search
Github

3D Secure Payment

3D Payment (3D Secure) is a two-step payment process that ensures the cardholder is verified by the bank in card-based online payments. In transactions made with this method, the payment is finalized after user verification is obtained through the bank's 3D Secure infrastructure.

3D Payment process is not completed with only the payment initiation step. After the user completes the verification step at the bank, the transaction result must also be verified and the payment must be concluded as successful or unsuccessful.

hashtag
3D Payment Process

3D Payment consists of the following two main steps:

  1. 3D Payment Initiation (Init3d)

  2. 3D Payment Completion (Auth3d)

Both steps must be implemented completely.

hashtag
1. 3D Payment Initiation (Init3d)

In this step, the merchant sends a 3D payment initiation request along with card information and transaction details.

  • The API returns Base64 encoded 3D content to redirect to the bank.

  • This content is decoded and rendered in the user's browser

  • The user is redirected to the bank's 3D Secure verification screen

At this stage the payment is not yet considered completed.

hashtag
3D Verification and User Action

On the bank's 3D Secure screen, the user:

  • via methods such as SMS / mobile app / bank verification

  • approves or rejects the transaction

This action takes place within the bank's infrastructure.

hashtag
2. 3D Payment Completion (Auth3d)

After the user completes the 3D verification step, the bank:

  • sends the transaction result

  • the success or failure status information

to the merchant's returnUrl defined in the Init3d step, or failUrl address as a Request.

The merchant uses this incoming Request content to:

  • make a final call to the Auth3d endpoint

  • Systemically finalize the transaction as successful or failed

The payment process is not considered closed until this step is completed.

hashtag
Result Notification and Timing

  • The bank's callback usually occurs within ~1 minute depending on the user action after the user action

  • The data received at the Return / Fail URL must be validated and used in the Auth3d call

  • The final payment result is determined by the Auth3d response

hashtag
Relevant Endpoints

The endpoints used in the 3D Payment process:

  • 3D Payment Initiation: POST /v1/Payment/Init3d

  • 3D Payment Completion: POST /v1/Payment/Auth3d

The request and response details for these endpoints are explained in the sections below.

PreviousNon-3DS PaymentNextInitiate 3D Payment

Last updated