This reference implementation showcases the Fraud and Loss Database (FLD) APIs from: Mastercard Developers.
- JDK 8+
- Set up the JAVA_HOME environment variable to match the location of your Java installation.
- Set up the MAVEN_HOME environment variable to match the location of your Maven bin folder.
- Create an account on Mastercard Developers.
- Create a new project here.
- Add the Fraud And Loss Database API to your project and click continue.
- Give your project a name and optionally invite other team members, then click continue.
- Download the Sandbox Signing Key zip and unzip it. This should result in a
.p12file. - Finish creating the project.
- Navigate to your projects page, found here and select your project.
- Here, under your sandbox keys, you should be able to see a consumer key, default keystore alias and default keystore password.
- Copy the downloaded
.p12and.pemfiles tosrc/main/resourcesfolder in your code. - Open
src/main/resources/application.propertiesand configure:mastercard.fld.api.url- URL of the API.mastercard.fld.client.p12.path- Path to keystore (.p12) file, just change the name as per the downloaded file in step 5.mastercard.fld.client.ref.app.consumer.key- Copy the Consumer key from "Sandbox/Production Keys" section on your project pagemastercard.fld.client.ref.app.keystore.alias- Alias of your key. Default key alias for the sandbox iskeyalias.mastercard.fld.client.ref.app.keystore.password- Password of your Keystore. Default keystore password for sandbox project iskeystorepassword.mastercard.fld.client.ref.app.encryption.file- Path to encryption key (.pem) file, just change the name as per the downloaded file in step 9, e.g.src/main/resources/<fileName>.pem.mastercard.fld.client.ref.app.encryption.key- Copy the encryption key from "Sandbox/Production Keys" section on your project page
- Run
mvn clean installfrom the root of the project directory. - You should now be able to run all the provided API calls that are organized under
src/main/java/com/mastercard/fld/api.
The Mastercard Encryption Library provides interceptor class you can use when configuring your API client. This interceptor will encrypt the payload before sending the request.
Encryption Config
FieldLevelEncryptionConfig config = FieldLevelEncryptionConfigBuilder
.aFieldLevelEncryptionConfig()
.withEncryptionCertificate(cert)
.withEncryptionPath("$", "$")
.withEncryptedValueFieldName("encryptedData")
.withEncryptedKeyFieldName("encryptedKey")
.withOaepPaddingDigestAlgorithmFieldName("oaepHashingAlgorithm")
.withOaepPaddingDigestAlgorithm("SHA-256")
.withEncryptionKeyFingerprintFieldName("publicKeyFingerprint")
.withIvFieldName("iv")
.withFieldValueEncoding(FieldLevelEncryptionConfig.FieldValueEncoding.HEX)
.build();
See also:
Several tutorials have been provided under src/test/java/com/mastercard/fld/api that will show the different FLD flows. These examples will cover FDA, FDC, FDD & FDE.
*NOTE: Make sure you use the latest Fraud and Loss Database API specification.
| Class | Method | HTTP request |
|---|---|---|
| ConfirmFraudManageApi | fraudChangeMastercardWithHttpInfo(body) | PUT /confirmed-frauds/mastercard-frauds |
| ConfirmFraudManageApi | fraudStateWithHttpInfo(body) | PUT /confirmed-frauds/fraud-states |
| ConfirmFraudSubmissionApi | createCaseFilingWithHttpInfo(body) | POST /confirmed-frauds/mastercard-frauds |
Go to the link here to read up on how to generate the client library with the openapi-generator.
Please email API Support with any questions or feedback you may have.
Copyright 2021 Mastercard
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at:
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.