Option 3 - JWT - Card BIN as a POST parameter plus JWT

Option 3 allows you to post the BIN to full Card number as a POST parameter along with the Transactional JWT. When the Device Data Collection URL is invoked, the Transactional JWT and the BIN will be posted over to the URL. This option allows the integrator to pass the Card BIN directly from the web front end to the Device Data Collection URL instead of the JWT.  However, a JWT is still required to authenticate the session. The example below shows the ReturnURL being populated in the Transactional JWT along with a POST parameter.

Integration Steps:

  1. POST Transactional JWT and the Card BIN to the full Card number to the Device Data Collection URL.

  2. Handle the Response from the Device Data Collection URL on the ReturnUrl provided within the Transactional JWT

Option 3 Example
NOTE : This example shows the ReturnUrl being populated in the Transactional JWT along with a POST parameter.

<iframe name='collectionFrame' height="10" width="10" style="visibility: hidden; position: absolute; top: -1000px; left: -1000px;"></iframe> <form id="collectionForm" target='collectionFrame' name="devicedata" method="POST" action="https://centinelapistag.cardinalcommerce.com/V2/Cruise/Collect"> <!-- POST Parameters: Bin=First 6 digits to full pan of the payment card number. For merchants unable to utilize the First 6 of the Cardnumber, optional Rest API is available to generate a session identifier representing the session. JWT=JWT generated per merchant spec --> <input type="hidden" name="Bin" value="400001" /> <input type="hidden" name="JWT" value="JWT generated per merchant spec" /> </form> <script>window.onload = function () { // Auto submit form on page load document.getElementById('collectionForm').submit(); } </script>

Click here to review how to handle the Device Data Collection responses.