Deposits with 3DS Authentication | D24 Technical Documentation

Last updated 10 months ago

Was this helpful?

#864: SDK Without User interface explanation

Change request updated 8 months ago

We may require a 3DS Authentication to deposits performed with Cards. Here you will find information about how to handle the payment flow and user experience towards the end-users.

We offer different ways of approaching payment flows, depending on the integration:

For PCI Integrations:
- Redirect flow. Merchants can opt to display the authentication_url with our 3DS validations. This flow will remain the deposit in PENDING status while the user is being authenticated. Right after that the transaction will be processed.
- Third-party 3DS. Merchants can opt to send the three_domain_secure[] object with their third-party 3DS authentication results and having the transaction processed synchronously.
For non-PCI integrations, we take care of the 3DS authentication in the Credit Card checkout.

Redirect flow

The Deposits that are subject to the 3DS Authentication flow, will receive as Response of the a payment_info.result with value PENDING_AUTHENTICATION.

Deposits that are not subject to 3DS Authentication are synchronically approved or rejected with payment_info.result with values SUCCESS and REJECTED.

Example response

{ 
  "deposit_id": 300854027,
  "merchant_invoice_id": "postmanTest488131304", 
  "payment_info": { 
    "type": "CREDIT_CARD", 
    "result": "PENDING_AUTHENTICATION", 
    "reason": "Require 3DS Authentication", 
    "reason_code": "PENDING_AUTHENTICATION", 
    "payment_method": "VI", 
    "payment_method_name": "Visa", 
    "created_at": "2023-10-19 16:57:55", 
    "authentication_url": "https://checkout.cc-stg.directa24.net/authentication/MM15BgQjHVjGEpQLCYZQ1dBoMOcJuDAc" 
  } 
}

`authentication_url`

This parameter contains a URL with the 3DS Authentication challenge to be displayed to the end-user. In order to do so, you can:

Open the `authentication_url` within an iframe

The challenge can be displayed within an iframe in the case you want to keep the user on the same webpage.

The iframe can be opened with a JavaScript method EventListener that will communicate whenever the iframe can be closed and the result of the transaction.

JavaScript Method

window.addEventListener('message', handler);

Additionally the EventListener will include whether the transaction was successful or error within the payment_result object.

{
  "payment_result": "success"
}

{
  "payment_result": "error"
}

Redirect the user into a new tab

The authentication_url can also be opened in a new tab to the end-user. In case of opting for this flow, please make sure of including the following parameters in the Deposit request:

Notification

Third-party 3DS

It is possible to create a deposit submitting information from a third-party 3DS provider!

`three_domain_secure[]` Object

"three_domain_secure":{
      "cavv": "3q4+33t+ur5erb7vyv53vv\/\/\/\/9=",
      "eci": "05",
      "transaction_id": "HMUzFWRzOTcwOKG7PzY3Rw==",
      "specification_version": "2.0.0"
      }

Allowed ECI codes for Third Party 3DS flow, are:

01 and 02 for Mastercard
05 and 06 for Visa and Amex.

Example PCI Deposit Creation request with third-party 3DS

{
    "invoice_id": "800000001",
    "amount": 1000,
    "country": "BR",
    "currency": "BRL",
    "payer": {
        "id": "11111",
        "document": "84932568207",
        "document_type": "CPF",
        "email": "johnSmith12@hotmail.com",
        "first_name": "John",
        "last_name": "Smith",
        "phone": "+233852662222",
        "birth_date": "19880910",
        "address": {
            "street": "Calle 13",
            "city": "bahia",
            "state": "SP",
            "zip_code": "12345-678"
        }
    },
    "credit_card": {
        "cvv": "123",
        "card_number": "4111111111111111",
        "expiration_month": "10",
        "expiration_year": "25",
        "holder_name": "JOHN SMITH"
    },
    "three_domain_secure":{
      "cavv": "AJkBARglcgAAAAPohABHdQAAAAA=",
      "eci": "05",
      "transaction_id": "7e76d057-100a-4d0d-9683-5eb0ce0ee3a4",
      "specification_version": "2.0.0"
      },
    "description": "Test transaction",
    "client_ip": "123.123.123.123",
    "device_id": "knakvuejffkiebyab",
    "fee_on_payer": false
}

Last updated 10 months ago

Was this helpful?

We may require a 3DS Authentication to deposits performed with Cards. Here you will find information about how to handle the payment flow and user experience towards the end-users.

