3DS
3D Secure 2.0 is an authentication protocol that provides an additional layer of security for online credit and debit card transactions. It is used for Strong Customer Authentication (SCA), which is required under the European Union's Payment Services Directive 2 (PSD2) regulation.
3DS2.0 allows merchants to authenticate their customers by using a wide range of data elements, such as biometric data, device information, and transaction history. This reduces the likelihood of fraudulent transactions and provides a more secure online shopping experience.
Paysafe's checkout solution provides merchants with the option to use 3DS2.0 for Strong Customer Authentication (SCA) compliance, helping merchants and issuers authenticate cardholders during a transaction. This protocol enables fraud prevention and ensures transactions are authorized by the cardholder.
Paysafe supports 3DS to comply with Strong Customer Authentication (SCA) regulations under the Payment Service Directive (PSD2). The 3D Secure protocol introduces an additional layer of verification and protects you from liability for fraudulent card payments and makes online payments more secure.
Paysafe Checkout lets you easily configure the 3DSs settings with the click of a mouse button. You can choose to skip 3DS for all customer transactions completely, or you can even set a certain limit to enforce 3DS authentication.
- Skip 3DS
- Enable 3DS2.0
Skip 3DS
To skip 3DS authentication fully, follow these steps:
-
Log in to the Business Portal.
-
Navigate to Configurations in the left pane.
-
Click Configurations.
-
Click 3D Secure Configurations.
-
In Configure your 3DS Preferences section, select Yes to skip.
-
Select No to allow 3DS authentication.
-
Steps in 3D Secure
Perform the following steps:
-
3DS should be enabled for the card account and support schemes.
<html>
<head>
<script src="https://api.qa.paysafe.com/checkout/v2/paysafe.checkout.min.js"></script>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0"></meta>
<meta http-equiv="ScreenOrientation" content="autoRotate:disabled"></meta>
</head>
<body>
<button onclick="checkout(true)"> Deposit </button>
<button onclick="checkout(false)"> Withdraw </button>
</body>
<script>
function checkout() {
options ={
"currency": "USD",
"amount": 1040,
/*************************************3DS Object**********************************************/
"threeDs": {
"merchantUrl": "https://api.qa.paysafe.com/checkout/v2/index.html#/desktop",
"deviceChannel": "BROWSER",
"messageCategory": "PAYMENT",
"authenticationPurpose": "PAYMENT_TRANSACTION",
"transactionIntent": "GOODS_OR_SERVICE_PURCHASE"
},
/********************************************************************************************/
}
paysafe.checkout.setup(apikey, options, resultsCallback, closeCallback, riskCallback);>
}
</script>
</html> -
In the setup options of checkout, provide the threeDs object.
-
When the checkout opens depending upon the configuration when the user uses the card to pay, the 3DS challenge would be visible on the checkout.
-
In the response of resultsCallback, 3 objects would be returned: instance, error, and result.
-
The result.paymentHandletoken will be sent in the Payments API to complete the payment.
-
The details of the 3DS authentication can be fetched by doing a get call on the Payment Handle.
3DS Object Parameters
Element | Type | Description |
---|---|---|
authenticationPurpose | enum, Mandatory | This is the type of Authentication request. This data element provides additional information to the ACS to determine the best approach for handling an authentication request. Possible values are:
|
deviceChannel | enum, Mandatory | This is the type of channel interface used to initiate the transaction. Possible Values:
|
merchantUrl | string, Mandatory length =2048 | This is the fully qualified URL of the merchant's commercial or customer care website |
messageCategory | enum, Mandatory | This is the category of the message for a specific use case. Possible values are:
|
For more information, see Perform a 3D secure 2 Authentication.
Payment Handle Status
Mastercard
ThreeDResult | ECI | CAVV | Authentication Experience | Liability (for disputed transaction or chargebacks) | Recommended Action | Payment Handle |
---|---|---|---|---|---|---|
A - Authentication attempted | 1 | Present | Frictionless | Card Issuer | Proceed to Card Authorization | Payable |
N - Authentication failed | 0 | Not Present | Challenge/Frictionless | Merchant | Do not proceed with the transaction | Failed |
R - Authentication rejected | 0 | Not Present | Frictionless | Merchant | Do not proceed with the transaction | Failed |
U - Authentication unavailable | 0 | Not Present | Challenge/Frictionless | Merchant | Do not proceed with the transaction | Failed |
Y - Authentication successful | 2 | Present | Challenge/Frictionless | Card Issuer | Proceed to Card Authorization | Payable |
Visa
ThreeDResult | ECI | CAVV | Authentication Experience | Liability (for disputed transaction or chargebacks) | Recommended Action | Payment Handle |
---|---|---|---|---|---|---|
Y - Authentication successful | 5 | Present | Challenge/Frictionless | Card Issuer | Proceed to Card Authorization | Payable |
A - Authentication attempted | 6 | Present | Frictionless | Card Issuer | Proceed to Card Authorization | Payable |
N - Authentication failed | 7 | Not Present | Challenge/Frictionless | Merchant | Do not proceed with the transaction | Failed |
U - Authentication unavailable | 7 | Not Present | Challenge/Frictionless | Merchant | Do not proceed with the transaction | Failed |
R - Authentication rejected | 7 | Not Present | Frictionless | Merchant | Do not proceed with the transaction | Failed |
Amex
ThreeDResult | ECI | CAVV | Authentication Experience | Liability (for disputed transaction or chargebacks) | Recommended Action | Payment Handle |
---|---|---|---|---|---|---|
Y - Authentication successful | 5 | Present | Challenge/Frictionless | Card Issuer | Proceed to Card Authorization | Payable |
A - Authentication attempted | 6 | Present | Frictionless | Card Issuer | Proceed to Card Authorization | Payable |
N - Authentication failed | 7 | Not Present | Challenge/Frictionless | Merchant | Do not proceed with the transaction | Failed |
U - Authentication unavailable | 7 | Not Present | Challenge/Frictionless | Merchant | Do not proceed with the transaction | Failed |
R - Authentication rejected | 7 | Not Present | Frictionless | Merchant | Do not proceed with the transaction | Failed |