From 01/10/2022 all authenticated transactions must use 3DSV2.

This section is a synthesis of the developments required in order to use 3DSV2 instead of 3DSV1.

For Axepta, this means using the parameter 'msgVer=2.0' for one-shot payments. Other payment use-cases are described in the section Payment Features

3D Secure authentication protects the merchant against "cardeholder challenge".

3DS V2 provides a mechanism for strong authentication in accordance with PSD2.

3DS V2 allows frictionless payments to cardholders, in this case the issuing bank (bank of the cardholder) can approve a transaction without explicit action done by the cardholder (passive authentication).

3DS V1 authentication will remain possible until October 2022. After that date, all 3DS authentications must use version 2 (3DSV2).

More details :

Global overview : 3DSV2 and frictionless
Implementation : Increase 'Frictionless' payments
Liability shift : Liability shift and 3DS Matrix

Concepts

3DSV2 upgrade requires to manage :

New parameters in the request and responses
- Fields (NVP values)
- JSON objects – for dedicated use-cases
- Additionnal authentication data

GET & POST responses for URLSuccess / URL Failure / URL Notify

New 3DS Response Codes

3DS2 implementation will also allow the merchant to request strong authentication or frictionless payment.

By default, payment requests are sent under “nopreference”, the merchant does not specify a preference for the authentication mode (SCA or passive authentication).

For one-shot payments, upgrading to 3DSV2 means :

Add parameter "msgVer=2.0" in the payment request
Manage POST responses

3DSV2 key parameters

Key parameters are used according to the use-cases (one-shot, one-click, recurring...) :

Parameter	Type	Details	Request	Response
msgVer	Parameter	3DSV2 payment request	X
threeDSPolicy	JSON Object	Manage the authentication request (mandate, challenge...)	X
browserInfo	JSON Object	Need for paynow.aspx (one-click)	X
credentialOnFile	JSON Object	Needed if a merchant wants to reuse a card (one-click, recurring...)	X
billToCustomer	JSON Object	Customer billed for his purchases	X
shipToCustomer	JSON Object	Customer who received the goods	X
billingAddress	JSON Object	Billing address	X
shippingAddress	JSON Object	Shipping address	X
Card	JSON Object	Card object with the PCNr, card brand, expiry date...	X	X
schemeReferenceId	Parameter	Chaining data used for subscription transactions / recurring payments	X	X
resultsResponse	JSON Object	authentication additionnal data		X
threeDSData	JSON Object	Authentication data		X

Synthesis : Upgrade to 3DSV2

Use-case

3DSV1

3DSV2

Examples : JSON objects to add in ECOM payments

One-Shot payment

-

Add "MsgVer=2.0” - Create a payment request (CIT)

Additional data can be added to the request in order to increase frictionless payments.

More details :

Response format

Card payment

GET for URLFailure / URLSuccess / URLNotify

POST for URLFailure / URLSuccess / URLNotify

GET for URLFailure / URLSuccess / URLNotify if 3DSV1 fallback

Response format

Alternative payment methods

GET for URLFailure / URLSuccess / URLNotify

Card data

PCNr

CCExpiry

CCCVC

CCBrand

JSON Object Card

Or JSON Object Card + PCNR / CCExpiry / CCBrand if 3DSV1 fallback

Use-cases

One-click

Initial payment

/

Use "MsgVer=2.0”, JSON objects credentialOnFile and threeDSPolicy

One-click payment

JSON Object credentialOnFile

{
    "type": {
        "unscheduled": "CIT"
    },
    "initialPayment": true,
  	"useCase": "cof"   
}

JSON Object threeDSPolicy

{
	"challengePreference": "mandateChallenge"
}

One-click

One-click payments

PCNr

CCExpiry

CCCVC

CCBrand

Use "MsgVer=2.0”, JSON objects credentialOnFile and threeDSPolicy

One-click payment

JSON Object credentialOnFile

{
    "type": {
        "unscheduled": "CIT"
    },
    "initialPayment": false,
  	"useCase": "ucof"   
}

Subscription with fixed amount and frequency

Initial payment

Parameter "RTF=I"

Card data : PCNr, CCExpiry, CCBrand…

Server-to-Server

Use "MsgVer=2.0”, JSON objects credentialOnFile and threeDSPolicy

JSON Object Card and the parameter schemeReferenceID are sent in the response.

Batch

Batch implementation remains the same

More details

JSON object credentialOnFile

{
    "type": {
        "recurring": {
            "recurringFrequency": 30,
            "recurringStartDate": "2019-09-14",
            "recurringExpiryDate": "2020-09-14"
        }
    },
    "initialPayment": true,
    "useCase": "fixed" 
}

JSON object threeDSPolicy

{
	"challengePreference": "mandateChallenge"
}

Subscription with fixed amount and frequency

Subscription payment

Parameter "RTF=R"

Card data : PCNr, CCExpiry, CCBrand…

Server-to-Server

Use "MsgVer=2.0”, JSON objects credentialOnFile, Card et the parameter schemeReferenceID.

JSON Object Card and the schemeReferenceID are sent in the response.

Batch

Batch implementation remains the same

More details

JSON Object credentialOnFile

{
    "type": {
        "recurring": {
            "recurringFrequency": 30,
            "recurringStartDate": "2019-09-14",
            "recurringExpiryDate": "2020-09-14"
        }
    },
    "initialPayment": false,
    "useCase": "fixed" 
}

Subscription with variable amount and frequency

Initial payment

Parameter "RTF=E"

Card data : PCNr, CCExpiry, CCBrand…

Server-to-Server

Use "MsgVer=2.0”, JSON objects credentialOnFile and threeDSPolicy

JSON Object Card and the parameter schemeReferenceID are sent in the response.

Batch

Batch implementation remains the same

More details

JSON Object credentialOnFile

{
    "type": {
        "unscheduled": "CIT"
    },
    "initialPayment": true,
  	"useCase": "ucof"   
}

JSON Object threeDSPolicy

{
	"challengePreference": "mandateChallenge"
}

Subscription with variable amount and frequency

Subsequent payments

Parameter "RTF=M"

Card data : PCNr, CCExpiry, CCBrand…

Server-to-Server

Use "MsgVer=2.0”, JSON objects credentialOnFile, Card et the parameter schemeReferenceID.

JSON Object Card and the schemeReferenceID are sent in the response.

Batch

Batch implementation remains the same

More details

JSON Object credentialOnFile

{
    "type": {
        "unscheduled": "MIT"
    },
    "initialPayment": false,
  	"useCase": "ucof"   
}

Payment features are detailed in the section Payment Features

CMS et 3DSV2

A VOIR AVEC DAMIEN