3DS Challenge Response
This endpoint handles the 3D Secure challenge step, allowing the cardholder to complete any additional authentication required and returning the final authentication result.
Making a Request
The call should be made using the POST method.
POST/v1/card_payments/threeds_challenge_resultRequest Fields
| Field | Type | Description | Required |
|---|---|---|---|
authentication_transaction_id | string | transactionId received via webhook sent by the issuer | Yes |
request_id | string | Request ID received in the setup | Yes |
HTTP Request Body
{
"authentication_transaction_id": "wIUn1fbxiVYgivema352",
"request_id": "C2E689A9CCF9454881A77FD84D600FD320251023112352722"
}
Response Fields
| Field | Type | Description |
|---|---|---|
code | string | Response code of the transaction result. |
msg | string | The cardholder authentication value for the 3D Secure authentication session. |
cavv | string | The cardholder authentication value for the 3D Secure authentication session. |
xid | string | The transaction identifier assigned by the Directory Server for authentication. Only used for Visa transactions. |
specification_version | string | The 3DS version used for authentication. |
directory_server_transaction_id | string | The directory server transaction ID is generated by the directory server during authentication. |
three_ds_server_transaction_id | string | The threeDS server transaction ID is generated by the directory server during authentication. |
Success
After the call, a JSON is returned with status 200.
HTTP 200 Response Body - Example
{
"code": "WDtw66nc9Bk1vMEHoMT0",
"msg": "42C46CD74D1845D698107DAAD84875DF20240220153054822",
"cavv": "AJkBBkhgQQAAAE4gSEJydQAAAAA=",
"xid": "AJkBBkhgQQAAAE4gSEJydQAAAAA=",
"specification_version": "2.1.0",
"directory_server_transaction_id": "fb0deacf-2885-4dd7-a4d4-bedcf9ff52ba",
"three_ds_server_transaction_id": "7606430740976386303814"
}
Errors
In case of errors, a JSON will be returned with the error attribute specifying the reason why the operation was invalidated.
HTTP 400 Response Body - Example
{
"errors": [
{
"code": "MSG_NOT_SUPPORTED",
"msg": "Not supported"
}
],
"request_token": "EE4F8B5BC25A46B080F11D34B9CFAFFF",
"multiacq_id": "001"
}
HTTP 422 Response Body - Example
{
"errors": [
{
"code": "INVALID_INPUT_CARD_METHOD",
"msg": "request must include only slugToken, slugStoredCard, or card data. Please refer to the documentation."
}
],
"request_token": "7C2E9D3869F34F3CA5CC2C5CFAB4B6E2",
"transaction_status": "REJECTED",
"multiacq_id": "001"
}