Showing results for 
Search instead for 
Did you mean: 

How to specify device fingerprint id in Cybersource REST API

I'm trying to integrate CyberSource's REST API into a Django (Python) application. I'm following this GitHub example /echatspin example. It works like a charm but it is not clear to me from the example or from the documentation /echatrandom how to specify the device's fingerprint ID.

Here's a snippet of the request I'm sending in case it comes useful (note: this is just a method that lives inside a POPO):


def authorize_payment(self, card_token: str, total_amount: Money, customer: CustomerInformation = None,
                      merchant: MerchantInformation = None):
        request = {
            'payment_information': {
                # NOTE: REQUIRED.
                'card': None,
                'tokenized_card': None,
                'customer': {
                    'customer_id': card_token,
            'order_information': {
                'amount_details': {
                    'total_amount': str(total_amount.amount),
                    'currency': str(total_amount.currency),

        if customer:
                'bill_to': {
                    'first_name': customer.first_name,
                    'last_name': customer.last_name,
                    'address1': customer.address1,
                    'address2': customer.address2,
                    'locality': customer.locality,
                    'phone_number': customer.phone_number,
                    'administrative_area': customer.administrative_area,
                    'postalCode': customer.zip_code,

        serialized_request = json.dumps(request)
        data, status, body = self._payment_api_client.create_payment(create_payment_request=serialized_request)

    except Exception as e:
        raise AuthorizePaymentError from e



Here is a sample of sending device information for the payment: 

For fingerprint field information, you may refer to this:

Fingerprint Session Id

Field that contains the session ID that you send to Decision Manager to obtain the device fingerprint
information. The string can contain uppercase and lowercase letters, digits, hyphen (-), and
underscore (_). However, do not use the same uppercase and lowercase letters to indicate
different session IDs.

The session ID must be unique for each merchant ID. You can use any string that you are already
generating, such as an order number or web session ID.

The session ID must be unique for each page load, regardless of an individual’s web session ID.
If a user navigates to a profiled page and is assigned a web session, navigates away from the
profiled page, then navigates back to the profiled page, the generated session ID should be different
and unique. You may use a web session ID, but it is preferable to use an application GUID (Globally
Unique Identifier). This measure ensures that a unique ID is generated every time the page is
loaded, even if it is the same user reloading the page.


Administrator Administrator