Scenarios

This scenario illustrates a typical process where the card issuer does not challenge the cardholder and the cardholder is successfully authenticated. This new flow streamlines the consumer checkout experience by reducing additional customer verification steps for low-risk transactions.

In the scenario above, the merchant uses the 3D Secure 2 API to collect the device fingerprint ID and authenticate the cardholder. The card issuer determines that they have received enough contextual data to proceed with the authentication without requiring additional customer verification (challenge) and returns the status=COMPLETED, threeDResult=Y, and the authenticationId parameters along with other fields. In this case, the merchant should consult the Liability Shift matrix to determine whether to proceed with the Authorization request.

This scenario illustrates a typical process where the card issuer challenges the cardholder and the cardholder is successfully authenticated.

In the scenario above, the merchant uses the 3D Secure 2 API to collect the device fingerprint ID and authenticate the cardholder. The card issuer deems the request a high-risk transaction and issues a challenge. The status=COMPLETED, threeDResult*=C, and the sdkChallengePayload parameters are returned to the merchant along with other fields. The merchant passes the sdkChallengePayload though the JavaScript SDK challenge function and then looks up the result using the authenticationId once the challenge is completed. Depending on the result, the merchant should consult the Liability Shift matrix to determine whether to proceed with the Authorization request.