3D Secure

3D Secure is a security protocol used as an additional layer of security for online credit card transactions prior to authorization in order to prevent fraud. 3D Secure comes from the three-domain model used to provide the additional layer of secure authentication between the financial authorization process and online authentication process. The service is provided by Visa and MasterCard under the name Verified by Visa and MasterCard SecureCode.

3D Secure enables customers to validate transactions they make over the internet by requesting an authentication method (usually a a password-based method sent over mobile or email address is used), thus reducing the risk of fraudulent use by unauthorized individuals.

3D Secure Payments

For enabling and using 3D Secure service, there are two options:

  • statically, in which we can enable for you the 3D Secure service at SiteID level;
  • dynamically, in which you send the 3DSecure parameter in the payment request.

If you set the 3DSecure parameter to true, the customer will be required to authenticate the card used for that transaction:

Request:

POST https://securetest.smart2pay.com/v1/payments
Authorization: Basic MTAxMDpnYWJp

{
  "Payment": {
    "MerchantTransactionID": "s2ptest_1002",
    "Amount": 100,
    "Currency": "EUR",
    "ReturnURL": "http://demo.smart2pay.com/redirect.php",
    "Description": "S2P 3Dsecure test",    
    "Card": {
      "HolderName": "John Doe",
      "Number": "4548812049400004",
      "ExpirationMonth": "05",
      "ExpirationYear": "2021",
      "SecurityCode": "123"
      },
    "3DSecure": true
  }
}

Response:

HTTP/1.1 201 Created
Content-Type: application/json; charset=utf-8

{
  "Payment": {
    "ID": 203771,
    "ClientIP": null,
    "SkinID": null,
    "Created": "20180509114444",
    "MerchantTransactionID": "s2ptest_1002",
    "OriginatorTransactionID": null,
    "Amount": "100",
    "Currency": "EUR",
    "CapturedAmount": "0",
    "ReturnURL": "http://demo.smart2pay.com/redirect.php",
    "Description": "S2P 3Dsecure test",
    "StatementDescriptor": null,
    "MethodID": 6,
    "MethodOptionID": null,
    "SiteID": 1010,
    "NotificationDateTime": null,
    "Customer": null,
    "BillingAddress": null,
    "ShippingAddress": null,
    "Articles": null,
    "Card": {
      "HolderName": "John Doe",
      "Number": "Ends with 0004",
      "ExpirationMonth": "05",
      "ExpirationYear": "2021"
      },
    "CreditCardToken": null,
    "Status": {
      "ID": 1,
      "Info": "Open",
      "Reasons": []
      },
    "MethodTransactionID": null,
    "PaymentTokenLifetime": 10,
    "Capture": false,
    "Retry": false,
    "RedirectURL": "https://securetest.smart2pay.com/v1/Payments/FillCardDetails?PaymentToken=203771.1010.05D9FE3FD0AF7FD3D1C848A82F5F54985&SkipLandingPage=true",
    "3DSecure": true,
    "Fraud": null
  }
}

Access the RedirectURL received in the payment response and enter an identification code. Please note that the landing page will be different depending on the card issuer.

For test purposes, please enter the identification test code received on the page (123456). For a Success 3D Secure Authentication click on the Acceptar button and for a Failed 3D Secure Authentication click on the Cancelar button.

1 Enter Identification Code

You will receive a payment notification to the Notification URL you setup in the Merchant Dashboard containing the new payment status. For more information on Payment Notifications with Success or Failed 3D Secure Authentication, go to our section 3D Secure Payment Notification.

3D Secure Payment Notification

We will notify you about the new status of the payment to the Notification URL you setup in the Merchant Dashboard. The format of the received notification has the same structure as the response of the initial request.

  • For a payment with Success 3D Secure Authentication, you will receive the below notification:

    You need to respond with HTTP code 204 (No Content)!

    Payment notification format:

    Authorization: Basic MTAxMDpnYWJp
    
    {
      "Payment": {
        "ID": 203771,
        "ClientIP": null,
        "SkinID": null,
        "Created": "20180509114444",
        "MerchantTransactionID": "s2ptest_1002",
        "OriginatorTransactionID": null,
        "Amount": "100",
        "Currency": "EUR",
        "CapturedAmount": "0",
        "ReturnURL": "http://demo.smart2pay.com/redirect.php",
        "Description": "S2P 3Dsecure test",
        "StatementDescriptor": null,
        "MethodID": 6,
        "MethodOptionID": null,
        "SiteID": 1010,
        "NotificationDateTime": null,
        "Customer": null,
        "BillingAddress": null,
        "ShippingAddress": null,
        "Articles": null,
        "Card": {
          "HolderName": "John Doe",
          "Number": "Ends with 0004",
          "ExpirationMonth": "5",
          "ExpirationYear": "2021"
        },
        "CreditCardToken": null,
        "Status": {
          "ID": 9,
          "Info": "Authorized",
          "Reasons": []
        },
        "MethodTransactionID": null,
        "PaymentTokenLifetime": null,
        "Capture": false,
        "Retry": false,
        "RedirectURL": null,
        "3DSecure": true,
        "Fraud": null
      }
    }
    

    Response:

    204 No Content
  • For a Failed 3D Secure Authentication, you will receive the below notification:

    You need to respond with HTTP code 204 (No Content)!

    Payment notification format:

    Authorization: Basic MTAxMDpnYWJp
    
    {
      "Payment": {
        "ID": 203772,
        "ClientIP": null,
        "SkinID": null,
        "Created": "20180509114626",
        "MerchantTransactionID": "s2ptest_1003",
        "OriginatorTransactionID": null,
        "Amount": "100",
        "Currency": "EUR",
        "CapturedAmount": "0",
        "ReturnURL": "http://demo.smart2pay.com/redirect.php",
        "Description": "S2P 3Dsecure test",
        "StatementDescriptor": null,
        "MethodID": 6,
        "MethodOptionID": null,
        "SiteID": 10101,
        "NotificationDateTime": null,
        "Customer": null,
        "BillingAddress": null,
        "ShippingAddress": null,
        "Articles": null,
        "Card": {
          "HolderName": "John Doe",
          "Number": "Ends with 0004",
          "ExpirationMonth": "5",
          "ExpirationYear": "2021"
        },
        "CreditCardToken": null,
        "Status": {
          "ID": 4,
          "Info": "Failed",
          "Reasons": [
            {
              "Code": "5073",
              "Info": "Error in holder authentication"
            }
          ]
        },
        "MethodTransactionID": null,
        "PaymentTokenLifetime": null,
        "Capture": false,
        "Retry": false,
        "RedirectURL": null,
        "3DSecure": true,
        "Fraud": null
      }
    }

    Response:

    204 No Content