Search Overlay
Searchbox clear search filters ESC
Filter PreferencesClear

No results found

3DS

We prioritize the security and protection of card payments through the implementation of 3D Secure (3DS), an advanced authentication protocol. 3DS adds an extra layer of security to online transactions, reducing the risk of fraudulent activities and ensuring a safer payment experience for you and your consumers.

Overview of 3DS

3D Secure 2.0 is an authentication protocol that provides an additional layer of security for online credit and debit card transactions.

  • European Union (EU):

    • Directive: Payment Services Directive 2 (PSD2).
    • Regions: All EU member states, including the European Economic Area (EEA) countries.

  • United States:

    • No specific directive at the federal level. However, individual card networks like Visa, Mastercard, American Express, and Discover have implemented their own 3DS programs to enhance security for card-not-present transactions.

  • Canada:

    • Directive: There is no specific federal directive, but individual card networks may enforce 3DS requirements.

3DS 2.0 allows you to authenticate consumers by using a wide range of data elements, such as biometric data, device information, and transaction history. This reduces the likelihood of fraudulent transactions and provides a more secure online shopping experience.

Liability Shift in 3DS

One of the significant benefits of 3D Secure is the liability shift. When a transaction is successfully authenticated through 3DS, the liability for any chargeback resulting from fraudulent use of the card shifts from you to the card issuer or issuing bank. This means that in cases where a 3DS-authenticated transaction is later disputed as fraudulent, you are protected from financial liability, and the responsibility falls on the card issuer to investigate and resolve the dispute.

With Paysafe's support for 3DS, you can provide consumers with a secure payment environment while safeguarding your business from potential losses due to fraudulent chargebacks. By leveraging 3DS, you can build trust and confidence, enhancing the overall payment experience for consumers.

How Paysafe Checkout supports 3DS

We offer comprehensive support for 3DS, seamlessly integrating the authentication process into the payment flow. When a consumer initiates a card payment, our system communicates with the issuing bank or card network to enable 3DS authentication. The consumer may be redirected to their card issuer's authentication page, where they provide additional verification, such as a one-time password (OTP) or biometric data.

With Paysafe Checkout, it's easy to configure 3DS settings with the click of a mouse button. You can choose to skip 3DS for all consumer transactions completely, or you can even set a certain limit to enforce 3DS authentication.

  • Skip 3DS (only available for non-EU regions).
  • Enable 3DS 2.0.

Skip 3DS

To skip 3DS authentication, contact the Integrations team - this option is only available for non-EU regions.

Steps in 3D Secure

3DS should be enabled for the card account and support schemes - the Integration Support team can assist you with this.

Setup

  1. Provide your Public API key.
  2. Provide the following parameters in the options object:
    • currency, amount, merchantRefNum, customer, threeDs.
    • paymentMethodDetails - mandatory, but can be sent as an empty object.
      With multiple accounts, provide accountId for the account you want to use to process the payment.
  3. Invoke a resultCallback function to capture the transaction details.
    To understand the payment handle status before taking the next action, invoke a closeCallback function (optional).
  4. Checkout tokenizes the information provided by the consumer and responds with a paymentHandleToken.
    • The payment is authorized following completion of the Payments API call.
    • The funds are transferred following completion of the settlement process.

Initialization of Checkout

     

 

Server-to-server calls

  1. Capture the amountpaymentHandleToken and transactionType from the result object in the resultCallback function.
  2. If transactionType is PAYMENT, call the Payments API.
  3. We send transaction and settlement details in the payments response, which you can use for reconciliation.
    • Make a note of the id returned in the payments response because it can be used for void authorization, settlement and refunds.

