DCB protect HTTP requests

Script : request to get the DCB protect javascript probe

This request returns a javascript that you will insert in the landing page containing the CTA (Click to Action) that you want to protect. The script must be placed before of all other scripts in the <head> tag

Request

GET https://api.dcbprotect.com/username/script
HTTPS is recommended for security reasons, if latency is a main concern HTTP can be used

Parameters

Name Value Description
Path parameters
username string Your username as provided in your credentials
Required parameters
ti string A unique identifier of transaction that allows you to identify the transaction. This information has to be saved for the next steps (128 characters maximum).
te string The targeted element : The CTA element used to perform the billing. This string must be a valid CSS selector string. Example :
  • input
  • .mySpecificClass
  • a#mySpecificId
ts string The timestamp : Current timestamp
s string The signature : The signature following this process
Optional parameters
adc bool Anti double click feature, option to block multiple clicks on CTA element (default : false)
so bool Experimental – Script only feature, option to get only the script in the response (default : false)
arg1 string Custom parameter that you want to see in your dashboard (we recommend to specify the telecom operator)
arg2 string Custom parameter that you want to see in your dashboard (we recommend to specify the traffic source id)
arg3 string Custom parameter that you want to see in your dashboard (we recommend to specify the landing page id)
arg4 string Custom parameter that you want to see in your dashboard
arg5 string Custom parameter that you want to see in your dashboard
arg6 string Custom parameter that you want to see in your dashboard
arg7 string Custom parameter that you want to see in your dashboard
arg8 string Custom parameter that you want to see in your dashboard
arg9 string Custom parameter that you want to see in your dashboard
arg10 string Custom parameter that you want to see in your dashboard

Response

If successful, this method returns in the HTTP Message body of the response, a Json array containing a token and the script  :

Name Value Description
t string The token : A unique identifier of the kit used related to your transaction identifier.
s string The Javascript which has to be added in your web page between <script></script> tags just before the <body> tag

Example

HTTP Request

https://api.dcbprotect.com/evina/script?ti=MyUniqueTransactionId&ts=484610400&te=.secured-billing-button&s=878a12d7023077185424557b1c9f508594d25c0e0de468c5957a5175f19401b2

Response

{
"t": "39624416359cd4d722e4f8899243865",
"s": “var eva=['&v=','platform','toLowerCase','&x=','&ab=','&ac=',
}

Check : request to check if a transaction is authentic

This request returns a code indicating if the transaction is authentic or not for the specified transaction id.

Request

GET https://api.dcbprotect.com/username/check
HTTPS is recommended for security reasons, if latency is a main concern HTTP can be used

Parameters

Name Value Description
Path parameters
username string Your username as provided in your credentials
Required parameters
ti string The transaction id : Same parameter sent to the script_API
ts string The timestamp : Current timestamp
s string The signature : The signature following this process
Optional parameters
arg1 string Custom parameter that you want to see in your dashboard (we recommend to specify the telecom operator)
arg2 string Custom parameter that you want to see in your dashboard (we recommend to specify the traffic source id)
arg3 string Custom parameter that you want to see in your dashboard (we recommend to specify the landing page id)
arg4 string Custom parameter that you want to see in your dashboard
arg5 string Custom parameter that you want to see in your dashboard
arg6 string Custom parameter that you want to see in your dashboard
arg7 string Custom parameter that you want to see in your dashboard
arg8 string Custom parameter that you want to see in your dashboard
arg9 string Custom parameter that you want to see in your dashboard
arg10 string Custom parameter that you want to see in your dashboard

Response

If successful, this method returns in the HTTP Message body of the response, a Json array containing a code indicated if the transaction is authentic or not :

Name Value Description
success boolean The status of the request
as integer The authenticity score : A Authenticity detection score valued between 0 and 100 (0=not authentic, 100=fully authentic)
ft integer The fraud type : There is multiple form of fraud detected by our kit. You can find fraud codes in annex
oo integer Our opinion : Can be 0 (not authentic) or 1 (authentic)
e array Array of string containing errors during the request. You can find fraud codes in annex

Example

HTTP Request

https://api.dcbprotect.com/evina/check?ti=MyUniqueTransactionId&ts=1436133600&s=8408596dbd964da42a038c4fb7d71f41c6904dc2a992ed7c1c9dd652fc49259c

Response

{
"success": true,
"as": 100,
"ft": 2006,
"oo": 0,
}

Transaction: request to notify our system that a conversion as been confirmed

Request

GET https://api.dcbprotect.com/username/transaction
HTTPS is recommended for security reasons, if latency is a main concern HTTP can be used

Parameters

Name Value Description
Path parameters
username string Your username as provided in your credentials
Required parameters
ti string The transaction id : Same parameter sent to the script_API
ts string The timestamp : Current timestamp
s string The signature : The signature following this process
Optional parameters
d json The data: the data associated to the transaction_id (ex: subscription_id, landing_id…), needs to be url encoded.

