Validate a 3D Secure Authentication Result
POST /threedsecure/v1/accounts/account_id/enrollmentchecks/enrollment_id/authentications
Once you have retrieved the PaRes from the ACS server, you will need to validate the response with the authentications endpoint in order to verify and extract the values required to proceed with the card authorization. Use the PaRes value returned from the ACS server to populate the paRes for the request to the authentications endpoint.
curl -X POST https://api.test.paysafe.com/threedsecure/v1/accounts/89987201/enrollmentchecks/5da985f9-8671-4048-ab85-856be2885ce3/authentications \
-u devcentre322:B-qa2-0-53625f86-302c021476f52bdc9deab7aea876bb28762e62f92fc671e2d0214736abf501e9675e55940e83ef77f5c304edc7968 \
-H 'Content-type: application/json' \
-d '{
"merchantRefNum": "merchantABC-123-authentications",
"paRes": "eJzNWFeT4kgS/isTvY8dPXIIs0GzUbJIIIGE/MuGHDLIgAwyv/4KmOlhZzsu9m7u4XihlKT5Miu/rBLLP/o8+3INqzopi/cX7Cv68iUs/DJIiuj9Rde4t/nLH6ulFldhyBxCv63C1VIK69qNwi9J8P5SnQb0K/oV+/OavwXh9c1t3lD8T2yCzQkUnSyIPwmcWEwJKEFfVss9UMP6bvfbfflNb4rjb9PJhIAa36CsIJKv+BL5ghjVn7sFs1q6foXSpBXkwW+QNEl8u1xmYeVwKymc2y+mEDDx+MS+WG3b2+rGuLvk2AV5Gjj8Aa+NTl0q4FBswfRkIIadOB9idw0loHbhCschRhxDPuC4b/j2O8EsUTu8uX55g7kZQt9kzg6XSLPkiWsVAULOazmOPzp42kZ9ueyCKEGxPixXiIwJ3dYoU+fcgpQULfULrUrNWySfJPQd3ly7pxm7Ze2Uvk22rpu9frSkpBZONx7OdcGvDGIPBY5hNy7OA6TPausgz9ZIXCSLfvuxXIorJKmjhfYQ+dH4IlcoOC3LdwtTwkUQGDVeEX2EtF/f4SN835dwTpuu5rR3wtqwjBYSIIukCgQlAn0W8vD6swEIpj+R+Z0W5RFonvZsnoNrAzpLCJy+DLB7bP3GjqzROGqCz9Bl29+dikeLtJUAIjoU/kc6dPmf2TKD+DrWr3rY5d7BbgJ0erpRoew1tHhF90VYBswPDZfDa9gWGSKKyb/ybg92DPHr77M9ysDVdbbIw1ufXEoNv34sXw5nkyL0wCS4T373YPzSXygfAb/MdePdXkoRhFzNFDw8iRD73TDQ2eoaXPCBvzYjGZLrXqJJr5pIKOWNPkZuavdwvaJhb1JT/yrS3xphLEeECoUjw9z3IebQl8bOX2gFrScV1dFXMQB7JuvFQmR0bF06gbmTUStjNPjASKcfwJf6Ar6frqekeOPWE8taHYnmJTN82EYcRMX6ubk+rF0en9aR++ZbkJh0dWFokuGLdxHys6rJrkCBsCEl0SBNocaRr4Ck0rjLtWDK3RWQ8dgUxFp0t8SvhFh1JA0TnAUKOk+h2n2IyhKALbkYxtYomfZycHN0aXzwZHYw8SBXiA6SzVS6KCc41diGeHDzJJlTr2Ycuw3bmxzeDqDdjgwVEnqaBjovtvW7YLdo6l0rZJTiSl7uiHDc924lpJWUUCk7t/OpbWWm6gSs61IQNCrkN7aQS9xJx6OdVHKQ3cm0zW/iqT1mzPjcCgItmgQKQxJzn2THFwTbVwLLl0LRFiFToW3OOu2S57ylPvWQ3sH7aSRvMYnDOL69aU41/PgaaKv9Wd5QDYUakCusg+0ZHNgnJu7QhdqB26m5GRk6W+peSL2jcnaoWc0nazd9CUmeHjJLBM4gqQox+LdqblknydFK+zM1qfOOM1Mr10MWj5+WAJFoNfNoK/LnZZ8rrvB8nGZLQZDwHhi3wkV+e1YmpyPENDRt9tzjRaLMJqhuAennIHUIUorXNyJ7PhIfNjKbluLUHLFo5OA1hFoH3SSzCnSKH3V9IFZ5VNB2TCzpP5VNmYnlcmxhSj5ouoBNtFzgrnTSik05LR5TS0y4QPOU+fyXlLzCp+I+sKPzlQVDQoa8Pt0pD3GeN1I0f6nmOsHeOcvGivkTE3z19N4G0u+njc6CqN9EosvV6McTzRSusXsSmn1qiUeo0aXM8xqr2r5gtY6X5y2KAMeIcE+5k9n9LJ0m50siGd6KEZ1cScGlj+WQkYSJBfohPbMd13OsXf6ZTa2lN79c/txW4lcHr4iiVaRYWeZW77cGvlUqNQMgtYMfaKqFvHvixpUidpgJQ0G5NGgTDvMv2vspTCfi0HvWM/cug/cvD4LPMK5Qlf/Yyvp0cgPuS2Bk4B/US9zV+oJ/BHCaA8fbjwB8EjGIW91R7A8sgA0i1RNrANmYMRkIEaB3uvKksxK17Xw8W35RqzGkUe1Gw3mgIIcfpMTIxu3oITzix8zuTHwB05Cw+ux9xr6IKst5bNhIdyMtlbxmnWS/QsPxoGwWZBsSHVpDJcV9JthprFPrHfiVEmy0eiJFvC7cnjMZ8hbI1F25idbgpsa2SUm18DBhTFwesH2IYLUhEYoADq55yoR04UoA+Ha1231XBBCFAG+amd5Q1uXucxZJSwH+OjPey5UjQa3o13cdRTY2Aag5zH0YgmctFp9FE6Yheq1BogJRE/GMze5XQghMqVz8e+BSji5PtKrCTct+CxQvWUfMmHw2lbC9vDdjppzyi2u/L1Nj/n6lraUWdenG7gmXx6LZnjOtA2ylaiLvI/oxOzv9Hp4kagE+CwFkSwt4QddxKFqyB/VgZpLf3adB+B+jHd82/T3RKvHvE/aEdqYjEaO0qw2Xcai8uaNMhYeZNhP8k6f2QtidIfNKak3TNtfDw++znEmgLlEdfXaP0pT43VJIq928Kzb+OZXOHh88bPF7Cffn08RM68YxRb3JSOEF99GdxrD2DKKICUE0EJW3HHB9Q0JengoDuFtzatrBh97HKNPOPoafwlETqrf12nzGKSn0/6qEzJhWlT1fEcLuwT0RxxvipTcXA8nkD7tDwHhWdua48eZxd7kXPJayx0G2LGJVJ+Lhw4zrlLAQ6zKWcMexe57myJblNk99pvnXQy7MweaeE5wIOzMsvO7p44b4lpg9o0B98f4IACfBoFMLdA79a3caaiO4qyWY5mlIvfLJLOT7q2rzaCfi5doTkhhQpzzW71WR8kNnJQWJcL+Hf6pRWeAu3/+BYl/Myv7qYTsJ3CSQAiOv5t37nHvrOQNORhjmyG4xgHiD+g3d70OtEiHUcuUXLi0IV+TMRxTSKv/jEtw3FmmLldTINhPyPrXIh2ypQxiDWSwestJoi1dRpBW5d0uzPwmDuk4/RUDlQIdiPn4EWFddkoGjk+irns04OF+T2uVGzfY666bfVdfe4rfsJbmeM3XIXeXgoOsqiXIyp9dpIjP+7IyMe9+ceN+v6uff9f4PZ6+Px/wb8AnfVotg=="
