Fraud Shield

  • Additional Parameters to pass to the API to use Fraud Shield
    • remote_ip :  please pass customer IP address in this parameter to our system. Otherwise all Request would be from your server’s IP address and it will club transactions to your IP address
    • pwp_fs_session_id : Please pass this parameter in the API call with the value generated by our Javascript SDK. You can check the sample code at the end of the doc.
  • Session ID Discussion
    • The Session ID is the identifier for the collection event and is specific to the user’s request. You will use the Session ID for subsequent calls to the API service for device information regarding the current user’s interaction.
      • Session ID field name = sessionId
      • Session ID values should be 32-character length and must be alpha-numeric values (0-9, a-z or AZ). Dashes (-) and underscores (_) are acceptable.
      • Session IDs must be unique per request. They must be unique for a minimum of 30 days.
      • Script tag parameter value = s Example: s=abcdefg12345abababab123456789012.
  • Web Clients or Browser
    • The Data Collector runs on a client’s browser and collects a variety of information that helps uniquely identify the device. Add the <script> tag and an <img> tag to the web page where you want to trigger the Data Collection to Occur.
Field Parameter Value
merchantId m Use 100320
sessionId s 10- to 32-character session id;

see Session ID Discussion above

for more information

  • Collector Script Example
    • <script type=’text/javascript’ src=”” ></script>
    • The script tag will not affect the UI with its placement.
  • Creating the kaxsdc Class (Responsible for Triggering Data Collection)
    • The Client Collector SDK data collection process is triggered by the load data event. This gives the collector the most available time to complete its work. The collection is bound to the page load event by adding the kaxsdc class and data-event=‘load’ to an HTML element, such as the HTML body or a div.
    • Note: It is required to have the above /collect/sdk script tag on your page, as it will import the Client Collector SDK.
  • Namespace & ka.ClientSDK Object
    • The Pinwheel collector JavaScript is namespaced under the ka JavaScript object. To start using the Client Collector SDK, create a new ClientSDK object: var client = new ka.ClientSDK().
    • Available methods in the ka.ClientSDK object:


Method Description
autoLoadEvents() Attaches the collection process to be automatically triggered by the page elements load event with the className “kaxsdc.”
(This is optional for troubleshooting data collection) setupCallback(config) (OPTIONAL) A client programmable callback system that allows the client to execute custom code at certain points in the data collection process. This method allows a merchant to add a callback function to be called at a specified lifecycle hook. A merchant can pass a JavaScript object containing one or more life cycle hooks with a function pointer or an anonymous function to be executed.

List of hooks (in order of firing):

  • collect-begin – Triggers when the collection starts.
  • collect-end – Triggers when the collection ends.

When executed, the callback function is passed a JavaScript object containing the following properties:

  • MercSessId – The merchant provided session.
  • MerchantId – The merchant Id.


Code Sample :

<div class=’kaxsdc’ data-event=’load’></div>
<!– s= unique Session identifier per checkout. We can use a unique Order ID or Checkout Id. If you dont pass this parameter in the script tag below then system will generate a unique identifier for you.–>
<script type=’text/javascript’ src=’’> </script>

<script type=’text/javascript’>
var client=new ka.ClientSDK();
‘collect-end’: function(params) {
// we need to pass pwp_fs_session_id parameters with value in ka.sessionId as shown in the console log below
‘collect-begin’:function(params) {
alert(“Device Data Collection Begin 100320!”);