Purpose
PA Setup will:
- Interact with Cardinal BIN Intelligence API
- Generate JWT which can be:
- Sent to device data collection URL
- Used for Cruise Hybrid integration method
BIN Intelligence API manages a data collection session and is indirectly linked with a method URL redirect, it is a part of Cardinal Cruise Authentication (CCA). Songbird Standard (Cruise Standard), Songbird Hybrid (Cruise Hybrid), and Cruise API are all part of Cardinal Cruise Authentication.
Method URL redirect is a concept in EMV 3DS (3DS2) that allows issuing bank to obtain additional browser and device information prior to the authentication request. This will allow issuer to assess the risk of the transaction before it happens, which ultimately should result in a higher rate of frictionless transactions. This is similar to process done by `Risk Based` banks, which has been moved from ACS page to the beginning.
Request and response
Sequence diagram
Request
Response
Device Data Collection JWT
Before passing referenceId for device data collection redirect a JWT must be generated. In other words referenceId is sent as a part of JWT's payload. Cardinal require a signed JWT to authenticate to most of the Cruise services. Cruise credentials are required to generate a JWT.
JWT will be generated automatically and returned in PA Setup response.
Cruise credentials, like other authentication keys, must be kept securely on the server and JWT must be generated on the server.