Guides

3DS Response Handling

Integration Guide: 3DS

Suggest Edits

Workflows for different 3-D Secure 2.0 (3DS2) Device Data Collection (DDC) scenarios are described below.

Scenario - The user enters payment information and clicks Submit.

  • Action - Disable the Submit button and send an Authorize API request.
  • Contract - No change.

Scenario - Receive a 200501 status code.

  • Action - Load HTML from the web-method node in the invisible iframe and start a timer using the expiry node:

    • Scenario 1 : Device Data Collected Successfully
    • Scenario 2 : Device Data Collection Will Fail
    • Scenario 3 : Device Data Collection Will Expire

  • Contract -

    <?xml version="1.0" encoding="UTF-8"?>
<root>
    <status code="200501">DDC verification required for Authorization</status>
    <web-method>{{html encoded data}}</web-method>
    <ddc-expiry>{{in milliseconds}}</ddc-expiry>
    <return-url>{{url}}</return-url>
    <card-mask>{{masked card number}}</card-mask>
    <expiry>{{card expiry in MM/YY}}</expiry>
</root>

Scenario - DDC is completed successfully, or it fails.

  • Action - The application will get JSON in the format shown below:

    {
		"id": "{{ddc_id}}",
		"collection_time": "{{in_millisecond}}",
		"expired": "{{boolean}}",
		"additional_info": {
			"info": [
				{
					"key": "{{key}}",
					"value": "{{value}}"
				},
				{
					"key": "{{key}}",
					"value": "{{value}}"
				}
			]
		}
	}
    • Convert JSON to XML.
    • Add "expired": "{{boolean}}, "collection_time": "{{in_millisecond}}" in above JSON.
    • Append the XML to an Authorize request and send it.

  • Contract - Request : No Change +

    <device_data_info>
	<id>{{ddc_id}}</id>
	<collection_time>{{in_milliseconds}}</collection_time>
	<expired>{{boolean}}</expired>
	<additional_info>
		<info>
			<key>{{key}}</key>
			<value>{{value}}</value>
		</info>
		<info>
			<key>{{key}}</key>
			<value>{{value}}</value>
		</info>
	</additional_info>
</device_data_info>

Scenario - DDC is expired.

  • Action - Do the following:

    • Exit the iframe.
    • Populate the device_data_info node with these values:
      • expired = true
      • collection_time = assign a time in milliseconds
    • Append the device_data_info node to an Authorize request and send it.

  • Contract - 

    <device_data_info>	
	<collection_time>{{in_milliseconds}}</collection_time>
	<expired>true</expired>	
</device_data_info>

Scenario - Receive a 2005 status code.

  • Action - Redirect.

  • Contract - 

    <?xml version="1.0" encoding="UTF-8"?>
<root>
	<status code="2005">3D verification required for Authorization</status>
	<web-method>{{html encoded data}}</web-method> or <parsed-challenge> ... </parsed-challenge>	
	<device_collection_status>
		<status>
			<code>{{DDC Code}}</code>
			<description>3D verification required for Authorization</description>
		</status>
	</device_collection_status>
</root>

Scenario - Receive a 2000 status code.

  • Action - Show the error and allow the user to retry.

  • Contract - 

    <?xml version="1.0" encoding="UTF-8"?>
<root>
	<status code="2010">{{Msg}}</status>
	<device_collection_status>
		<status>
			<code>{{DDC Code}}</code>
			<description>3D verification required for Authorization</description>
		</status>
	</device_collection_status>	
</root>

Scenario - Receive an XX status code.

  • Action - Show the error and allow the user to retry.

  • Contract - 

    <?xml version="1.0" encoding="UTF-8"?>
<root>
	<status code="XX">{{Msg}}</status>
	<device_collection_status>
		<status>
			<code>{{DDC Code}}</code>
			<description>3D verification required for Authorization</description>
		</status>
	</device_collection_status>	
</root>

Updated 26 days ago