Search Overlay

3DS

3D Secure 2.0 is an authentication protocol that provides an additional layer of security for online credit and debit card transactions. It is used for Strong Customer Authentication (SCA), which is required under the European Union's Payment Services Directive 2 (PSD2) regulation.

3DS2.0 allows merchants to authenticate their customers by using a wide range of data elements, such as biometric data, device information, and transaction history. This reduces the likelihood of fraudulent transactions and provides a more secure online shopping experience.

Paysafe's checkout solution provides merchants with the option to use 3DS2.0 for Strong Customer Authentication (SCA) compliance, helping merchants and issuers authenticate cardholders during a transaction. This protocol enables fraud prevention and ensures transactions are authorized by the cardholder.

Paysafe supports 3DS to comply with Strong Customer Authentication (SCA) regulations under the Payment Service Directive (PSD2). The 3D Secure protocol introduces an additional layer of verification and protects you from liability for fraudulent card payments and makes online payments more secure.

Paysafe Checkout lets you easily configure the 3DSs settings with the click of a mouse button. You can choose to skip 3DS for all customer transactions completely, or you can even set a certain limit to enforce 3DS authentication.

  • Skip 3DS
  • Enable 3DS2.0

Skip 3DS

To skip 3DS authentication fully, follow these steps:

  1. Log in to the Business Portal. 

  2. Navigate to Configurations in the left pane. 

  3. Click Configurations. 

  4. Click 3D Secure Configurations. 

  5. In Configure your 3DS Preferences section, select Yes to skip.

    • Select No to allow 3DS authentication. 

Steps in 3D Secure

Perform the following steps: 

  1. 3DS should be enabled for the card account and support schemes.

    <html>
    <head>

    <script src="https://api.qa.paysafe.com/checkout/v2/paysafe.checkout.min.js"></script>
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0"></meta>
    <meta http-equiv="ScreenOrientation" content="autoRotate:disabled"></meta>
    </head>

    <body>
    <button onclick="checkout(true)"> Deposit </button>
    <button onclick="checkout(false)"> Withdraw </button>
    </body>

    <script>
    function checkout() {

    options ={
    "currency": "USD",
    "amount": 1040,
    /*************************************3DS Object**********************************************/

    "threeDs": {
    "merchantUrl": "https://api.qa.paysafe.com/checkout/v2/index.html#/desktop",
    "deviceChannel": "BROWSER",
    "messageCategory": "PAYMENT",
    "authenticationPurpose": "PAYMENT_TRANSACTION",
    "transactionIntent": "GOODS_OR_SERVICE_PURCHASE"
    },

    /********************************************************************************************/

    }
    paysafe.checkout.setup(apikey, options, resultsCallback, closeCallback, riskCallback);>
    }
    </script>
    </html>
  2. In the setup options of checkout, provide the threeDs object. 

  3. When the checkout opens depending upon the configuration when the user uses the card to pay, the 3DS challenge would be visible on the checkout.

  4. In the response of resultsCallback, 3 objects would be returned: instance, error, and result.

  5. The result.paymentHandletoken will be sent in the Payments API to complete the payment. 

  6. The details of the 3DS authentication can be fetched by doing a get call on the Payment Handle. 

3DS Object Parameters

Element Type Description
authenticationPurpose enum, Mandatory

This is the type of Authentication request. This data element provides additional information to the ACS to determine the best approach for handling an authentication request. Possible values are:

  • PAYMENT_TRANSACTION
  • RECURRING_TRANSACTION
  • INSTALMENT_TRANSACTION
  • ADD_CARDMAINTAIN_CARD
  • EMV_TOKEN_VERIFICATION
deviceChannel enum, Mandatory

This is the type of channel interface used to initiate the transaction.

Possible Values:

  • BROWSER
  • APP
merchantUrl string, Mandatory length =2048 This is the fully qualified URL of the merchant's commercial or customer care website
messageCategory enum, Mandatory

This is the category of the message for a specific use case. Possible values are:

  • PAYMENT
  • NON_PAYMENT

For more information, see Perform a 3D secure 2 Authentication

Payment Handle Status

Mastercard

ThreeDResult ECI CAVV Authentication Experience Liability (for disputed transaction or chargebacks) Recommended Action Payment Handle
A - Authentication attempted 1 Present Frictionless Card Issuer Proceed to Card Authorization Payable
N - Authentication failed 0 Not Present Challenge/Frictionless Merchant Do not proceed with the transaction Failed
R - Authentication rejected 0 Not Present Frictionless Merchant Do not proceed with the transaction Failed
U - Authentication unavailable 0 Not Present Challenge/Frictionless Merchant Do not proceed with the transaction Failed
Y - Authentication successful 2 Present Challenge/Frictionless Card Issuer Proceed to Card Authorization Payable

Visa

ThreeDResult ECI CAVV Authentication Experience Liability (for disputed transaction or chargebacks) Recommended Action Payment Handle
Y - Authentication successful 5 Present Challenge/Frictionless Card Issuer Proceed to Card Authorization Payable
A - Authentication attempted 6 Present Frictionless Card Issuer Proceed to Card Authorization Payable
N - Authentication failed 7 Not Present Challenge/Frictionless Merchant Do not proceed with the transaction Failed
U - Authentication unavailable 7 Not Present Challenge/Frictionless Merchant Do not proceed with the transaction Failed
R - Authentication rejected 7 Not Present Frictionless Merchant Do not proceed with the transaction Failed

 

Amex

ThreeDResult ECI CAVV Authentication Experience Liability (for disputed transaction or chargebacks) Recommended Action Payment Handle
Y - Authentication successful 5 Present Challenge/Frictionless Card Issuer Proceed to Card Authorization Payable
A - Authentication attempted 6 Present Frictionless Card Issuer Proceed to Card Authorization Payable
N - Authentication failed 7 Not Present Challenge/Frictionless Merchant Do not proceed with the transaction Failed
U - Authentication unavailable 7 Not Present Challenge/Frictionless Merchant Do not proceed with the transaction Failed
R - Authentication rejected 7 Not Present Frictionless Merchant Do not proceed with the transaction Failed