If you are using 3D Secure for PSD2 compliance, read our comprehensive PSD2 SCA guide.
In a full implementation, a payment eligible for 3D Secure 2 can go through either a frictionless or a challenge authentication flow before the payment is authorised.
The SDK initiates the 3D Secure 2 device fingerprinting and if required by the issuer, handles presenting the challenge to your shopper. From your server, you need to handle sending a payment request, the encrypted device fingerprint, and the challenge result to Adyen.
If you only want to perform a 3D Secure 2 authentication and then authorise the payment later, see the Authentication-only integration page.
Here's a diagram for a challenge flow:
-
Submit a payment request with the required 3D Secure 2 objects to start the authentication process. Build your implementation depending on the
resultCode
returned in the response. -
Ge the 3D Secure 2 device fingerprint. If you receive an IdentifyShopper
resultCode
, you need to get the shopper's 3D Secure 2 device fingerprint. Initiate the mobile SDK, get the device fingerprint, and send the encrypted device fingerprint information to Adyen. If you get a response with an AuthorisedresultCode
, this indicates that the 3D Secure 2 authentication was frictionless, and the payment authorisation was successfully completed. -
Present a challenge to the shopper. If you receive ChallengeShopper
resultCode
, this means that the issuer requires further shopper interaction. To handle a challenge flow, initiate the mobile SDK and then submit the challenge result to Adyen.
In case the issuer does not support 3D Secure 2, we will initiate a 3D Secure 1 fallback by default, indicated by a RedirectShopper resultCode
response. If you do not want to automatically fall back to 3D Secure 1, contact Support Team.
For a complete list of resultCode
values and the actions that you need to take, see Result codes.
Before you begin
Before you can start accepting 3D Secure 2 authenticated transactions, make sure that you:
- Sign up for an Adyen test account at https://www.adyen.com/signup.
- Get your API Key. Save a copy as you'll need it for API calls you make to the Adyen payments platform.
- Install one of our Libraries to connect with the Adyen APIs. For more information on these steps, refer to Get started with Adyen.
-
Install our SDK by:
-
Importing from jcenter. Add this line to your
build.gradle
file.implementation "com.adyen.threeds:adyen-3ds2:<latestSDKVersion>"
-
Or by importing manually from GitHub: https://github.com/Adyen/adyen-3ds2-android. Copy the SDK package
adyen-3ds2.aar
to the/libs
folder in your module and add this line to your modulebuild.gradle
file.implementation "com.adyen.threeds:adyen-3ds2:<latestSDKVersion>@aar"
-
Integration steps
- Collect the shopper's card details and proceed to submit a payment request.
- Use the
resultCode
from the response to determine your next action. For example, if a transaction qualifies for 3D Secure 2 authentication, you will need to get the 3D Secure 2 device fingerprint, or present a challenge to the shopper, or both.
To test your integration, see Testing 3D Secure 2.
Submit a payment request
Submit a payment request with a POST /authorise call. Include the threeDS2RequestData
object to indicate that you are ready to accept 3D Secure 2 payments.
-
deviceChannel
: app
Request
curl https://pal-test.adyen.com/pal/servlet/Payment/v46/authorise \
-H "X-API-key: [Your API Key here]" \
-H "Content-Type: application/json" \
-d '{
"amount":{
"currency":"EUR",
"value":1500
},
"merchantAccount":"YOUR_MERCHANT_ACCOUNT",
"reference":"YOUR_ORDER_NUMBER",
"threeDS2RequestData":{
"deviceChannel":"app"
},
"card":{
"cvc":"737",
"expiryMonth":"10",
"expiryYear":"2020",
"holderName":"Card Holder",
"number":"4917610000000000"
}
}'
# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen::Client.new
adyen.api_key = "YOUR X-API-KEY"
response = adyen.authorise({
"amount" => {
"currency" => "EUR",
"value" => 1500
},
"merchantAccount" => "YOUR_MERCHANT_ACCOUNT",
"reference" => "YOUR_ORDER_NUMBER",
"threeDS2RequestData" => {
"deviceChannel" => "app"
},
"card" => {
"cvc" => "737",
"expiryMonth" => "10",
"expiryYear" => "2020",
"holderName" => "Card Holder",
"number" => "4917610000000000"
}
})
// Set your X-API-KEY with the API key from the Customer Area.
