iFrame Integration

In this integration type the client (aggregator/operator) hosts the payment button in an iframe that is placed on the payment page hosted by the merchant. The client receives the token, queries the validation API, and enacts the blocking decision.

This integration type is best suited to aggregator/operator clients already use this payment button hosting approach with their merchants. This approach is left vulnerable to iFraming attacks, where the payment button is covered by an image enticing the consumer to click on it. FraudStops usual iFraming protection must be disabled for this method to work. Where this integration type is used we recommend a FraudScan monitoring program be used alongside it to prevent iframing attacks.