Capturing the customer's IP address

You can capture the IP address of the customer who placed the order. Digital River uses this IP address to identify and prevent fraudulent activities.

Capturing a customer's IP address is essential for assessing and preventing fraud in online transactions. Including the IP address in API requests allows merchants to use robust fraud prevention tools, enhancing the security of the online shopping experience.

Updating the customer's IP address in the cart

Updating the customer's IP address in their cart is crucial in enhancing online transaction security. By accurately recording the IP address, merchants can better use fraud prevention tools to safeguard against unauthorized activities. This guide walks you through the steps to capture and use a customer's IP address within the Commerce API, ensuring a more secure and reliable shopping experience.

To capture a customer's IP address:

Ensure you obtain your access token during cart creation. For instructions on generating the access token, refer to Creating a cart.
Issue a POST /v1/shoppers/me/carts/active request . Substitute {Your_API_Key} with your API key and add the {ipAddress} field to the payload. The API will check the IP address format and employ it for fraud detection. If not included, the API will proceed with the request. The Commerce API supports both IPv4 and IPv6 address formats. When an ipAddress is captured in a request, Digital River will use it for fraud screening when the order is submitted.

IPv4 example

The following example shows how to issue a POST /v1/shoppers/me/carts/active request using the cURL command-line tool to add a customer's IP address in IPv4 address format to the active cart. This action tracks the customer's activity, aiding in fraud prevention efforts.

curl --location -g --request POST 'https://api.digitalriver.com/v1/shoppers/me/carts/active' \
--header 'Authorization: Basic {Your_API_Key}' \
...
--data-raw '{
   “cart”:{
      “ipAddress”: “192.16.1.1”
   }
}'

You will get a 200 Successful response.

IPv6 example

In this example, we show how to issue a POST /v1/shoppers/me/carts/active request using the cURL command-line tool to add a customer's IP address in IPv6 address format to the active cart. This step is essential for tracking customer activities and preventing fraudulent transactions.

curl --location -g --request POST ' https://api.digitalriver.com/v1/shoppers/me/carts/active' \
--header 'Authorization: Basic {Your_API_Key}' \
...
--data-raw '{
   “cart”:{
      “ipAddress”:“2001:0000:3238:DFE1:63::FEFB”
   }
}'

You will get a 200 Successful response.

Collecting the IP address through a connector

When using a connector (WordPress Plugin, Magento Extension, Salesforce B2B Commerce App, etc.), the connector gathers all required cart data, including the customer's IP address, before calling the Cart resource. In these cases, the IP address should be sent in the POST /v1/shoppers/me/carts/active/submit-cart request.

IPv4 example

The following example shows how to issue a POST /v1/shoppers/me/carts/active/submit-cart request to add the customer's n IPv4 address in the request payload to submit the cart successfully.


curl --location -g --request POST ' https://api.digitalriver.com/v1/shoppers/me/carts/active/submit-cart' \
--header 'Authorization: Basic {Your_API_Key}' \
...
--data-raw '{
 "cart": {
 "ipAddress":"192.179.12.1"
 }
}'

You will get a 200 Successful response.

IPv6 example

The following example shows how to issue a POST /v1/shoppers/me/carts/active/submit-cart request to add the customer's IPv6 address in the request payload to submit the cart successfully.

curl --location -g --request POST ' https://api.digitalriver.com/v1/shoppers/me/carts/active/submit-cart' \
--header 'Authorization: Basic {Your_API_Key}' \
--header 'Content-Type: applicati0n/json'
...
--data-raw '{
 "cart": {
 "ipAddress":"2001:0000:3238:DFE1:63::FEFB"
 }
}'

{
 "cart": {
 "ipAddress":"2001:0000:3238:DFE1:63::FEFB"
 }
}

You will get a 200 Successful response.

Validating the Customer's IP address

Validating the customer's IP address is essential to ensure the security and accuracy of your transactions. This process helps confirm that the IP address captured during the shopping session accurately corresponds to the customer's details. Follow the steps outlined below to validate the customer's IP address effectively.

To validate the customer's IP address, follow these steps:

Issue a GET v1/shoppers/me request to retrieve shopper details.
In the response, locate the ipAddress field to confirm the captured IP address.
If the ipAddress field is null, no IP address needs verification.
If the ipAddress field is not null, verify that the IP address, city, and state match the customer's address in the Global Commerce order.
Ensure the IP address is the customer's IP address, not your server's.

You should receive a 200 Successful response if the validation is correct.

curl --location -g --request GET' https://api.digitalriver.com/v1/shoppers/me ' \
--header 'Authorization: Basic {Your_API_Key}' \
--header 'Content-Type: applicati0n/json'
...
--data-raw '{
    "shopper": {
        "uri": "http://api.digitalriver.digitalriver.com/v1/shoppers/me",
        "id": 495796950789,
        "username": "myu_external",
        "externalReferenceId": "myu_external@digitalriver.com",
        "firstName": "Marc",
        "lastName": "Yu",
        "emailAddress": "myu_external@digitalriver.com",
        "locale": "en_US",
        "currency": "USD",
        "sendMail": "false",
        "sendEmail": "false",
        "ipAddress": "192.179.12.1",
        "paymentOptions": {
            "uri": "http://api.digitalriver.com/v1/shoppers/me/payment-options",
            "paymentOption": [
                {
                    "uri": "http://api.digitalriver.com/v1/shoppers/me/payment-options/13821416689",
                    "id": 13821416689,
                    "nickName": "default",
                    "isDefault": "false",
                    "type": "CreditCardMethod",
                    "creditCard": {
                        "expirationMonth": 12,
                        "expirationYear": 2022,
                        "issueCode": null,
                        "startMonth": null,
                        "startYear": null,
                        "displayableNumber": "************1111",
                        "type": "visa",
                        "displayName": "Visa"
                    }
                }
            ]
        },
        "addresses": {
            "uri": "http://api.digitalriver.com/v1/shoppers/me/addresses"
        },
        "orders": {
            "uri": "http://api.digitalriver.com/v1/shoppers/me/orders"
        },
        "subscriptions": {
            "uri": "http://api.digitalriver.com/v1/shoppers/me/subscriptions"
        }
}'

You will get a 200 Successful response.

Validation errors

If the IP address format is incorrect (that is, not in a valid IPv4 and IPv6 format), the API response will send a 409 Conflict error:

PreviousGifting NextProviding address information

Last updated 2 months ago