS) required browser data elements to make the 3DS 2.0 request and invoke the 3DS Method URL if available on the card issuer.

The 3DSS will utilize this method to embed the necessary Method URL into an iframe on the merchant's website if the Issuing Bank opts to implement it. (In accordance with EMV 3DS guidelines, it is the responsibility of the merchant to host and activate the Method URL on their website should the Issuing Bank decide to utilize it).

Note:
• Please refer to the step number 1.4 in the above diagram.
• Please refer to the Appendix A for JWT creation/validation.

Request

Required data in DDC iframe

Field Name	Data Type	Length	Example	Description	Requirement
ddcId	String	varchar(36)	afe5aee0-a505-4085- 97f6-08d5b8981a66	This field is unique id for DDC (Reference Id for that session)	Required
cardBIN	String	varchar(11)	410000	Card BIN	Required
callbackUrl	String	max 2048 chars	https://{callback url}	URL for the 3DS Requestor PGW	Required
JWT	String	max 2048 chars	eyJhbGciOiJIUzI1NiIsInR5cCI6I kpXVCJ9.eyJzdWIiOiIxMjM0N TY3ODkwIiwibmFtZSI6IkpvaG 4gRG9lIiwiaWF0IjoxNTE2MjM 5MDIyfQ.SflKxwRJSMeKKF2QT 4fwpMeJf36POk6yJV_adQssw5c	JWT token	Required

<iframe name='deviceDataCollectionFrame' height="5" width="5" style="visibility: hidden; position: absolute; left: -1024px; top:-1024px;"></iframe>
<form id="deviceDataCaptureForm" target='deviceDataCollectionFrame' name="devicedatacapture" method="POST" action="{URL}">
<!--
POST Parameters: bin=First 6 digits to full pan of the payment card number.
For merchants unable to utilize the First 6 of the Cardnumber, optional Rest API is available to generate a session identifier representing the session.
JWT=JWT generated per merchant specification.
-->
 <input type="hidden" name="bin" value="410000" />
 <input type="hidden" name="callbackUrl" value="specify the return URL for 3DS Requestor" />
 <input type="hidden" name="ddcId" value=" Reference Id for that session" />
 <input type="hidden" name="jwt" value="JWT generated per merchant spec" />
</form>

<script>window.onload = function () {
    // Auto submit form on page load
    document.getElementById('deviceDataCaptureForm').submit();
  }
</script>

Callback

Common JWT Claims

Claim Name	Field Name	Description	Required
iss	Issuer	The JWT's issuer identifier contains the API key or name that can specify the issuer.	Y
aud	Audience	This field will populate by 2C2P on the response JWT to contain the request jti field. This field helps the merchant to match between request's JWTs and response JWTs.	Y
exp	Expiration	The expiry time specified for identifying the expiration by a maximum of 2 hours, and the recommendation is 10 minutes.	N
iat	Issued At	The timestamp of when the JWT was generated. This helps to determine a JWT expiry.	Y
jti	JWT Id	The unique ID for this JWT. The field should not replicate each time a JWT is generated.	Y

Field Name	Data Type	Length	Description	Requirement
ddcId	String	varchar(36)	This field is unique id for DDC	Required
status	String	varchar(36)	The status of DDC process	Required
dataCollection	Object			Required
ddc	Boolean		DDC Collection completed	Required
threeDsMethodUrl	Boolean		DDC Collection for ACS completed	Required
errorNumber	Number		Error number indicating the result. 0 is success
errorDescription	String		A text description of the ErrorNumber field.

{
  "iss": "b319259f-639b-4907-b914-a5fcbb151c93",
  "iat": 1535052764,
  "exp": 1535059964,
  "jti": "31dd6191-c217-47b9-9fdd-751767e641b2"
  "aud": "36db6974-c220-4b3e-b45e-66f3c9a58ad2",
  "payload": {
    "status":"success",
    "ddcId": " 8a871cfb-7a34-48d9-81cf-dafe5badedee
    "dataCollection": {
        "ddc": true
        "threeDsMethodUrl": true
    },
   "errorNumber" : 0,
   "errorDescription" : "success",
}
}