Card 3DS challenge

When an online transaction is initiated, an additional authentication step may be required to verify the cardholder's identity. This security process, known as 3-D Secure (3DS) authentication, helps ensure that the transaction is legitimate.

If triggered, a 3DS challenge will be sent based on the card's configuration. The delivery method (SMS or webhook) is determined by the preference settings in 3DS Configuration endpoint.

Webhook Challenge Payload

When webhook delivery is configured, your endpoint will receive a JSON payload similar to:

 
{
  "product": "CARDS",
  "event_type": "NOTIFICATION_3DS_AUTHORIZATION",
  "operation_id": "254725c4-70d6-4527-8f5a-fbb324ef77d9",
  "status": "PENDING",
  "data": {
    "merchant_name": "Sephora Digital",
    "merchant_country_code": "840",
    "transaction_amount": "100.2",
    "transaction_currency": "840",
    "transaction_timestamp": "2023-07-26T09:13:01.748Z",
    "card_id": "ivZPARvNBLOSZx69q4DCBBGUfVhCMsLw",
    "code": "254725c4-70d6-4527-8f5a-fbb324ef77d9"
  }
}

Challenge Response Endpoint

To complete the authentication process, you must use the 3DS authentication response endpoint.