Table of Contents |
---|
Note |
---|
In October 2022, all transactions will only be auhtenticated with 3DSV2. 3DSV1 authentication won't be available anymore. This section is a synthesis gathering information for merchants upgrading from 3DSV1 to 3DS2 For Axepta, it means : Add the parameter 'msgVer=2.0' for one-shot payments.Other payment use-cases are described in the section Payment Features |
Introduction
3D Secure authentication protects the merchant against "cardeholder challenge".
3D Secure Version 2 provides a mechanism for strong authentication in accordance with PSD2.
3DS V2 allows frictionless payments to cardholders, in this case the issuing bank (bank of the cardholder) can approve a transaction without explicit action done by the cardholder (passive authentication).
By default, payment requests are sent with “nopreference”, the merchant does not specify a preference for the authentication mode (SCA or passive authentication).
More details :
- Global overview : 3DSV2 and frictionless
- Implementation : Increase 'Frictionless' payments
- Liability shift : Liability shift and 3DS Matrix
Upgrade to 3DSV2
Synthesis
Detailed overview
Use-case | 3DSV1 | 3DSV2 | Examples : JSON objects to add in ECOM payments | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
One-Shot payment | - | Add "MsgVer=2.0” - Create a payment request (CIT)
| |||||||||||||||
Response format Card payment | GET for URLFailure / URLSuccess / URLNotify | POST for URLFailure / URLSuccess / URLNotify GET for URLFailure / URLSuccess / URLNotify if 3DSV1 fallback | |||||||||||||||
Response format Alternative payment methods | GET for URLFailure / URLSuccess / URLNotify | GET for URLFailure / URLSuccess / URLNotify | |||||||||||||||
Card data | PCNr CCExpiry CCCVC CCBrand | JSON Object Card Or JSON Object Card + PCNR / CCExpiry / CCBrand if 3DSV1 fallback | |||||||||||||||
Use-cases | |||||||||||||||||
One-click Initial payment | / | Use "MsgVer=2.0”, JSON objects credentialOnFile and threeDSPolicy | JSON Object credentialOnFile
JSON Object threeDSPolicy
| ||||||||||||||
One-click One-click payments | PCNr CCExpiry CCCVC CCBrand | Use "MsgVer=2.0”, JSON objects credentialOnFile and threeDSPolicy | JSON Object credentialOnFile
| ||||||||||||||
Subscription with fixed amount and frequency Initial payment | Parameter "RTF=I" Card data : PCNr, CCExpiry, CCBrand… | Server-to-Server Use "MsgVer=2.0”, JSON objects credentialOnFile and threeDSPolicy JSON Object Card and the parameter schemeReferenceID are sent in the response. Batch Batch implementation remains the same More details | JSON object credentialOnFile
JSON object threeDSPolicy
| ||||||||||||||
Subscription with fixed amount and frequency Subscription payment | Parameter "RTF=R" Card data : PCNr, CCExpiry, CCBrand… | Server-to-Server Use "MsgVer=2.0”, JSON objects credentialOnFile, Card et the parameter schemeReferenceID. JSON Object Card and the schemeReferenceID are sent in the response. Batch Batch implementation remains the same More details | JSON Object credentialOnFile
| ||||||||||||||
Subscription with variable amount and frequency Initial payment | Parameter "RTF=E" Card data : PCNr, CCExpiry, CCBrand… | Server-to-Server Use "MsgVer=2.0”, JSON objects credentialOnFile and threeDSPolicy JSON Object Card and the parameter schemeReferenceID are sent in the response. Batch Batch implementation remains the same More details | JSON Object credentialOnFile
JSON Object threeDSPolicy
| ||||||||||||||
Subscription with variable amount and frequency Subsequent payments | Parameter "RTF=M" Card data : PCNr, CCExpiry, CCBrand… | Server-to-Server Use "MsgVer=2.0”, JSON objects credentialOnFile, Card et the parameter schemeReferenceID. JSON Object Card and the schemeReferenceID are sent in the response. Batch Batch implementation remains the same More details | JSON Object credentialOnFile
|
Tip |
---|
Payment features are detailed in the section Payment Features |
3DSV2 key parameters
Key parameters are used according to the use-cases (one-shot, one-click, recurring...) :
Parameter | Type | Details | Request | Response |
---|---|---|---|---|
msgVer | Parameter | 3DSV2 payment request | X | |
threeDSPolicy | JSON Object | Manage the authentication request (mandate, challenge...) | X | |
browserInfo | JSON Object | Need for paynow.aspx (one-click) | X | |
credentialOnFile | JSON Object | Needed if a merchant wants to reuse a card (one-click, recurring...) | X | |
billToCustomer | JSON Object | Customer billed for his purchases | X | |
shipToCustomer | JSON Object | Customer who received the goods | X | |
billingAddress | JSON Object | Billing address | X | |
shippingAddress | JSON Object | Shipping address | X | |
Card | JSON Object | Card object with the PCNr, card brand, expiry date... | X | X |
schemeReferenceId | Parameter | Chaining data used for subscription transactions / recurring payments | X | X |
resultsResponse | JSON Object | authentication additionnal data | X | |
threeDSData | JSON Object | Authentication data | X |