Unlike other sections on this portal, this is NOT a standalone solution. It is newly added functionality to an existing Gateway guide which is available on request from us. You will likely have been referred to this online guide from that document.
It is therefore assumed that you already have account details and are familiar with sending authenticated requests to our existing Gateway Endpoints. If you are not, please refer to the appropriate section of your PDF guide.
3DS is a form of Payer Authentication; Your merchants can use it as part of their Ecommerce solution to authenticate the cardholder. This allows the merchant to shift the liability for any fraudulent transactions away from them, to the Card Issuer. Historically, this has always been an optional step during an Ecommerce transaction flow. As part of the EU Revised Directive on Payment Services however, payment service providers need to use Strong Customer Authentication as part of these transactions.
Transactions processed as Ecommerce which do not use the new 3DS2 specification are likely to see a significant reduction in approvals.
Payer Authentication transaction flow – high level
Both 3DS v1 and v2 take place prior to the actual authorisation process. You should consider at each point whether the next step is required or not, based on the results from your request. E.g. There is usually little point in requesting payment authorisation if your Payer Authentication has been rejected. You can still attempt Authorisation, but without Authentication you should expect a very low approval rate, approaching zero.
This document only covers the process of Payer Authentication. Authorisation and Settlement are detailed in the existing PDF Gateway Integration Guide as the changes to these processes are minimal between 3DS v1 and 3DS v2.
This online guide covers 3DS v2 ONLY.
3DS v1 is covered in the separate guide too. The 3DS v2 process can fall back to v1 if required by the issuer. As noted above however, 3DS v1 is being phased out.