Dyneti Device ID
Overview
The Dyneti Device ID is a way to identify individual devices which have gone through the DyScan flow.
It results in a persistent ID which can be used to identify malicious users and prevent them from returning to your platform with a new account.
Dyneti Device ID can be enabled on any of the three flows (Modal Flow, Custom View Flow, or QR Flow). To enhance the accuracy of the Device ID you can provide additional data about the user and their actions during the Scan Configuration portion of the integration.
Modal Flow Integration With Dyneti Device ID Guide
1. Check if the user's device is able to scan
Check if scanning is available on the user's device. See Checking Scan Availability for details
2. Scan Configuration
Create a configuration object to customize the scanning UI.
Enabling Dyneti Device ID
To enable the Dyneti Device ID, set the ddi field to true.
To customize the behavior of the Device ID add
the DDI Config object to
the Scan Config.
const config = {
logoUrl: "https://example.com/your-logo-url.png",
promptIfFewDigits: true,
showDynetiLogo: true,
showFirstSecondSideProgress: true,
showProgressBar: true,
showExplanation: true,
showResult: true,
showThrobber: true,
toastTimeout: 5000,
ddi: true,
ddiConfig: {
// optional Dyneti Device ID configuration
version: 1,
data: {
// optional user data
latitude: 37.272085,
longitude: -115.870854,
cartAmountCents: 1000,
accountAddress: "123 Some St.",
merchantName: "Big Kahuna Burger",
doordashDeviceID: "doordash-device-id-1234abcd"
}
}
};
3. Specify which card features you would like to verify
const verify = {
cardholderName: "John Smith",
firstSix: "123456",
lastFour: "4321",
detectWrongCard: true
}
Please see the Verification Request documentation for an explanation of the fields.
4. Create a Scan Object
Provide your apiKey and the config object to make a new scan object.
const scan = new DyScan.Scan({
key: apiKey,
config: config
});
5. Present the Scan Modal to the user
Call scan.present to show the UI to the user and begin the scan and await the result.
The userId is echoed back to you in the result. See User ID for more details
const result = await scan.present(
userId,
verify,
);
6. Use the scan results
The awaited result from step 5 will contain two
attributes, data and completed.
data is a Scan Status object. Please see the Scan Status document for an explanation
of the returned fields.
{
"scanId": "4137d9ad-1d05-419c-a46f-b1d9d9e3a15d",
"status": "scanComplete",
"request": {
"verify": {
"detectWrongCard": false
}
},
"options": {
"logoUrl": "https://dyneti.com/wp-content/uploads/2019/09/dyneti-logo-dark.png",
"userId": "some-user-id",
"showDynetiLogo": true,
"showFirstSecondSideProgress": true,
"showProgressBar": true,
"showExplanation": false,
"showResult": true,
"showThrobber": true,
"uiVersion": 2,
"promptIfFewDigits": true,
"toastTimeout": 5000,
"suppressFirstSix": false,
"ddi": true,
"ddiConfig": {
"version": 1,
"data": {
"latitude": 37.272085,
"longitude": -115.870854,
"cartAmountCents": 1000,
"accountAddress": "123 Some St.",
"merchantName": "Big Kahuna Burger"
}
}
},
"payloadId": "ba8e054f-27f3-3a1a-93b5-50d691bd1667",
"scanResult": {
"firstSix": "424242",
"lastFour": "4242"
},
"isFraud": false,
"declineReasons": {
"formatMismatch": false,
"numberMismatch": false,
"generatedImage": false,
"rateLimited": false
}
}
completed is a boolean and indicates whether the user finished the scan flow. If they canceled the flow or it was
unable to start completed will be false
7. Retrieve the Dyneti Device ID
The Dyneti Device ID can be retrieved by making an authenticated GET request to http://dyscanweb.dyneti.com/api/v1/ddi/<scan_id>
Authentication header
Authenticate your request by providing the X-API-KEY: <your api key> header in your request.
Responses
The ddi endpoint returns a 200 response with a JSON body containing the Device ID.
{
"ddi": "f6238865-f67b-42aa-86ab-489d033dd2bc"
}
If the scan is not in the scanComplete state, or the scan does not exist, the endpoint will return a 404
{
"error": "Completed scan not found"
}
To ensure that the users web client has not modified the Device ID, we recommend making this request from your backend server rather than directly in the user's web-client.