Before You Start
This guide is intended for developers who are interested in using the 3D Secure 2 API to authenticate cardholders prior to making a payment request using the Paysafe Group Card Payments API. If you currently use the Paysafe Group Checkout SDK or the Paysafe.js SDK and would like to benefit from 3D Secure 2, review the following sections for more information:
Use of the 3D Secure 2 API in conjunction with the Card Payments API requires you to securely collect cardholder details such as the card number, expiry date, and card verification code on your e-commerce website and send these to Paysafe Group with your API request.
Prerequisites
- To use the 3D Secure 2 API for the Card Payments API you must be PCI DSS compliant to level SAQ D.
- To use the 3D Secure 2 API for the Paysafe Group Checkout SDK or the Paysafe.js SDK you must be PCI DSS compliant to level SAQ A.
- Before you start integrating, be sure to apply for the accounts you need to test your integration.
- To get the most out of your integration, read through our 3D Secure 2 Best Practices and Acceptance Guidelines.
NOTE: This guide assumes that you have developer-level knowledge of REST-based APIs, which you use to connect to the Paysafe platform.
Using the REST API
- API calls use the REST architecture. All requests and responses use the JSON (JavaScript Object Notation) format.
- Test API calls can be sent to the Paysafe platform using cURL. Alternatively, you can use a graphical browser-based REST client tool such as Postman or the Advanced Rest Client. An example is provided in the section on REST architecture.
- All API requests must be made over HTTPS. Calls made over plain HTTP will fail.
- API requests without authentication will fail.
The Payment Card Industry (PCI) imposes strict regulations related to the handling and storage of customer payment method details by merchants and service providers, as part of the industry's Data Security Standards (DSS) for online payments. Merchants accepting online payments must conform to the PCI DSS. For more information, see PCI DSS Compliance.