3D secure
Authorisation/Debit with 3DS 2 Data
Merchants have the choice of doing 3D secure authentication directly with the 3DS Vendor ("MPI") or via the iVeri Gateway. In any event, when the authentication process is completed successfully, the merchant can POST the payment instruction to the iVeri Gateway with the authentication data using the SOAP or REST webservice.
Debit/Authorisation Payment Parameters
The applicable set of 3DS 2 parameters are expected in the Authorisation/Debit message are as follows
|
Parameter |
Description |
|
CardHolderAuthenticationID |
Mandatory for 3DS 1 and 2: Commonly known as an XID: Unique identifier generated during the 3D secure process |
|
CardHolderAuthenticationData |
Mandatory for 3DS 1 and 2: Commonly known as UCAF -(universal cardholder authentication field) for Mastercard or CAVV( cardholder authentication verification value), generated on completion of the authentication between cardholder and card issuer |
|
ElectronicCommerceIndicator |
Mandatory for 3DS 1 and 2: Commonly known as “ECI”: Indicates if the cardholder was fully authenticated, attempted or not. Possible values: ThreeDSecure (ECI “05”, “02”), ThreeDSecureAttempted (“ECI “06” or “01”) or SecureChannel (ECI “07”) |
|
ThreeDSecure_VEResEnrolled |
Optional: Possible values: Y|N|U - Indicates if the card is enrolled. |
|
ThreeDSecure_RequestID |
Optional: Unique identifier returned by the Gateway on completion of the 3D secure authentication process |
|
New 3D Secure 2 Parameters |
|
|
ThreeDSecure_AuthenticationType |
Optional: Possible values( not limited to) "01", "02", "03". Must be as generated on completion of the 3D secure authentication process. indicates the method of authentication used. |
|
ThreeDSecure_ProtocolVersion |
Mandatory: Indicates the version of 3D secure used |
|
ThreeDSecure_DSTransID |
Mandatory: Directory Server Transaction ID returned on completion of the 3D secure authentication process |
|
|
|
Webservice Service Payment Samples
For submission of transactions to the Gateway the merchant can post to the existing Portal URL's . The Portal URL's are listed in the REST and SOAP sections by acquiring bank. As a note, the submission of the Debit/Authorisation message assumes the following:
- 3DS 2 authentication was a success.
- The merchant is making use of the test application ID with mode "Test" for integration testing
REST Webservice |
SOAP Webservice |
|
Format: JSON Transaction Endpoint - https://[portal domain]/api/transactions
{ "Version": "2.0", "CertificateID": "{4c96973f-71dd-4044-802d-6e234effe8f2}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Transaction": { "ApplicationID": "{ca8a6eae-a469-4b39-bef3-aa029ca3a806}", "Command": "Debit", "Mode": "Test", "Amount": "1500", "ExpiryDate": "0123", "MerchantReference": "3DS2:20210920.004", "Currency": "ZAR", "PAN": "4069425217889137", "ThreeDSecure_ProtocolVersion": "2.1.0", "CardHolderAuthenticationID": "xVyRZy0bYuN69j1pZi/zlmC68Vw=", "CardHolderAuthenticationData": "AJkBCWhygQAAAAEDhXKBAAAAAAA=", "ElectronicCommerceIndicator": "ThreeDSecure", "ThreeDSecure_DSTransID": "2e962032-0499-4fb6-9cf3-e640ceebeb63", "ThreeDSecure_AuthenticationType": "01" "ThreeDSecure_VEResEnrolled": "Y" } }
|
Format: XML Transaction Endpoint - https://[portal domain] /iVeriWebservice/Service.asmx
