...
3-D Secure 1.x | 3-D Secure 2.x | 3-D Secure 2.x Sample | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Depend on your integration: Payment Form ./. Server-2-Server | |||||||||||||||||
Payment Page / Payment Form | Your existing integration. | Just add API parameter "MsgVer=2.0", the rest is handled automatically by
| Add parameter "MsgVer=2.0" to your existing API call to start Payment Form. | ||||||||||||||
URL-processing | URLFailure and URLSuccess work with http-GET | URLFailure and URLSuccess work with http-POST (due to amount of data). So pls. prepare to handle both (GET + POST) | |||||||||||||||
Server-2-Server integration | Use KVP:
| e.g.:
| e.g.: card=ewogICAgInNlY3VyaXR5Q29kZSI6ICI1NjkiLAogICAgImV4cGlyeURhdGUiOiAiMjAyNTA4IiwKICAgICJjYXJkaG9sZGVyTmFtZSI6ICJXaWxsaWFtIFRob21hcyIsCiAgICAibnVtYmVyIjogIjQxMTExMTExMTExMTExMTEiLAogICAgImJyYW5kIjogIlZJU0EiCn0= | ||||||||||||||
For specific use cases, find other use cases here: 3DS 2.0 Merchant Use-Cases | |||||||||||||||||
Use case | 3-D Secure 1.x | 3-D Secure 2.x | 3-D Secure 2.x Sample | ||||||||||||||
Recurring payments (initial) | Use parameter "RTF=I" you may receive TransactionID as Card scheme specific transaction ID | Change "RTF" to parameter "credentialOnFile"-JSON with "recurring" and "initial=true" you may receive schemeReferenceID as Card scheme specific transaction ID | e.g.:
The JSON needs to be base64-encoded and then used as value for parameter credentialOnFile (pls. be aware to use the full base64-encoded string, including "=" at the end) credentialOnFile=ewogICAgInR5cGUiOiB7CiAgICAgICAgInJlY3VycmluZyI6IHsKICAgICAgICAgICAgInJlY3VycmluZ0ZyZXF1ZW5jeSI6IDMwLAogICAgICAgICAgICAicmVjdXJyaW5nU3RhcnREYXRlIjogIjIwMjEtMDktMTQiLAogICAgICAgICAgICAicmVjdXJyaW5nRXhwaXJ5RGF0ZSI6ICIyMDIyLTA5LTE0IgogICAgICAgIH0KICAgIH0sCiAgICAiaW5pdGlhbFBheW1lbnQiOiB0cnVlCn0= | ||||||||||||||
Recurring payments (subsequent) | Use parameter "RTF=R" and send TransactionID as Card scheme specific transaction ID | Change "RTF" to parameter "credentialOnFile"-JSON with "recurring" and "initial=false" and send schemeReferenceID as Card scheme specific transaction ID | e.g.
After base64-encoding: credentialOnFile=ewogICAgInR5cGUiOiB7CiAgICAgICAgInJlY3VycmluZyI6IHsKICAgICAgICAgICAgInJlY3VycmluZ0ZyZXF1ZW5jeSI6IDMwLAogICAgICAgICAgICAicmVjdXJyaW5nU3RhcnREYXRlIjogIjIwMjEtMDktMTQiLAogICAgICAgICAgICAicmVjdXJyaW5nRXhwaXJ5RGF0ZSI6ICIyMDIyLTA5LTE0IgogICAgICAgIH0KICAgIH0sCiAgICAiaW5pdGlhbFBheW1lbnQiOiBmYWxzZQp9 | ||||||||||||||
Customer Initiated (initial) | Use parameter "RTF=E" you may receive TransactionID as Card scheme specific transaction ID | Change "RTF" to parameter "credentialOnFile"-JSON with "CIT" and "initial=true" you may receive schemeReferenceID as Card scheme specific transaction ID | e.g.
After base64-encoding (again: don't miss "=" at the end; it has to be part of the value): credentialOnFile=ewogICAgInR5cGUiOiB7CiAgICAgICAgInVuc2NoZWR1bGVkIjogIkNJVCIKICAgIH0sCiAgICAiaW5pdGlhbFBheW1lbnQiOiB0cnVlCn0= | ||||||||||||||
Merchant Initiated (subsequent) | Use parameter "RTF=M" and send TransactionID as Card scheme specific transaction ID | Change "RTF" to parameter "credentialOnFile"-JSON with "MIT" and "initial=false" and send schemeReferenceID as Card scheme specific transaction ID | e.g.
After base64-encoding: credentialOnFile=ewogICAgInR5cGUiOiB7CiAgICAgICAgInVuc2NoZWR1bGVkIjogIk1JVCIKICAgIH0sCiAgICAiaW5pdGlhbFBheW1lbnQiOiBmYWxzZQp9 | ||||||||||||||
Address Verification Service (AVS) (depending on acquirer / processor) | Use parameter
| Change address data to "address"-JSON | e.g.
billingAddress=ewogICAgImNpdHkiOiAiTmV3IFlvcmsiLAogICAgImNvdW50cnkiOiB7CiAgICAgICAgImNvdW50cnlBMyI6ICJVU0EiCiAgICB9LAogICAgImFkZHJlc3NMaW5lMSI6IHsKICAgICAgICAic3RyZWV0IjogIlBhcmsgQXZlbnVlIiwKICAgICAgICAic3RyZWV0TnVtYmVyIjogIjI3MCIKICAgIH0sCiAgICAicG9zdGFsQ29kZSI6ICIxMDAxNy0yMDcwIiwKICAgICJzdGF0ZSI6ICJOWSIKfQ== | ||||||||||||||
Apply for frictionless payment processing |
| Provide additional data as JSON-KVP: JSON Objects | e.g.:
After base64-encoding (again: don't miss "=" at the end; it has to be part of the value): threeDSPolicy=ewogICAgImNoYWxsZW5nZVByZWZlcmVuY2UgIjogIm1hbmRhdGVDaGFsbGVuZ2UiCn0= |
...