}'
Prior to trying the example, you should:
- Replace the account number (89987201) in the URL with the test account number you received.
- Replace the enrollment ID (5da985f9-8671-4048-ab85-856be2885ce3) in the URL with the ID returned for the enrollment lookup request.
The request contains the following parameters.
Element | Type | Required? | Description |
---|---|---|---|
merchantRefNum | string length<=255 | Yes | This is the merchant reference number created by the merchant and submitted as part of the request. It must be unique for each request. |
paRes | string length<=65536 | Yes | This is the Payment Authentication Response that is returned from the Issuer ACS software following customer authentication. It is an encoded response and its digital signature will be verified through Paysafe to ensure that it was generated by a legitimate Issuer. |
This will result in a response with the following structure:
{
"threeDResult": "Y",
"txnTime": "2014-12-11T12:26:52Z",
"cavv": "MjAgY2hhcmFjdGVyIG1lc3NhZ2U=",
"signatureStatus": "Y",
"status": "COMPLETED",
"merchantRefNum": "merchantABC-123-authentications",
"xid": "dm0tZGV2LWF0LTAyTYyJVMdsAwA=",
"eci": 5,
"id": "caed792d-e424-46da-ad96-fdb4ef488009",
"links": [{
"rel": "self",
"href": "https://api.test.paysafe.com/threedsecure/v1/accounts/89996498/authentications/caed792d-e424-46da-ad96-fdb4ef488009"
}]
}
Once you have received a COMPLETED status, you can pass the value for the threeDEnrollment parameter from the enrollment lookup request and the values for cavv, xid, signatureStatus, threeDResult, and eci parameters from the authentication request in the Card Payments API request to authorize a 3D Secure card transaction.
The response parameters not contained in the request are described below:
Element | Type | Description |
---|---|---|
threeDResult | enum | This indicates the outcome of the Authentication. Possible values are:
See 3D Secure Results for more information on these Authentication outcome values. |
txnTime | string UTC date format | This is the date and time the request was processed. |
cavv | string length<=80 | This is the Cardholder Authentication Verification Value, indicating that the transaction has been authenticated. |
signatureStatus | enum | This is the 3D Secure signature verification result value. Possible values are:
|
status | enum | This is the status of the Authentication request. Possible values are:
|
xid | string length<=40 | This is the transaction identifier returned by the card issuer. |
eci | integer | This is the e-commerce indicator. Note this value does not have a preceding zero unlike the value in the 3DS standard. |
id | string length<=36 | This is the unique ID returned in the response. |
links | array of link objects | This array contains a single self link object which can be used to fetch details about this authorization response at any time. |