Secure counting REST APIs

After you've integrated secure counting in your iOS app, you can check the counts for devices server side. If you detect that a device has added too many cards for this device or logged in with too many different accounts, you can act on it appropriately (e.g., deny the transaction or challenge them with Card Verify). You can also increment counts for your iOS clients server-side for a more secure integration.
To access secure counts, you can use two API calls:
​Get a current count​
​Increment a count​
POST /v1/secure_counting/:vendor_id
Get the current counts for a device. Note: we use POST because the DeviceCheck tokens can be large (4KB), but this request is idempotent.
Request
Authentication required, Vendor ID from the iOS device for the path of the object.
Fields
devicecheck_token (string) The DeviceCheck token obtained from the iOS device.
Sample Request
curl -X POST "https://api.getbouncer.com/v1/secure_counting/test_vendorid"
  -H "Content-Type: application/json"
  -H "Authorization: Bearer API_KEY"
  -d '{ "devicecheck_token": "test_devicecheck_token"}'
Response
A SecureCount response JSON object
SecureCount
counts (Map[event: string, Map["count": int, "maximum": int]]) A map of events, each event has a current count and a maximum for the maximum value that this count can reach.
last_reset_at (string) ISO8601 format of the timestamp when we detected the last device factory reset or app uninstall.
Response Examples
Success
{
  "counts": {
    "cards_tokenized": {"count": 4, "maximum": 7},
    "successful_logins": {"count": 2, "maximum": 11}
  },
  "last_reset_at": null
}
Invalid device check token If the DeviceCheck token failed Apple's basic validation we return an error
{
  "failure_reasons": ["invalid_devicecheck_token"]
}
POST /v1/secure_counting/:vendor_id/increment
Request
Authentication required, Vendor ID from the iOS device for the path of the object.
Fields
devicecheck_token (string) The DeviceCheck token obtained from the iOS device.
event (string) The event that you want to increment a count for
user_id (string) The userId for the current user
Sample Request
curl -X POST "https://api.getbouncer.com/v1/secure_counting/test_vendorid/increment"
  -H "Content-Type: application/json"
  -H "Authorization: Bearer API_KEY"
  -d '{ "devicecheck_token": "test_devicecheck_token", "event": "card_tokenized", "user_id": "kingst"}'
Response
A SecureCount response JSON object
SecureCount
counts (Map[event: string, Map["count": int, "maximum": int]]) A map of events, each event has a current count and a maximum for the maximum value that this count can reach.
last_reset_at (string) ISO8601 format of the timestamp when we detected the last device factory reset or app uninstall.
Response Examples
Success
{
  "counts": {
    "cards_tokenized": {"count": 5, "maximum": 7},
    "successful_logins": {"count": 2, "maximum": 11}
  },
  "last_reset_at": "2019-10-23T00:48:07+0000"
}
Invalid device check token If the DeviceCheck token failed Apple's basic validation we return an error
{
  "failure_reasons": ["invalid_devicecheck_token"]
}

Secure counting for iOS

Last modified 3yr ago