Search

Are you looking for test card numbers?

Would you like to contact support?

Authorise a payment with 3D Secure authenticated data

Learn how you can submit a payment authorisation with Adyen, using authentication data from a third-party 3D Secure provider.

This page describes passing authentication data in a API request. If you are using a classic integration, see 3D Secure Classic integration.

Before you begin

Before you can start accepting 3D Secure 2 authenticated transactions on browsers or in-app, make sure that you:

  1. Sign up for an Adyen test account at https://www.adyen.com/signup
  2. Get your API Key. Save a copy as you'll need it for API calls you make to the Adyen payments platform.

Get authentication data

Get the following data for a 3D Secure 1 authenticated transaction:

  • authenticationResponse: From the paResponse from the issuer's Access Control System.
  • directoryResponse: The enrollment response from the VERes message from the Directory Server.
  • cavv: The authentication value for the 3D Secure authentication session. The returned value is a base64-encoded 20-byte array.
  • cavvAlgorithm: The CAVV Algorithmn used during the authentication.
  • xid: The transaction identifier assigned by the Directory Server (base64 encoded, 20 bytes in a decoded form).
  • eci: The electronic commerce indicator.

Get the following data for a 3D Secure 2 authenticated transaction:

  • transStatus from the Authentication Response (ARes) sent by the issuer. The ARes indicates if the cardholder has been authenticated or if the issuer requires further interaction to complete the authentication. 
  • transStatus from the Results Request (RReq) sent by the ACS to the 3DS Server after a challenge flow is completed. The RReq indicates the result of the authentication.
  • authenticationValue: The value for the 3D Secure 2.0 authentication session. The returned value is a Base64-encoded 20-byte array.
  • dsTransID: The unique transaction identifier assigned by the DS to identify a single transaction.
  • eci: The electronic commerce indicator.
  • messageVersion: The value should be 2.1.0.

You will need these data to submit a payment request.

Send a payment authorisation request with 3D Secure authentication data

 Make a POST /payments request and include mpiData and additionalData objects. 

  • paymentMethod.type: Set this to scheme however, if you are authorising for a co-branded card, set the value to the same scheme that authenticated the payment. For example, for a co-branded Cartes Bancaires card, set it to either visa or cartebancaire depending on which scheme performed the authentication.
  • mpiData: Object that contains the 3D Secure authenticated data.

    For 3D Secure 1:

    • authenticationResponse: From the paResponse from the issuer access control system.
    • directoryResponse: The enrollment response from the VERes message from the directory server.
    • cavv: The authentication value for the 3D Secure authentication session. The returned value is a Base64-encoded 20-byte array.
    • cavvAlgorithm: The CAVV Algorithmn used during the authentication.
    • xid: The transaction identifier assigned by directory server (base64 encoded, 20 bytes in a decoded form).
    • eci: The electronic commerce indicator.

    For 3D Secure 2:

    • directoryResponse: The transStatus from the ARes. The possible values are A or Y for a frictionless flow, or C for a challenge flow.
    • authenticationResponse: The transStatus from the challenge result. If the transaction was frictionless, set this to Y.
    • cavv: The authenticationValue from your 3D Secure 2 provider.
    • dsTransID: The unique transaction identifier assigned by the DS to identify a single transaction.
    • eci: The electronic commerce indicator.
    • threeDSVersion: The value should be 2.1.0.
  • additionalData: Object that contains the acquirer information.

    • acquirerCode: This is the name of the Adyen acquirer that you want to authorise the transaction with.
    • authorisationMID: This is the MID of the Adyen acquirer account that you want to authorise the transaction with.

Sample request for 3D Secure 1

{
   "amount":{
      "currency":"EUR",
      "value":1000
   },
   "merchantAccount":"YOUR_MERCHANT_ACCOUNT",
   "reference":"YOUR_ORDER_NUMBER",
   "channel" : "Web",
   "additionalData" : {
    "acquirerCode":"TestPmmAcquirer",
    "authorisationMid":"1000"
   },
   "mpiData":{
    "cavv":"3q2+78r+ur7erb7vyv66vv\/\/\/\/8=",
    "cavvAlgorithm":"1",
    "eci":"05",
    "xid":"ODUzNTYzOTcwODU5NzY3Qw==",
    "directoryResponse":"Y",
    "authenticationResponse":"Y",

  },
  "paymentMethod": {
    "type": "visa",
    "number": "4917610000000000",
    "expiryMonth": "10",
    "expiryYear": "2020",
    "holderName": "John Smith",
    "cvc": "737"
    }
}

Sample request for 3D Secure 2

{
   "amount":{
      "currency":"EUR",
      "value":1000
   },
   "merchantAccount":"YOUR_MERCHANT_ACCOUNT",
   "reference":"YOUR_ORDER_NUMBER",
   "channel" : "Web",
   "additionalData" : {
    "acquirerCode":"TestPmmAcquirer",
    "authorisationMid":"1000"
   },
   "mpiData":{  
    "cavv":"3q2+78r+ur7erb7vyv66vv\/\/\/\/8=",
    "eci":"05",
    "dsTransID":"c4e59ceb-a382-4d6a-bc87-385d591fa09d",
    "directoryResponse":"C",
    "authenticationResponse":"Y",
    "threeDSVersion":"2.1.0"
  },
  "paymentMethod": {
    "type": "visa",
    "number": "4917610000000000",
    "expiryMonth": "10",
    "expiryYear": "2020",
    "holderName": "John Smith",
    "cvc": "737"
    }
}

Response

You will receive an  Authorised resultCode if the payment authorisation was successful. Otherwise,  see  Result codes f or a complete list of  values and the actions that you need to take.

{
    "pspReference": "8535505811653878",
    "resultCode": "Authorised"
}