Config config = new Config();
config.setApiKey("Your X-API-KEY"));
Client client = new Client(config);
Checkout checkout = new Checkout(client);
AuthoriseRequest authoriseRequest = new AuthoriseRequest();
Amount amount = new Amount();
amount.setCurrency("EUR");
amount.setValue(1500L);
authoriseRequest.setAmount(amount);
authoriseRequest.setReference("YOUR_ORDER_NUMBER");
authoriseRequest.setThreeDS2RequestData(new HashMap<String, String>());
authoriseRequest.putThreeDS2RequestData("deviceChannel", "app");
authoriseRequest.setCard(new HashMap<String, String>());
authoriseRequest.putCardItem("cvc", "737");
authoriseRequest.putCardItem("expiryMonth", "10");
authoriseRequest.putCardItem("expiryYear", "2020");
authoriseRequest.putCardItem("holderName", "Card Holder");
authoriseRequest.putCardItem("number", "4917610000000000");
authoriseRequest.setMerchantAccount("YOUR_MERCHANT_ACCOUNT");
authoriseResponse response = checkout.authorise(authoriseRequest);
// Set your X-API-KEY with the API key from the Customer Area.
$client = new \Adyen\Client();
$client->setXApiKey("YOUR X-API-KEY");
$service = new \Adyen\Service\Authorise($client);
$params = array(
"amount" => array(
"currency" => "EUR",
"value" => 1500
),
"reference" => "YOUR_ORDER_NUMBER",
"threeDS2RequestData" => array(
"deviceChannel" => "app"
),
"card" => array(
"cvc" => "737",
"expiryMonth" => "10",
"expiryYear" => "2020",
"holderName" => "Card Holder",
"number" => "4917610000000000"
),
"merchantAccount" => "YOUR_MERCHANT_ACCOUNT"
);
$result = $service->authorise($params);
#Set your X-API-KEY with the API key from the Customer Area.
ady = Adyen.Adyen()
client = ady.client
client.xapikey = "YOUR X-API-KEY"
request = {}
request['amount'] = {
"value": "1500",
"currency": "EUR"
}
request['threeDS2RequestData] = {
"deviceChannel" = "app"
}
request['reference'] = "YOUR_ORDER_NUMBER"
request['card'] = {
"cvc": "737",
"expiryMonth": "10",
"expiryYear": "2020",
"holderName": "Card Holder",
"number": "4917610000000000"
}
request['merchantAccount'] = "YOUR_MERCHANT_ACCOUNT"
result = self.ady.checkout.authorise(request)
// Set your X-API-KEY with the API key from the Customer Area.
var client = new Client ("YOUR-X-API-KEY", Environment.Test);
var checkout = new Checkout(client);
var amount = new Model.Checkout.Amount("EUR", 1500);
var details = new Model.Checkout.DefaultCardDetails{
Cvc = "737",
ExpiryMonth = "10",
ExpiryYear = "2020",
HolderName= "Card Holder",
Number = "4917610000000000"
};
var threeds2requestdata = new Model.Checkout.threeDS2RequestData{
deviceChannel = "app"
};
var authoriseRequest = new Model.Checkout.AuthoriseRequest
{
Reference = "YOUR_ORDER_NUMBER",
Amount = amount,
MerchantAccount = "YOUR_MERCHANT_ACCOUNT",
Card = details,
ThreeDS2RequestData = threeds2requestdata
};
var paymentResponse = checkout.Authorise(authoriseRequest);
Response
You'll receive a response containing:
-
resultCode
: IdentifyShopper. Perform the Identify the shopper flow.
resultCode
. See 3D Secure fallback for more information.
For a complete list of resultCode
values and the actions you need to take, see Result codes.