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request><V_XML Version="2.0" CertificateID="b2fd980c-f61a-473e-a685-5e8d38595d84" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Transaction ApplicationID="66bc5003-88dd-4cd5-9b27-2b5cdb7a8b73" Command="Debit" Mode="Test"> <MerchantTrace>9AE2405C07E7227568BEEE5A58E890</MerchantTrace> <Amount>2000</Amount> <Currency>ZAR</Currency> <ExpiryDate>012023</ExpiryDate> <MerchantReference>3DS2:202112.002</MerchantReference> <CardSecurityCode>123</CardSecurityCode> <PAN>4069425217889137</PAN> <ElectronicCommerceIndicator>ThreeDSecure</ElectronicCommerceIndicator> <CardHolderAuthenticationID>nhkWtFs6DlxCbpAyOFmjjxTtZOc=</CardHolderAuthenticationID> <CardHolderAuthenticationData>AJkBCIZ1CQAAAAfQcQADdISCkYQ=</CardHolderAuthenticationData> <ThreeDSecure_ProtocolVersion>2.1.0</ThreeDSecure_ProtocolVersion> <ThreeDSecure_DSTransID>c43c9d4a-3461-46e9-be29-3c7a0e033e11</ThreeDSecure_DSTransID> <ThreeDSecure_AuthenticationType>01</ThreeDSecure_AuthenticationType> <ThreeDSecure_VEResEnrolled>Y</ThreeDSecure_VEResEnrolled> </Transaction> </V_XML> </request> </Execute> </soap:Body> </soap:Envelope> |
|
Response:
{ "Version": "2.0", "CertificateID": "{4c96973f-71dd-4044-802d-6e234effe8f2}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Transaction": { "ApplicationID": "{ca8a6eae-a469-4b39-bef3-aa029ca3a806}", "Command": "Debit", "Mode": "Test", "Amount": "1500", "ExpiryDate": "0123", "MerchantReference": "3DS2:20210920.004", "Currency": "ZAR", "PAN": "4069425217889137", "ThreeDSecure_ProtocolVersion": "2.1.0", "CardHolderAuthenticationID": "xVyRZy0bYuN69j1pZi/zlmC68Vw=", "CardHolderAuthenticationData": "AJkBCWhygQAAAAEDhXKBAAAAAAA=", "ElectronicCommerceIndicator": "ThreeDSecure", "ThreeDSecure_DSTransID": "2e962032-0499-4fb6-9cf3-e640ceebeb63", "ThreeDSecure_AuthenticationType": "01" "ThreeDSecure_VEResEnrolled": "Y" } }
|
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <ExecuteResponse xmlns="http://iveri.com/"> <ExecuteResult><V_XML Version="2.0" Direction="Response"> <Transaction ApplicationID="{66BC5003-88DD-4CD5-9B27-2B5CDB7A8B73}" Command="Debit" Mode="Test" RequestID="{AF5214BF-878E-4691-A124-96E0748CF062}"> <Result Status="0" Code="0" Description="" AppServer="QAGW2012APP1" DBServer="QAGW2012DB2" Gateway="QA" AcquirerCode="00" AcquirerDescription="" /> <MerchantTrace>9AE2405C07E7227568BEEE5A58E890</MerchantTrace> <Amount>2000</Amount> <AuthorisationCode>315669</AuthorisationCode> <CCNumber>4069........9137</CCNumber> <Currency>ZAR</Currency> <ElectronicCommerceIndicator>ThreeDSecure</ElectronicCommerceIndicator> <ExpiryDate>012023</ExpiryDate> <MerchantReference>3DS2:202112.002</MerchantReference> <Terminal>Default</Terminal> <TransactionIndex>{F9401D94-4CA7-46EF-A007-9883950A80D3}</TransactionIndex> <MerchantName>iVeri Payment Technology</MerchantName> <MerchantUSN>7771777</MerchantUSN> <Acquirer>NBPostilionNBSouthAfrica</Acquirer> <AcquirerReference>81774:09170322</AcquirerReference> <AcquirerDate>20220103</AcquirerDate> <AcquirerTime>154109</AcquirerTime> <DisplayAmount>R 20.00</DisplayAmount> <BIN>4</BIN> <Association>VISA</Association> <CardType>Unknown Card Type</CardType> <Issuer>Unknown Issuer</Issuer> <Jurisdiction>International</Jurisdiction> <PAN>4069........9137</PAN> <PANMode>Keyed,CVV</PANMode> <ReconReference>09170322</ReconReference> <CardHolderPresence>CardNotPresent,eCommerce,ThreeDSecure</CardHolderPresence> <MerchantAddress>MERCHANT ADDRESS</MerchantAddress> <MerchantCity>Sandton</MerchantCity> <MerchantCountryCode>ZA</MerchantCountryCode> <MerchantCountry>South Africa</MerchantCountry> <DistributorName>Nedbank</DistributorName> </Transaction> </V_XML></ExecuteResult> </ExecuteResponse> </soap:Body> </soap:Envelope>
|
|
|
|