Search

Are you looking for test card numbers?

Would you like to contact support?

Authentication-only integration

Use Adyen as a standalone 3D Secure 1 provider. Perform only the 3D Secure 1 authentication with us and submit the payment authorisation later.

If you implemented 3D Secure 2 authentication-only flow and the issuer does not support 3D Secure 2, follow the steps here for your 3D Secure 1 fallback implementation. If the authentication is successful, you will get the authentication data that you will need to authorise the payment with another PSP or acquirer.

If after the authentication you decide to process the payment with us, we also provide a way so that you can continue with the payment authorisation with Adyen.

Before you begin

Before you can start accepting 3D Secure authenticated transactions on browsers or in-app, make sure that you:

  1. Sign up for an Adyen test account at https://www.adyen.com/signup
  2. Get your API Key. Save a copy as you'll need it for API calls you make to the Adyen payments platform.
  3. Read and understand the full 3D Secure 1 Classic API integration guide

Step 1: Submit a payment authentication request

Submit an authentication request with a /authorise call containing the required 3D Secure 1 parameters and the authenticationOnly parameter:

  • authenticationOnly: Set this to true.

Sample request for 3D Secure 2 authentication only

{
      "amount":{
        "currency":"EUR",
        "value":2100
      },
      "merchantAccount":"YOUR_MERCHANT_ACCOUNT",
      "reference":"YOUR_REFERENCE_NUMBER",
      "threeDS2RequestData":{
        "deviceChannel":"browser",
        "notificationURL":"https:\/\/www.example.com\/YOUR_3DS_NOTIFICATION_URL",
        "authenticationOnly": true
      },
      "additionalData": {
        "executeThreeD": true
      },
      "browserInfo":{
        "userAgent":"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36",
        "acceptHeader":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
        "language":"en",
        "colorDepth":24,
        "screenHeight":723,
        "screenWidth":1536,
        "timeZoneOffset":0,
        "javaEnabled":false
      },
      "card": {
        "number": "4212345678901237",
        "expiryMonth": "10",
        "expiryYear": "2020",
        "cvc": "737",
        "holderName": "Simon Hopper"
      }
    }
Response

You'll receive a response containing:

For a complete list of resultCode values and the actions that you need to do, see Result codes.

{
    "pspReference": "8825536842162448",
    "resultCode": "RedirectShopper",
    "issuerUrl": "https://test.adyen.com/hpp/3d/validate.shtml",
    "md": "djIhR2R6NkNkdVFROVdFc1YrN1B3cmZ3dz09IfNZPuc4S9doxv...=",
    "paRequest": "eNpVUttuwjAM/RXGB5A0baFUJlIHSEMal3F5nrLU9gH...="
}

Step 2: Perform the 3D Secure 1 authentication flow

Redirect the shopper to the card issuer to perform authentication. After a successful authentication, the card issuer returns the shopper to your site and sends an HTTP POST to your TermUrl containing the following:

  • MD: Payment session identifier.
  • PaRes: Payment authorisation response.

Get the MD and PaRes values and proceed to submit the authentication result.

If after performing the authentication you decide to continue the payment authorisation with Adyen, skip the next step proceed to Authorise the payment with Adyen instead.

Step 3: Submit the result and get the authentication data

Submit the authentication result in an /authorise3d request:

  • md: Payment session identifier, MD, returned by the card issuer in the previous step.
  • paResponse: Payment authorisation response, PaRes, returned by the card issuer in the previous step.
  • authenticationOnly: Set this to true.
Request
{
    "md": "djIhR2R6NkNkdVFROVdFc1YrN1B3cmZ3dz09IfNZPuc4S9doxvKxoki3cg..=",
    "paResponse": "eNrNV1mTqsgSfvdXdJx5ZOawC56gjSgWFZUdQXhjkx0UkMVff2md6dM..=",
        "threeDS2RequestData" : {
         "authenticationOnly" : "true"
    },
    "merchantAccount": "YOUR_MERCHANT_ACCOUNT"
}
Response

You'll receive a response containing:

  • resultCode: If the authentication was successful, you will receive a AuthenticationFinished response along with authentication fields that you can pass on to your PSP or acquirer for authorisation.
{
    "additionalData": {
        "cavv": "AQIDBAUGBwgJCgsMDQ4PEBESExQ=",
        "xid": "ODgyNTUzNjg0MjE2MjQ0OAAAAAA=",
        "threeDAuthenticatedResponse": "Y",
        "cavvAlgorithm": "1",
        "threeDOfferedResponse": "Y",
        "eci": "02",
        "authorisationMid": "1000",
        "acquirerCode": "TestPmmAcquirerAccount"
    },
    "pspReference": "8825536842162448",
    "resultCode": "AuthenticationFinished"
}

Optional: Authorise the payment with Adyen

If after completing the authentication flow you decide to proceed with authorising the payment with Adyen, you can still switch and continue with a payment authorisation.

Make a POST /authorise3d request from your server and include the following parameters: 

  • authenticationOnly: Set this to false.
Request
{
    "md": "djIhR2R6NkNkdVFROVdFc1YrN1B3cmZ3dz09IfNZPuc4S9doxvKxoki3cg..=",
    "paResponse": "eNrNV1mTqsgSfvdXdJx5ZOawC56gjSgWFZUdQXhjkx0UkMVff2md6dM..=",
    "threeDS2RequestData" : {
       "authenticationOnly" : "false"
    },
    "merchantAccount": "YOUR_MERCHANT_ACCOUNT"
}
Response

You'll receive Authorised as the resultCode if the payment was successful.

{
    "pspReference": "8825495331860022",
    "resultCode": "Authorised"
}