Response Handling

Integration Guide: 3DS

Workflows for different 3-D Secure 2.0 (3DS2) Device Data Collection (DDC) scenarios are described below.

Scenario - The user enters payment information and clicks Submit.

  • Action - Disable the Submit button and send an Authorize API request.
  • Contract - No change.

Scenario - Receive a 200501 status code.

  • Action - Load HTML from the web-method node in the invisible iframe and start a timer using the expiry node:

    • Scenario 1 : Device Data Collected Successfully
    • Scenario 2 : Device Data Collection Will Fail
    • Scenario 3 : Device Data Collection Will Expire
  • Contract -

    <?xml version="1.0" encoding="UTF-8"?>
    <root>
        <status code="200501">DDC verification required for Authorization</status>
        <web-method>{{html encoded data}}</web-method>
        <ddc-expiry>{{in milliseconds}}</ddc-expiry>
        <return-url>{{url}}</return-url>
        <card-mask>{{masked card number}}</card-mask>
        <expiry>{{card expiry in MM/YY}}</expiry>
    </root>
    

Scenario - DDC is completed successfully, or it fails.

  • Action - The application will get JSON in the format shown below:

    {
    		"id": "{{ddc_id}}",
    		"collection_time": "{{in_millisecond}}",
    		"expired": "{{boolean}}",
    		"additional_info": {
    			"info": [
    				{
    					"key": "{{key}}",
    					"value": "{{value}}"
    				},
    				{
    					"key": "{{key}}",
    					"value": "{{value}}"
    				}
    			]
    		}
    	}
    
    • Convert JSON to XML.
    • Add "expired": "{{boolean}}, "collection_time": "{{in_millisecond}}" in above JSON.
    • Append the XML to an Authorize request and send it.
  • Contract - Request : No Change +

    <device_data_info>
    	<id>{{ddc_id}}</id>
    	<collection_time>{{in_milliseconds}}</collection_time>
    	<expired>{{boolean}}</expired>
    	<additional_info>
    		<info>
    			<key>{{key}}</key>
    			<value>{{value}}</value>
    		</info>
    		<info>
    			<key>{{key}}</key>
    			<value>{{value}}</value>
    		</info>
    	</additional_info>
    </device_data_info>
    

Scenario - DDC is expired.

  • Action - Do the following:

    • Exit the iframe.
    • Populate the device_data_info node with these values:
      • expired = true
      • collection_time = assign a time in milliseconds
    • Append the device_data_info node to an Authorize request and send it.
  • Contract -

    <device_data_info>	
    	<collection_time>{{in_milliseconds}}</collection_time>
    	<expired>true</expired>	
    </device_data_info>
    

Scenario - Receive a 2005 status code.

  • Action - Redirect.

  • Contract -

    <?xml version="1.0" encoding="UTF-8"?>
    <root>
    	<status code="2005">3D verification required for Authorization</status>
    	<web-method>{{html encoded data}}</web-method> or <parsed-challenge> ... </parsed-challenge>	
    	<device_collection_status>
    		<status>
    			<code>{{DDC Code}}</code>
    			<description>3D verification required for Authorization</description>
    		</status>
    	</device_collection_status>
    </root>
    

Scenario - Receive a 2000 status code.

  • Action - Show the error and allow the user to retry.

  • Contract -

    <?xml version="1.0" encoding="UTF-8"?>
    <root>
    	<status code="2010">{{Msg}}</status>
    	<device_collection_status>
    		<status>
    			<code>{{DDC Code}}</code>
    			<description>3D verification required for Authorization</description>
    		</status>
    	</device_collection_status>	
    </root>
    

Scenario - Receive an XX status code.

  • Action - Show the error and allow the user to retry.

  • Contract -

    <?xml version="1.0" encoding="UTF-8"?>
    <root>
    	<status code="XX">{{Msg}}</status>
    	<device_collection_status>
    		<status>
    			<code>{{DDC Code}}</code>
    			<description>3D verification required for Authorization</description>
    		</status>
    	</device_collection_status>	
    </root>