We offer different ways of approaching payment flows, depending on the integration:

For PCI Integrations:
- Redirect flow. Merchants can opt to display the authentication_url with our 3DS validations. This flow will remain the deposit in PENDING status while the user is being authenticated. Right after that the transaction will be processed.
- Third-party 3DS. Merchants can opt to send the three_domain_secure[] object with their third-party 3DS authentication results and having the transaction processed synchronously.
For non-PCI integrations, we take care of the 3DS authentication in the Credit Card checkout.

Redirect flow

The Deposits that are subject to the 3DS Authentication flow, will receive as Response of the a payment_info.result with value PENDING_AUTHENTICATION.

Deposits that are not subject to 3DS Authentication are synchronically approved or rejected with payment_info.result with values SUCCESS and REJECTED.

Example response

{ 
  "deposit_id": 300854027,
  "merchant_invoice_id": "postmanTest488131304", 
  "payment_info": { 
    "type": "CREDIT_CARD", 
    "result": "PENDING_AUTHENTICATION", 
    "reason": "Require 3DS Authentication", 
    "reason_code": "PENDING_AUTHENTICATION", 
    "payment_method": "VI", 
    "payment_method_name": "Visa", 
    "created_at": "2023-10-19 16:57:55", 
    "authentication_url": "https://checkout.cc-stg.directa24.net/authentication/MM15BgQjHVjGEpQLCYZQ1dBoMOcJuDAc" 
  } 
}

`authentication_url`

This parameter contains a URL with the 3DS Authentication challenge to be displayed to the end-user. In order to do so, you can:

Open the `authentication_url` within an iframe

The challenge can be displayed within an iframe in the case you want to keep the user on the same webpage.

The iframe can be opened with a JavaScript method EventListener that will communicate whenever the iframe can be closed and the result of the transaction.

JavaScript Method

window.addEventListener('message', handler);

Additionally the EventListener will include whether the transaction was successful or error within the payment_result object.

{
  "payment_result": "success"
}

{
  "payment_result": "error"
}

Redirect the user into a new tab

The authentication_url can also be opened in a new tab to the end-user. In case of opting for this flow, please make sure of including the following parameters in the Deposit request:

Parameter

Format

Description

Notification

After the authentication and payment processing, a webhook will be sent in order to check the and retrieve the status of the transaction. Please check the hyperlinks of this Documentation specific pages for more details.

Third-party 3DS

Please check regional availability with your account manager as not all countries may scope this functionality

It is possible to create a deposit submitting information from a third-party 3DS provider!

In order to do so, you need to include the three_domain_secure[] Object in the .

`three_domain_secure[]` Object

"three_domain_secure":{
      "cavv": "3q4+33t+ur5erb7vyv53vv\/\/\/\/9=",
      "eci": "05",
      "transaction_id": "HMUzFWRzOTcwOKG7PzY3Rw==",
      "specification_version": "2.0.0"
      }

Field

Format

Description

Allowed ECI codes for Third Party 3DS flow, are:

01 and 02 for Mastercard
05 and 06 for Visa and Amex.

Example PCI Deposit Creation request with third-party 3DS

{
    "invoice_id": "800000001",
    "amount": 1000,
    "country": "BR",
    "currency": "BRL",
    "payer": {
        "id": "11111",
        "document": "84932568207",
        "document_type": "CPF",
        "email": "johnSmith12@hotmail.com",
        "first_name": "John",
        "last_name": "Smith",
        "phone": "+233852662222",
        "birth_date": "19880910",
        "address": {
            "street": "Calle 13",
            "city": "bahia",
            "state": "SP",
            "zip_code": "12345-678"
        }
    },
    "credit_card": {
        "cvv": "123",
        "card_number": "4111111111111111",
        "expiration_month": "10",
        "expiration_year": "25",
        "holder_name": "JOHN SMITH"
    },
    "three_domain_secure":{
      "cavv": "AJkBARglcgAAAAPohABHdQAAAAA=",
      "eci": "05",
      "transaction_id": "7e76d057-100a-4d0d-9683-5eb0ce0ee3a4",
      "specification_version": "2.0.0"
      },
    "description": "Test transaction",
    "client_ip": "123.123.123.123",
    "device_id": "knakvuejffkiebyab",
    "fee_on_payer": false
}

Redirect flow

Example response

authentication_url

Open the authentication_url within an iframe

Redirect the user into a new tab

Notification

Third-party 3DS

three_domain_secure[] Object

Example PCI Deposit Creation request with third-party 3DS

Redirect flow

Example response

authentication_url

Open the authentication_url within an iframe

Redirect the user into a new tab

Notification

Third-party 3DS

three_domain_secure[] Object

Example PCI Deposit Creation request with third-party 3DS

`authentication_url`

Open the `authentication_url` within an iframe

`three_domain_secure[]` Object

`authentication_url`

Open the `authentication_url` within an iframe

`three_domain_secure[]` Object