Card BIN Verification

Functional Description

By default, the Pay button on the payment page is disabled (greyed out).

When the user enters a card number and clicks outside the input field:

If the card passes the Luhn check and the card brand is within the range supported by Evonet, the Drop-in component triggers a JavaScript event named payment_method_selected.
Upon receiving this event, the merchant system can perform its own card verification logic.
After the merchant completes verification, a response is sent back through dropInInstance.value.callbackVerification() with the verification result.
If the merchant approves the card, the Pay button becomes active. If the merchant rejects the card or fails to respond within the allowed time, the button remains disabled and an error message is displayed.
If the user modifies the card number, the Pay button becomes disabled again and the verification process restarts.

Configuration

A new configuration object verifyOption is introduced to control whether the Drop-in should request merchant verification for payment methods.

"verifyOption": {
  "isVerifyPaymentBrand": true
}

Parameters

isVerifyPaymentBrand (Boolean, Optional) : When set to true, triggers merchant-side verification before enabling payment.

Event Type: `payment_method_selected`

Field	Type	Required	Description
`type`	String	M	Fixed value: `payment_method_selected`
`verificationID`	String	M	16-character UUID identifying the verification request
`first6No`	String	O	The first 6 digits of the card number
`last4No`	String	O	The last 4 digits of the card number
`paymentBrand`	String	O	The card brand (e.g., Visa, Mastercard, JCB)

Merchant Response

Merchants must respond to the verification request using the following command:

dropInInstance.value.callbackVerification({
  msg: '',
  isValid: '',
  id
});

Parameters

msg (String, Optional) : Custom message displayed to the user only when isValid = false , for example:"Unsupported card", or "Card number rejected". If msg is not provided when isValid = false, the Drop-in will show the default message: "This card number is not supported."

isValid (Boolean, Mandatory) : Indicates whether the merchant approves the card:

true — card is approved, and the Pay button becomes active.
false — card is rejected, the Pay button remains disabled, and the frontend displays an error message using the msg content.

id (String, Mandatory) : The verification ID returned from the event (verificationID).

Timeout and Error Handling

Scenario	Description	Frontend Message
Timeout	If no merchant response is received within 10 seconds.	`Validation timeout. Please contact the merchant and try again.`
Invalid Response Format	If the merchant response is missing mandatory parameters or contains invalid values.	`Validation failed. Please contact the merchant and try again.`

📘
Note
When the verification logic is not required, do not enable "isVerifyPaymentBrand": true to avoid unnecessary processing time or timeout risks.

Example Implementation

function payment_method_selected(data) {
  console.log("params.payment_method_selected", data);

  // The verification ID can be used for event tracking if needed
  const id = data.verificationID;

  // Example: Merchant decides to reject this card BIN
  const params = {
    isValid: false,
    msg: "Card BIN not supported",
    id
  };

  // Return the verification result (after optional internal checks)
  setTimeout(() => {
    sdk.callbackVerification(params);
  }, 1000);
}

const dropInConfig = {
  id: "#dropInApp",
  type: "payment",
  sessionID: "<your-session-id>",
  locale: "en-US",
  mode: "embedded",
  environment: "UAT",
  verifyOption: {
    isVerifyPaymentBrand: true
  },
  payment_method_selected: payment_method_selected
};

const sdk = new DropInSDK(dropInConfig);

Functional Description

Configuration

Parameters

Event Type: payment_method_selected

Merchant Response

Parameters

Timeout and Error Handling

Note

Example Implementation

Event Type: `payment_method_selected`