
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
@placetopay/pinpad-sdk
Advanced tools
This API provides a PinPad Javascrypt SDK to conect with PinPad service of Placetopay.
A PIN pad or PIN entry device (PED) is an electronic device used in a debit, credit or smart card-based transaction to accept and encrypt the cardholder's personal identification number (PIN).
This API provides a PinPad SDK service with PinBlock generation encrypted according to ISO 9564. This specification describes four formats to generate a PinBlock. You can get more information abouts these formats here at
Use the following command to install this library.
npm i @placetopay/pinpad-sdk
For the PinPad will be successfully loaded, you must initialize the sdk as shown below:
import PinPad from '@placetopay/pinpad-sdk'
let pad = new PinPad({
format: 0, // may be 0,1,2 or 3
locale: document.documentElement.lang, // language to display
mask: true // may be true, false or any string (i.e '*', '-', ...)
})
If you plan to use the standard backend from JavaScript SDK to get numbers positions and generate
pinblocks, let's set the base endpoint URL and your API TOKEN in PinPadClient
class.
const client = new PinPadClient(url, token)
You can perform a request to create a transaction and obtain the transaction id and positions as follows:
const response = client.createTransaction()
.then(res => {
return res.data
}).catch(err => {
return err
})
You will get a response like the following
{
"status": {
"status": 1000,
"message": "The token has been successfully validated. PinPad SDK will be loaded"
},
"data": {
"positions": "7296183540",
"transactionId": "c89cb967-dcd3-467e-aebc-0299b1acb707"
}
}
You can use the render
method of the PinPad
class to render the pinpad. You only need pass it
the html id and positions (obtained from PINPAD back)
pad.render('div_id', positions)
To send the PIN to encrypt, the PinPad JavaScript SDK provides a funtion sendPin(transactionId, data)
. Return Pinblock
.
send PIN as shown below:
const data = {
transactionId, // transaction id
format, // format to apply (required)
pin, // positions digits from user (required)
pan, // card number (required if format is 0 or 3)
}
client.generatePinBlock(data)
.then(res => {
return res.data
}).catch(err => {
return err
})
You'll get a response like the following
{
"status": {
"status": 1000,
"message": "The PinBlock has been successfully generated."
},
"data": {
"pinblock": "A810A95D0562214A"
}
}
FAQs
This API provides a PinPad Javascrypt SDK to conect with PinPad service of Placetopay.
We found that @placetopay/pinpad-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.