Example

HTTP Request

https://api.dcbprotect.com/evina/transaction?ti=MyUniqueTransactionId&ts=1436133600&s=8408596dbd964da42a038c4fb7d71f41c6904dc2a992ed7c1c9dd652fc49259c
N.B: If nothing is returned, with a 200 HTTP status code, then the transaction is confirmed. Otherwise, an error will be returned.

Data : request to retrieve check request records asynchronously

This request responds a collection of the data record resulting from the execution of the check request during the specified period.

Request

GET https://data.dcbprotect.com/username
HTTPS is recommended for security reasons, if latency is a main concern HTTP can be used

Parameters

Name Value Description
Path parameters
username string Your username as provided in your credentials
Required parameters
sd datetime start datetime : the execution time of the first check request record to retrieve, a timestamp in RFC3339 UTC “Zulu” format accurate to microsecond, for example: “2018-11-27T00:00:00.000000Z”
ed datetime end datetime : the execution time of the last check request record to retrieve, a timestamp in RFC3339 UTC “Zulu” format accurate to microsecond, for example: “2018-11-28T23:59:59.999999Z”
s string The signature : The signature following this process
Optional parameters
page_id string Specify page_id to retrieve the next transactions
ti string The transaction id : when specified, only check record related to this transaction id are returned.

Limitations

  • Minimum interval between two requests per user: 1 second
  • Maximum time span per request: 31 days
  • Age of the oldest record that can be retrieved: 12 months
  • Number of records per request : 10 000 (use the page_id parameter to get the next 10 000)

Response

If successful, this method returns in the HTTP Message body of the response, a Json array containing a collection of the check HTTP requests records generated during the specified time period :

Name Value Description
total integer The total number of records retrieved
next_page_id string The id you need to use to get the next records
hits array The array contains the records retrieved
hits.ft integer The fraud type associated to the transaction. You can find fraud codes in annex, for example 1000 means the transaction has been considered as authentic
hits.ti string The transaction id as used during the script and the check requests
hits.arg1 string Customized arguments as it has been added when inserting the script on the page to protect
hits.arg2 string Customized arguments as it has been added when inserting the script on the page to protect
hits.arg3 string Customized arguments as it has been added when inserting the script on the page to protect
hits.arg4 string Customized arguments as it has been added when inserting the script on the page to protect
hits.arg5 string Customized arguments as it has been added when inserting the script on the page to protect
hits.arg6 string Customized arguments as it has been added when inserting the script on the page to protect
hits.arg7 string Customized arguments as it has been added when inserting the script on the page to protect
hits.arg8 string Customized arguments as it has been added when inserting the script on the page to protect
hits.arg9 string Customized arguments as it has been added when inserting the script on the page to protect
hits.arg10 string Customized arguments as it has been added when inserting the script on the page to protect
hits.date datetime Timestamp of the date when the check request has been performed in UTC, for example : 2018-11-27T05:32:29Z

Example

HTTP Request

https://data.dcbprotect.com/evina?sd=2018-11-27T23%3A00%3A00Z&ed=2018-11-28T22%3A00%3A00Z&s=6f87526267955aed8804d9a271062c2ae9f913aa

Response

{
"total" : 2,
"next_page_id" : "62c2157b40179",
"hits" :
[{
       "ft": 1000,
       "ti": "hdfkgho",
       "arg1": "8215",
       "arg2": "google",
       "arg3": "",
       "date": "2018-11-28T20:42:07Z"
    }, {
       "ft": 1000,
       "ti": "mmbcvmbcm",
       "arg1": "7542",
       "arg2": "yahoo",
       "arg3": "",
       "date": "2018-11-28T20:42:13Z"
}]
}

Signature

Your API calls need to be signed.

The signature has to be set in lowercase in the parameter s..

Details on how the signature is created are available upon request.