Email from Braintree re Updates to required 3D Secure data fields #922
Comments
|
Hi, We are using the web drop-in too. There have been no updates to the Braintree drop-in documentation regarding these changes (https://braintree.github.io/braintree-web-drop-in/docs/current/Dropin.html#requestPaymentMethod). I found that you have to explicitly set these options in the So your implementation will look something like this... dropinInstance.requestPaymentMethod({
threeDSecure: {
collectDeviceData: true,
email: '<Cardholder Email Address>',
mobilePhoneNumber: '<Cardholder Phone Number>'.replace(/[^0-9]/gm, ''), // Replace all non-numeric
billingAddress: {
givenName: '<Cardholder Name (first)>',
surname: '<Cardholder Name (last)>',
phoneNumber: '<Cardholder Phone Number>'.replace(/[^0-9]/gm, ''), // Replace all non-numeric
},
additionalInformation: {
ipAddress: '<Browser / Device IP Address>'
}
}
}, callbackFunction);Hope that helps |
|
I am glad Braintree handles collection via the
means when it is then immediately described as
Which is it, the browser or the screen 🤔 |
|
Not sure I fully understand expectations about the ipAddress field... |
Agreed, it's really not clear 🤷♂️ |
|
Hi, How do you know that you extra fields are being sent? Make sure that is succesfully implemented? I don't get any errors and can see the transactions but I don't have a way to know this is working. |
|
Under the "Premium Fraud Management Tools" section on a transaction the "Device Data Captured" should show true if you have successfully captured it and sent it with transaction. As for the other fields, the idea I got from support was that we can't verify if these are working through looking at the Braintree control panel! |
|
@joehuggans |
|
Apologies I got the device data thing mixed up, response from support on that: "Just to clarify the device data collection for the Premium Fraud tools and the 3DS are two different things" And also below if it helps anyone: "If your concern is for the new VISA regulations relating to the additional 3DS fields that need to be passed, its important to note that per new information we have received from specialist teams, when using Braintree web for drop-in or hosted fields you do not need to pass collectDeviceData=true as our 3DS MPI provider will pull and pass that automatically for you. The only fields that you will need to be concerned about collecting and passing in the 3DS verifyCard call are the ipAddress, email address or phone number, and cardholder name. For these fields you will need to collect that on your own outside of the drop-in and then pass it in the requestPaymentMethod (drop-in) or the verifyCard (custom/hosted field integrations) call. |
|
That reminds me of another info that I couldn´t find anywhere but Braintree support told me. If this helps anyone:
|
|
Hi. We have a site that is using Braintree on Wordpress via the official plugin as well as on Shopamine. Is there anything we have to do in order to be complaiant on there or is it done automatically? We are also based in EU if that is of any importance. |
I don't believe this can be automatic. In my particular case I had to add extra fields in the form to comply with this. And write a small function to get the IP of the user (among other stuff). The screenshot shows what is mandatory. |
|
There is no such thing as "IP of the user" in IPV4 world. There is only a "IP of the user from specific server perspective". Eg, my/your server may have completely different understanding of the client IP compared to the 3DS server. |
General information
Issue description
We received an email from Braintree last week saying that effective 12 August 2024, Visa will recategorize five existing 3D Secure data fields from “conditional” to “required.” and asking us to check that our integration passes the newly required fields.
We use the web drop-in and I don't see a place in the API to set these fields. Can you confirm that this update will be taken care of automatically in the drop-in?
The text was updated successfully, but these errors were encountered: