Search docs

Are you looking for test card numbers?

Would you like to contact support?

Start searching Adyen's documentation...

  Documentation

Authorise a payment with 3D Secure 2 authenticated data

Learn how you can submit a payment authorisation with Adyen, using authentication data from a third-party 3D Secure 2 provider.

This page describes passing authentication data in a API request. If you are using a classic integration, see 3D Secure 2 Classic integration.

Before you begin

Before you can start accepting 3D Secure 2 authenticated transactions on browsers or in-app, make sure that you:

  1. Sign up for an Adyen test account at https://www.adyen.com/signup
  2. Get your API Key. Save a copy as you'll need it for API calls you make to the Adyen payments platform.

Get authentication data

Get the following data from your 3D Secure 2 provider. You will need these values when submitting a payment authorisation request to Adyen.

  • transStatus from the Authentication Response (ARes) sent by the issuer. The ARes indicates if the cardholder has been authenticated or if the issuer requires further interaction to complete the authentication. 
  • transStatus from the Results Request (RReq) sent by the ACS to the 3DS Server after a challenge flow is completed. The RReq indicates the result of the authentication.
  • authenticationValue: The value for the 3D Secure 2.0 authentication session. The returned value is a Base64-encoded 20-byte array.
  • dsTransID: The unique transaction identifier assigned by the DS to identify a single transaction.
  • eci: The electronic commerce indicator.
  • messageVersion: The value should be 2.1.0.

Send a payment authorisation request with 3D Secure 2 authentication data

 Make a POST /payments request and include mpiData and additionalData objects. 

  • mpiData: Object that contains the authenticated data.

    • directoryResponse: The transStatus from the ARes, sent by the issuer after the device fingerprinting process.
    • authenticationResponse: The transStatus from the RReq sent by the ACS to the 3DS Server after a challenge flow is completed. If the transaction was authenticated in a frictionless flow, send the transStatus from the ARes.
    • cavv: The authenticationValue from your 3D Secure 2 provider.
    • dsTransID: The unique transaction identifier assigned by the DS to identify a single transaction.
    • eci: The electronic commerce indicator.
    • threeDSVersion: The value should be 2.1.0.
  • additionalData: Object that contains the acquirer information.

    • acquirerCode: This is the name of the Adyen acquirer that you want to authorise the transaction with.
    • authorisationMID: This is the MID of the Adyen acquirer account that you want to authorise the transaction with.

Sample request

{
   "amount":{
      "currency":"EUR",
      "value":1000
   },
   "merchantAccount":"YOUR_MERCHANT_ACCOUNT",
   "reference":"YOUR_ORDER_NUMBER",
   "channel" : "Web",
   "additionalData" : {
    "acquirerCode":"TestPmmAcquirer",
    "authorisationMid":"1000"
   },
   "mpiData":{  
    "cavv":"3q2+78r+ur7erb7vyv66vv\/\/\/\/8=",
    "eci":"05",
    "dsTransID":"c4e59ceb-a382-4d6a-bc87-385d591fa09d",
    "directoryResponse":"C",
    "authenticationResponse":"Y",
    "threeDSVersion":"2.1.0"
  },
  "paymentMethod": {
    "type": "scheme",
    "number": "4212345678901245",
    "expiryMonth": "10",
    "expiryYear": "2020",
    "holderName": "John Smith",
    "cvc": "737"
    }
}

Response

You will receive an  Authorised resultCode if the payment authorisation was successful. Otherwise,  see  Result codes f or a complete list of  values and the actions that you need to take.

{
    "pspReference": "8535505811653878",
    "resultCode": "Authorised"
}