Payments code example: No consumer restriction

<html>

  <head>

    <script src="https://api.test.paysafe.com/checkout/v2/paysafe.checkout.min.js"></script>

  </head>

 

  <body>

    <button onclick="checkout()">Deposit</button>

  </body>

 

  <script>

    function checkout() {

      var API_key = "c3V0LTM0ODg2MDpCLXFhMi0wLTVkM2VjYjMwLTEtMzAyYzAyMTQyYTM3NjgxMmE2YzJhYzRlNmQxMjI4NTYwNGMwNDAwNGU2NWI1YzI4MDIxNDU1N2EyNGFiNTcxZTJhOWU2MDVlNWQzMjk3MjZjMmIzZWNjNjJkNWY=";

      options = {

        currency: "USD",

        amount: 540,

        merchantRefNum: "162938285366512",

        customer: {

          firstName: "Kumar",

          lastName: "Priyanshu",

          email: "priyanshukumar.0309@gmail.com",

        },

/*************************************3DS Object**********************************************/

  

               "threeDs": {

                          "merchantUrl": "https://api.qa.paysafe.com/checkout/v2/index.html#/desktop",

                          "deviceChannel": "BROWSER",

                          "messageCategory": "PAYMENT",

                          "authenticationPurpose": "PAYMENT_TRANSACTION",

                          "transactionIntent": "GOODS_OR_SERVICE_PURCHASE"

                          },          

  

/********************************************************************************************/        

        paymentMethodDetails: {

             card: {  accountId: 1001461040

                } 

        },

        "billingDetails": {

            "nickName": "John Doe",

            "street": "20735 Stevens Creek Blvd",

            "street2": "Montessori",

            "city" :"Los Angeles",

            "state": "CA",

            "country": "US",

            "zip": "90001"

        },

             

      };

 

      paysafe.checkout.setup(

        API_key,

        options,

        function resultCallback(instance, error, result) {

          if (result && result.paymentHandleToken) {

                   instance.showSuccessScreen( "Your goods are now purchased. Expect them to be delivered in next 5 business days.");

            if (instance.isOpen()) {

              instance.close();

            }

                                                                                                                        // make AJAX call to Payments API

          } else {

            console.error(error);                                                                                       // Handle the error

            instance.showFailureScreen( "The payment was declined. Please, try again with the same or another payment method.");

          }

        },

       function(stage, expired) {

                if (stage) {

                    switch (stage) {    

                        case "PAYMENT_HANDLE_NOT_CREATED" :

                        case "PAYMENT_HANDLE_CREATED" :

                        case "PAYMENT_HANDLE_REDIRECT" :

                        case "PAYMENT_HANDLE_PAYABLE" :             

                        default:

                    }

                }

                else {

                        console.log(expired)                    //Add action in case Checkout is expired 

                }

         }                                                                                                              

      );

    }

  </script>

</html>

3DS object parameters

Element Type Description
authenticationPurpose enum, Mandatory

The type of authentication request. This data element provides additional information to the ACS to determine the best approach for handling an authentication request.

Possible values are:

  • PAYMENT_TRANSACTION - refers to a one-time payment transaction where a cardholder is making a purchase using their credit or debit card. The transaction involves the transfer of funds from the cardholder's account to the merchant's account in exchange for goods or services.
  • RECURRING_TRANSACTION - a recurring transaction is one in which a cardholder authorizes a merchant to periodically charge their card for a service or product. These transactions occur at predetermined intervals, such as monthly or annually, without requiring the cardholder to provide their payment information every time.
  • INSTALMENT_TRANSACTION - an installment transaction involves splitting a larger purchase amount into multiple smaller payments, or installments, over a predefined period. This allows the cardholder to manage their expenses by paying for an item in manageable portions rather than all at once.
  • ADD_CARDMAINTAIN_CARD - refers to the process of adding a new card to a cardholder's account or managing the existing card details. It could involve updating card information, setting preferences, or performing other administrative tasks related to the cardholder's payment method.
  • EMV_TOKEN_VERIFICATION - EMV refers to Europay, Mastercard, and Visa, which are global standards for credit and debit card payments using chip technology. An EMV token is a unique digital representation of a card's information. EMV token verification involves validating the authenticity and validity of the token to ensure it can be used securely for transactions.
deviceChannel enum, Mandatory

The type of channel interface used to initiate the transaction.

Possible values are:

  • BROWSER
  • APP
merchantUrl string, Mandatory length =2048 The fully qualified URL of the merchant's commercial or consumer care website.
messageCategory enum, Mandatory

The category of the message for a specific use case.

