3D Secure
Overview
3D Secure (3DS) is an authentication protocol designed to add an extra layer of security for online credit and debit card transactions. It aims to reduce the risk of unauthorized card usage and mitigate fraud by requiring additional authentication steps from the cardholder.
The threeDS object
threeDS objectThe threeDS object encapsulates various parameters related to the 3DS authentication process. It provides detailed information about the authentication status, transaction identifiers, and relevant parameters. You can expect to receive the threeDS object in the Notifications under paymentComposition. Below is a breakdown of the key components within the threeDS object:
"threeDS": {
"authenticationValue": "AAABAVIREQAAAAAAAAAAAAAAAAA=",
"challenged": true,
"dsTransId": "5ed5d1d0-982f-45f4-97a1-68651ac429d0",
"eci": "05",
"enrolled": "Y",
"exemptionApplied": "none",
"exemptionIndicator": "none",
"transStatus": "Y",
"version": "2.2.0"
}The structure of the object is based in the EMV 3DS 2.3.1.1 specification (PDF). However, depending on the availability of those fields in the response from your payment provider, we may not have all of them for all cases. Please contact our team to make sure you will get all the information you need for your processing.
Parameters
| Field | Description |
|---|---|
authenticationValue | The cryptographic value generated during the 3DS authentication process to verify the transaction's authenticity. |
challenged | A boolean value indicating whether the transaction was challenged during the 3DS authentication process. |
dsTransId | The unique transaction identifier generated by the 3DS system for tracking purposes. |
eci | Electronic Commerce Indicator (ECI) code indicating the outcome of the 3DS authentication process. Possible values here. |
enrolled | Indicates whether the cardholder's card is enrolled in the 3DS program. |
exemptionApplied | Specifies if any exemptions were applied during the 3DS authentication process. |
exemptionIndicator | Additional information about the type of exemption applied, if any. |
transStatus | Indicates the outcome of the 3DS authentication process for the transaction. Possible values here. |
version | Specifies the version of the 3DS protocol used for authentication. |
eci values
eci valuesAccording to the 3DS specification, the following are the possible values for the eci field.
| Value | Description | Source |
|---|---|---|
00 | Authentication Failed | Mastercard |
01 | Authentication attempted, but not completed | Mastercard |
02 | Authentication Successful | Mastercard |
05 | Authentication Successful | Visa, American Express, Discover, JCB, UnionPay |
06 | Authentication attempted, but not completed | Visa, American Express, Discover, JCB, UnionPay |
07 | Authentication Failed | Visa, American Express, Discover, JCB, UnionPay |
transStatus values
transStatus valuesAccording to the 3DS specification, the following are the possible values for the transStatus field.
| Value | Description | Next Action |
|---|---|---|
Y | Authentication Successful | The transaction achieved a Frictionless authentication. Continue to authorization using the authenticationValue from the Authenticate Response. |
A | Authentication Attempted | The cardholder was not authenticated, but proof of the authentication being attempted has been provided. Continue to authorization using the authenticationValue from the Authenticate Response. |
N | Authentication Failed | Authentication has failed. Only proceed to authorization if authentication is not required, and this is within your risk appetite. |
U | Authentication Unavailable | Authentication is unavailable. Only proceed to authorization if authentication is not required, and this is within your risk appetite. |
R | Authentication Rejected | Authentication was rejected. Only proceed to authorization if authentication is not required, and this is within your risk appetite. |
C | Challenge Required | A challenge is required, make a Challenge Request. |
I | Information | Authentication for the transaction was not requested. The data was sent to the ACS for informational purposes only. |
D | Decoupled Challenge Required | A challenge will be performed by the issuer without using a 3DS Challenge Request. Make a Result Request to learn the final outcome. You may need to wait the length of time set in the threeDSRequestorDecMaxTime Authenticate Request field. |
Updated about 2 months ago