{
"additionalData": {
"threeds2.threeDSServerTransID": "055fadfb-9fe4-4e70-99f0-9b8935bf1eb2",
"threeds2.threeDS2DirectoryServerInformation.algorithm": "RSA",
"threeds2.threeDS2Token": "BQABAQC2LEWucYNwQRzhH9c1/hup5ZZa9HUehFbwdC86PAfhpGJ/+...",
"threeds2.threeDS2DirectoryServerInformation.directoryServerId": "A000000003",
"threeds2.threeDS2DirectoryServerInformation.publicKey": "eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiI4VFBxZkFQ==..."
},
"pspReference": "8835495304426403",
"resultCode": "IdentifyShopper"
}
Get the 3D Secure 2 device fingerprint
If your server receives an IdentifyShopper resultCode
, start the 3D Secure 2 device fingerprinting process.
- Get the following values from the
/authorise
response:threeds2.threeDS2DirectoryServerInformation.directoryServerId
-
threeds2.threeDS2DirectoryServerInformation.publicKey
-
Create an instance of
ConfigParameters
and use the values from the previous step:ConfigParameters configParameters = AdyenConfigParameters.from( directoryServerId, directoryServerPublicKey );
For a complete description of all the classes used in the SDK, see our Javadoc page.
-
Use
ThreeDS2Service.INSTANCE
to create a transaction.ThreeDS2Service.INSTANCE.initialize(/*Activity*/ this, configParameters, null, null); Transaction mTransaction = ThreeDS2Service.INSTANCE.createTransaction(null, null);
Keep a reference to your
Transaction
instance until the transaction is complete. -
Use the
AuthenticationRequestParameters
and pass them on to your server.AuthenticationRequestParameters authenticationRequestParameters = mTransaction.getAuthenticationRequestParameters();
Get the following information:
transaction.authenticationRequestParameters.deviceData
transaction.authenticationRequestParameters.SDKTransactionID
transaction.authenticationRequestParameters.SDKAppID
transaction.authenticationRequestParameters.SDKReferenceNumber
transaction.authenticationRequestParameters.SDKEphemeralPublicKey
transaction.authenticationRequestParameters.MessageVersion
-
Send the encrypted device fingerprint information to Adyen. Get the data from the
AuthenticationRequestParameters
and pass them as parameters in a POST /authorise3ds2 call.-
sdkEncData
: Device data -
sdkTransID
: SDK Transaction ID -
sdkAppID
: SDK App ID -
sdkReferenceNumber
: SDK Reference Number -
sdkEphemPubKey
: SDK Ephemeral Public KeyWe recommend that you provide all available information to increase the likelihood of achieving a frictionless flow and a higher authorisation rate. In addition to the regular parameters you provide to Adyen, send additional parameters in this list.
-
Request
{
"merchantAccount": "YOUR_MERCHANT_ACCOUNT",
"threeDS2RequestData": {
"deviceChannel": "app",
"sdkAppID": "9063b12c-fcde-43c7-b28e-8d0af5520e8a",
"sdkEncData": "<device-fingerprint>",
"sdkEphemPubKey": {
"crv": "P-256",
"kty": "EC",
"x": "LYImJkRzS92vogM6AUPCBhJ20VagSe8IL0Q9SdisUSo",
"y": "Rav4sKHnLUIUHVdyR4dyV7G2_EeAnuCn_6621ZhqZYU"
},
"sdkReferenceNumber": "3DS_LOA_SDK_ADBV_739485_94783",
"sdkTransID": "b60c9879-ac77-4918-a317-7b01c4317053/8Q==.."
}
Response
You'll receive a response containing a resultCode
that can be:
- Authorised – Indicates that the 3D Secure 2 authentication was frictionless, and the payment authorisation was successfully completed. This state serves as an indicator to proceed with the delivery of goods and services.
- ChallengeShopper – The issuer has requested further shopper interaction. Perform the Challenge flow.
For a complete list of resultCode
values and the actions you need to take, see Result codes.