Possible values are:

  • PAYMENT
  • NON_PAYMENT

For more information, see Perform a 3D secure 2 Authentication

Payment Handle status

Mastercard

ThreeDResult ECI CAVV Authentication Experience Liability (for disputed transaction or chargebacks) Recommended Action Payment Handle
A - Authentication attempted 1 Present Frictionless Card Issuer Proceed to card authorization Payable
N - Authentication failed 0 Not Present Challenge/ Frictionless Merchant Do not proceed with the transaction Failed
R - Authentication rejected 0 Not Present Frictionless Merchant Do not proceed with the transaction Failed
U - Authentication unavailable 0 Not Present Challenge/ Frictionless Merchant Do not proceed with the transaction Failed
Y - Authentication successful 2 Present Challenge/ Frictionless Card Issuer Proceed to card authorization Payable

Visa

ThreeDResult ECI CAVV Authentication Experience Liability (for disputed transaction or chargebacks) Recommended Action Payment Handle
Y - Authentication successful 5 Present Challenge/ Frictionless Card Issuer Proceed to card authorization Payable
A - Authentication attempted 6 Present Frictionless Card Issuer Proceed to card authorization Payable
N - Authentication failed 7 Not Present Challenge/ Frictionless Merchant Do not proceed with the transaction Failed
U - Authentication unavailable 7 Not Present Challenge/ Frictionless Merchant Do not proceed with the transaction Failed
R - Authentication rejected 7 Not Present Frictionless Merchant Do not proceed with the transaction Failed

Amex

ThreeDResult ECI CAVV Authentication Experience Liability (for disputed transaction or chargebacks) Recommended Action Payment Handle
Y - Authentication successful 5 Present Challenge/ Frictionless Card Issuer Proceed to card authorization Payable
A - Authentication attempted 6 Present Frictionless Card Issuer Proceed to card authorization Payable
N - Authentication failed 7 Not Present Challenge/ Frictionless Merchant Do not proceed with the transaction Failed
U - Authentication unavailable 7 Not Present Challenge/ Frictionless Merchant Do not proceed with the transaction Failed
R - Authentication rejected 7 Not Present Frictionless Merchant Do not proceed with the transaction Failed

3D Secure 2.0 test cards

Card Type 3DS 2.0 Test Cards threeDResult before challenge Status before challenge threeDResult after challenge Status after challenge
Visa 4000000000001026 A COMPLETED N/A N/A
4000000000001091 C PENDING Y COMPLETED
4000000000001109 C PENDING N COMPLETED
4000000000001117 C PENDING U COMPLETED
4000000000001067 Error N/A N/A N/A
4000000000001083 N/A FAILED N/A N/A
4000000000001018 N COMPLETED N/A N/A
4000000000001042 R COMPLETED N/A N/A
4000000000001059 U COMPLETED N/A N/A
4000000000001000 Y COMPLETED N/A N/A
Master Card 5200000000001021 A COMPLETED N/A N/A
5200000000001104 C PENDING N COMPLETED
5200000000001096 C PENDING Y COMPLETED
5200000000001112 C PENDING U COMPLETED
5200000000001062 Error N/A N/A N/A
5200000000001088 N/A FAILED N/A N/A
5200000000001013 N COMPLETED N/A N/A
5200000000001047 R COMPLETED N/A N/A
5200000000001039 U COMPLETED N/A N/A
5200000000001005 Y COMPLETED N/A N/A
American Express 340000000001023 A COMPLETED N/A N/A
340000000001098 C PENDING Y COMPLETED
340000000001106 C PENDING N COMPLETED
340000000001114 C PENDING U COMPLETED
340000000001064 Error N/A N/A N/A
340000000001080 N/A FAILED N/A N/A
340000000001015 N COMPLETED N/A N/A
340000000001049 R COMPLETED N/A N/A
340000000001031 U COMPLETED N/A N/A
340000000001007 Y COMPLETED N/A N/A

Error codes

For detailed 3DS error codes specific to cards, see 3D Secure 2 Errors.

On this Page