In case the Access Control Server (ACS) of the cardholder's bank does not support any EMV 3DS protocol version (i.e. 2.0 or higher, see acsStartProtocolVersion) the threeDSMethodDataForm element of the versioningData object in the payment response will be Null.


Sequence Diagram

3DS 1.0 Authentication

In order to a 3DS 1.0 authentication request through the cardholder browser it is required to construct a form with the data elements provided in threeDSLegacy and to post it to the acsURL.


The form fields that are sent to the ACS are listed in the table below:

Oops, it seems that you need to place a table or a macro generating a table within the Table Filter macro.

The table is being loaded. Please wait for a bit ...

Form ElementDescriptionBeschreibung
PAReqA constructed, Base64 encoded and compressed field carrying the Payer Authentication Request Message Fields. The compression algorithm used is a combination of LZ77 and Huffman coding as specified in RFC 1951.Ein konstruiertes, Base64-codiertes und komprimiertes Feld mit den Feldern der Payer Authentication Request Message. Der verwendete Kompressionsalgorithmus ist eine Kombination von LZ77- und Huffman-Codierung gemäß RFC 1951.
TermURL

The merchant URL the ACS will redirect the cardholder to after the authentication has concluded. Note that  adds the fields PayID, TransID and MID in the query string to the base URL. Please do not alter the TermURL!

Die Händler-URL, wohin der ACS den Karteninhaber nach Abschluss der Authentisierung weiterleitet. Beachten Sie, dass das The page DE:Wording was not found  -- Please check/update the page name used in the MultiExcerpt-Include macro die Felder PayID, TransID und MID im Anfrage-String zur Basis-URL hinzufügt. Bitte ändern Sie die TermURL nicht!

MDThe MD (i.e. Merchant Data) field can carry whatever data the merchant needs to continue the session. Please note that this field must be present in the form even though it is not used.Das Feld MD (d.h. Händlerdaten) kann beliebige Daten transportieren, die der Händler fpr die Fortsetzung der Sitzung benötigt. Beachten Sie bitte, dass dieses Feld im Formular vorhanden sein muss, auch wenn es nicht verwendet wird.


Sample: PAReq form passed through the Cardholder to the ACS URL

<html>
    <head>
        <script language=\"javascript\">
            <!--
                function sendpareq()
                    {  
                        document.pareq_form.submit();
                    }
            // -->
        </script>
    </head>
     
    <body onload="javascript:sendpareq();">
        <form action="https://pit.3dsecure.net/VbVTestSuiteService/pit1/acsService/paReq?summary=ZTIwOWMwYmEtNTVhOC00NDExLThkZDktYzllODk1NmZlNDQ0" method="POST" name="pareq_form">
            <input type="hidden" name="PaReq" value="eJxVUst22jAQ/RUfL7rpMZKFiQ0dK4dXgAVOTmuSpjvVGsApfkSWA+TrK/Fo0t29M6M7M3cEt4di57yhavKqjF2/Q10Hy6ySebmJ3VV650Wu02hRSrGrSozdIzbuLYd0qxAnPzBrFXJYYtOIDTq5jN1aCIEioyzywkhILwh7gddnFD1JMVyv15HfYz2Xw8PwO75yuPTmpnWHAblSo6myrSg1B5G9jhYJD266jHWBXCgUqBYTPk4fR4+M+jdAzgEoRYG8zrXGRn+dFb/nzhdR1N+ccQXklIOsakutjpyF5tWVQKt2fKt1PSBkv993sqqoW13VHYlAbA7Ix0gPrUWN0Trkkv+aLVnyvjkuZ6tD8vS8Tya7l/unBXt+n8ZAbAVIoZGbMSPaY4HjB4MuHQR9IKc4iMIOwX1KzXpnDLVtMfyU+BwA47sydzryfhiZHa4M8FCbM5kKY+U/DBKbjKfGD9PQQiAfC4zn1uFMG+vm+V06bad/Zi+rn6rrJ20xWt4P49h6fiqw8rnxyo/8s74lQKwEuZyTXP6CQf/9kb8b1MvQ">
            <input type="hidden" name="TermUrl" value="http://localhost:40405/test/3DTermURL.aspx?PayID=dc67820e15f049c9b6c1f0420729da8a&TransID=20180524-162741-084&MID=gustav">
            <input type="hidden" name="MD" value="Optional merchant session data">
        </form>
    </body>
</html>

