Standalone 3D Secure

Standalone 3D Secure 1

Important! The decommission of 3D Secure 1 has started. Visa, Mastercard, American Express, JCB, Diners/Discover, Mada and Carte Bancaire will discontinue support for 3DS 1 in October 2022.

Besides executing 3D Secure with a regular payment, it is also possible to perform a 3D Secure request as a standalone asynchronous flow using Server-to-Server.

NOTE: You must be fully PCI compliant if you wish to perform a standalone 3D Secure request (as it requires you to collect card data). If you are not fully PCI compliant, you can use COPYandPAY to perform the 3D Secure request as part of the payment.

How it works

Send a 3D request

Send a Server-to-Server request to the 3D Secure endpoint.

Redirect the browser

Perform the redirect using the parameters returned in the first step. Display the request form so that the shopper can authorize the payment.

Get the 3D request status

Based on the details returned make a decision on whether to proceed with the payment.

1. Send a 3D request

Use the /v1/threeDSecure endpoint to initiate a standalone 3D Secure authentication flow.

2. Redirect the browser

If the card enrollment verification passes, the server will return a redirect element containing a url and some parameters in the response. Use this data to create a HTML/JavaScript page that will redirect the shopper's browser to the Access Control Server (ACS).

After the authentication phase, the shopper is redirected back to the platform for continuing with the asynchronous part of the payment transaction and at the end the platform will redirect the shopper using GET to the URL provided in the shopperResultUrl along with a resourcePath parameter pointing to endpoint presented in the next step.

3. Get the 3D request status

Use the /v1/threeDSecure/{id} endpoint to get detailed information about the 3D Secure request.