From 01/10/2022 all authenticated transactions must use 3DSV2.
This section is a synthesis of the developments required in order to use 3DSV2 instead of 3DSV1.
For Axepta, this means using the parameter 'msgVer=2.0' for one-shot payments. Other payment use-cases are described in the section Payment Features
3D Secure authentication protects the merchant against "cardeholder challenge".
3D Secure authentication V2 provides a mechanism for strong authentication in accordance with PSD2.
The major difference with 3DS 1.0 is the possibilty to offer frictionless payments to cardholders, in this case the issuing bank (bank of the cardholder) can approve a transaction without explicit action done by the cardholder (passive authentication).
3DS V1 authentication will remain possible until October 2022. After that date, all 3DS authentications must use version 2 (3DSV2).
More details :
- Global overview : 3DSV2 and frictionless
- Implementation : Increase 'Frictionless' payments
- Liability shift : Liability shift and 3DS Matrix
Concepts
3DSV2 key parameters
Key parameters are used according to the use-cases (one-shot, one-click, recurring...) :
Parameter | Type | Details | Request | Response |
---|---|---|---|---|
msgVer | Parameter | 3DSV2 payment request | X | |
threeDSPolicy | JSON Object | Manage the authentication request (mandate, challenge...) | X | |
browserInfo | JSON Object | Need for paynow.aspx (one-click) | X | |
credentialOnFile | JSON Object | Needed if a merchant wants to reuse a card (one-click, recurring...) | X | |
billToCustomer | JSON Object | Customer billed for his purchases | X | |
shipToCustomer | JSON Object | Customer who received the goods | X | |
billingAddress | JSON Object | Billing address | X | |
shippingAddress | JSON Object | Shipping address | X | |
Card | JSON Object | Card object with the PCNr, card brand, expiry date... | X | X |
schemeReferenceId | Parameter | Chaining data used for subscription transactions / recurring payments | X | X |
resultsResponse | JSON Object | authentication additionnal data | X | |
threeDSData | JSON Object | Authentication data | X |
Synthesis : Upgrade to 3DSV2
Use-case | 3DSV1 | 3DSV2 | Examples : JSON objects to add in ECOM payments |
---|---|---|---|
One-Shot payment | - | Add "MsgVer=2.0” - Create a payment request (CIT) D'autres données peuvent être indiquées dans la requête de paiement pour favoriser les paiements 'frictionless'. Pour plus de détails
| |
Response format Card payment | GET for URLFailure / URLSuccess / URLNotify | POST for URLFailure / URLSuccess / URLNotify GET for URLFailure / URLSuccess / URLNotify if 3DSV1 fallback | |
Response format Alternative payment methods | GET for URLFailure / URLSuccess / URLNotify | GET for URLFailure / URLSuccess / URLNotify | |
Card data | PCNr CCExpiry CCCVC CCBrand | JSON Object Card Or JSON Object Card + PCNR / CCExpiry / CCBrand if 3DSV1 fallback | |
Use-cases | |||
One-click Initial payment | / | Use "MsgVer=2.0”, JSON objects credentialOnFile and threeDSPolicy | JSON Object credentialOnFile { "type": { "unscheduled": "CIT" }, "initialPayment": true, "useCase": "cof" } JSON Object threeDSPolicy { "challengePreference": "mandateChallenge" } |
One-click One-click payments | PCNr CCExpiry CCCVC CCBrand | Use "MsgVer=2.0”, JSON objects credentialOnFile and threeDSPolicy | JSON Object credentialOnFile { "type": { "unscheduled": "CIT" }, "initialPayment": false, "useCase": "ucof" } |
Subscription with fixed amount and frequency Initial payment | Parameter "RTF=I" Cards data : PCNr, CCExpiry, CCBrand… | Server-to-Server Use "MsgVer=2.0”, JSON objects credentialOnFile and threeDSPolicy JSON Object Card and the schemeReferenceID are sent in the response. Batch Batch implementation remains the same More details | JSON object credentialOnFile { "type": { "recurring": { "recurringFrequency": 30, "recurringStartDate": "2019-09-14", "recurringExpiryDate": "2020-09-14" } }, "initialPayment": true, "useCase": "fixed" } JSON object threeDSPolicy { "challengePreference": "mandateChallenge" } |
Abonnement à durée et montant fixes Échéances suivantes | Utilisation du paramètre "RTF=R" Infos carte : PCNr, CCExpiry, CCBrand… | Server-to-Server Utiliser "MsgVer=2.0”, l’objet JSON credentialOnFile, l'objet JSON Card et le schemeReferenceID. Batch L'implémentation Batch reste inchangée Pour plus de détails | Objet JSON credentialOnFile { "type": { "recurring": { "recurringFrequency": 30, "recurringStartDate": "2019-09-14", "recurringExpiryDate": "2020-09-14" } }, "initialPayment": false, "useCase": "fixed" } |
Abonnement à durée et montant variables Paiement initial | Utilisation du paramètre "RTF=E" Infos carte : PCNr, CCExpiry, CCBrand… | Server-to-Server Utiliser "MsgVer=2.0”, l’objet JSON credentialOnFile et threeDSPolicy L’objet JSON Card et le schemeReferenceID sont envoyés dans la réponse Batch L'implémentation Batch reste inchangée Pour plus de détails | Objet JSON credentialOnFile { "type": { "unscheduled": "CIT" }, "initialPayment": true, "useCase": "ucof" } Objet JSON threeDSPolicy { "challengePreference": "mandateChallenge" } |
Abonnement à durée et montant variables Échéances suivantes | Utilisation du paramètre "RTF=M" Infos carte : PCNr, CCExpiry, CCBrand… | Server-to-Server Utiliser "MsgVer=2.0”, l’objet JSON credentialOnFile, l'objet JSON Card et le schemeReferenceID. Batch L'implémentation Batch reste inchangée Pour plus de détails | Objet JSON credentialOnFile { "type": { "unscheduled": "MIT" }, "initialPayment": false, "useCase": "ucof" } |
Les fonctionnalités de paiement sont détaillés dans la section : Fonctionnalités de paiement
CMS et 3DSV2
A VOIR AVEC DAMIEN