Once the authentication has been completed or the cancelled by the cardholder the ACS will redirect the cardholder through the cardholder's browser to the TermURL as specified in the initail payment request.


The Payer Authentication Response (PaRes) will be transferred via HTTP POST method while MID, PayID and TransID are sent in the HTTP query string (i.e. HTTP GET).

Data Elements transferred to the TermURL

Oops, it seems that you need to place a table or a macro generating a table within the Table Filter macro.

The table is being loaded. Please wait for a bit ...

KeyFormatCNDDescription

MID

ans..30

M

MerchantID, assigned by

KeyFormatCNDDescription
PayID

an32

M

ID assigned by for the payment, e.g. for referencing in batch files as well as for capture or credit request.

KeyFormatCNDDescription
TransID

ans..64

MTransactionID provided by you which should be unique for each payment

KeyFormatCNDDescriptionBeschreibung

PARes

--

M

The PARes (Payer Authentication Response) message sent by the ACS in response to the PAReq regardless of whether authentication is successful

Die vom ACS gesendete PARes-Nachricht (Payer Authentication Response) in Reaktion auf die PAReq ungeachtet dessen, ob dit Authentisierung erfolgreich ist

Authorization

In order to authorize an 3DS 1.0 authenticated payment you must POST the parameter as listed in the table below unencrypted to direct3d.aspx. The response always is encrypted (Len + Data).

Request Elements

Oops, it seems that you need to place a table or a macro generating a table within the Table Filter macro.

The table is being loaded. Please wait for a bit ...

KeyFormatCNDDescription

MerchantID

ans..30

M

MerchantID, assigned by . Additionally this parameter has to be passed in plain language too.

KeyFormatCNDDescription
PayID

an32

M

ID assigned by for the payment, e.g. for referencing in batch files as well as for capture or credit request.

KeyFormatCNDDescription
TransID

ans..64

MTransactionID provided by you which should be unique for each payment

KeyFormatCNDDescriptionBeschreibung

PAResponse

--

M

The PARes (Payer Authentication Response) message sent by the ACS

Die vom ACS gesendete PARes-Nachricht (Payer Authentication Response)

Response Elements

Oops, it seems that you need to place a table or a macro generating a table within the Table Filter macro.

The table is being loaded. Please wait for a bit ...

KeyFormatCNDDescription

MID

ans..30

M

MerchantID, assigned by

KeyFormatCNDDescription
PayID

an32

M

ID assigned by for the payment, e.g. for referencing in batch files as well as for capture or credit request.

KeyFormatCNDDescription
XID

an32

M

ID for all single transactions (authorisation, capture, credit note) for one payment assigned by

KeyFormatCNDDescription
TransID

ans..64

MTransactionID provided by you which should be unique for each payment

KeyFormatCNDDescriptionBeschreibung

Status

a..20

M

Status of the transaction.

Values accepted:

  • Authorized

  • OK (Sale)

  • FAILED

Status der Transaktion.

Zulässige Werte:

  • Authorized

  • OK (Sale)

  • FAILED

Description

ans..1024

M

Textual description of the code

Textliche Beschreibung des Codes

KeyFormatCNDDescription
Code

n8

M

Error code according to  Response Codes (A4 Response codes)

KeyFormatCNDDescriptionBeschreibung

card

JSON

C

Card data

Kartendaten

ipInfo

JSON

O

Object containing IP information

Objekt mit IP-Informationen

threeDSData

JSON

M

Authentication data

Authentisierungsdaten