~~~~ json
{
"additionalData": {
"threeds2.threeDS2ResponseData.acsSignedContent": "eyJhbGciOiJQUzI1NiIsIngPVEFOQmdrcWhraUc5dtw4I-RBJ8_OUt8yIZEsoc...",
"threeds2.threeDS2ResponseData.transStatus": "C",
"threeds2.threeDS2ResponseData.acsChallengeMandated": "Y",
"threeds2.threeDS2ResponseData.acsURL": "https://pal-test.adyen.com/threeds2simulator/services/ThreeDS2Simulator/v1/handle/83e78317-e73f-4a6f-j738-7hj09p07n178",
"threeds2.threeDS2ResponseData.threeDSServerTransID": "930h2k09-1986-4hl2-800a-c8d7783918bf",
"threeds2.threeDS2ResponseData.authenticationType": "01",
"threeds2.threeDS2ResponseData.messageVersion": "2.1.0",
"threeds2.threeDS2Token": "BQABAQC2LEWucYNwQRzhH9c1/hup5ZZa9HUehFbwdC86PAfhpGJ/+...",
"threeds2.threeDS2ResponseData.acsTransID": "45e79886-e60c-4c6d-a962-7aa43d59b150",
"threeds2.threeDS2ResponseData.acsReferenceNumber": "ADYEN-ACS-SIMULATOR"
},
"pspReference": "8825495326513370",
"resultCode": "ChallengeShopper"
}
~~~~
Present a challenge
If your server receives a ChallengeShopper resultCode
, this means that the issuer would like to perform additional checks in order to verify that the shopper is indeed the cardholder.
- Get the following parameters from the /authorise3ds2 response.
threeds2.threeDS2ResponseData.threeDSServerTransID
threeds2.threeDS2ResponseData.acsTransID
threeds2.threeDS2ResponseData.acsReferenceNumber
threeds2.threeDS2ResponseData.acsSignedContent
threeds2.threeDS2Token
-
Create an instance of
ChallengeParameters
and pass the values from the previous step.Map<String, String> additionalData = ...; // Retrieved from Adyen. ChallengeParameters challengeParameters = new ChallengeParameters(); challengeParameters.set3DSServerTransactionID(additionalData.get("threeds2.threeDS2ResponseData.threeDSServerTransID")); challengeParameters.setAcsTransactionID(additionalData.get("threeds2.threeDS2ResponseData.acsTransID")); challengeParameters.setAcsRefNumber(additionalData.get("threeds2.threeDS2ResponseData.acsReferenceNumber")); challengeParameters.setAcsSignedContent(additionalData.get("threeds2.threeDS2ResponseData.acsSignedContent"));
-
Present the challenge.
mTransaction.doChallenge(/*Activity*/ this, challengeParameters, new ChallengeStatusReceiver() { @Override public void completed(CompletionEvent completionEvent) { String transactionStatus = completionEvent.getTransactionStatus(); // Submit the transactionStatus to /authorise3ds2. } @Override public void cancelled() { // Cancelled by the user or the App. } @Override public void timedout() { // The user didn't submit the challenge within the given time, 5 minutes in this case. } @Override public void protocolError(ProtocolErrorEvent protocolErrorEvent) { // An error occurred. } @Override public void runtimeError(RuntimeErrorEvent runtimeErrorEvent) { // An error occurred. } }, 5);
When the challenge flow has been completed, send the
transactionStatus
from thecompletionEvent
to your server. - Make a POST /authorise3ds2 request from your server. Include the
transStatus
generated by the SDK, and thethreeds2.threeDS2Token
.
Request
{
"merchantAccount": "YOUR_MERCHANT_ACCOUNT",
"threeDS2Result": {
"transStatus": "Y"
},
"threeDS2Token": "BQABAQC2LEWucYNwQRzhH9c1/hup5ZZa9HUehFbwdC86PAfhpGJ/+..."
}
Response
You'll receive Authorised as the resultCode
if the payment was successful.
{
"additionalData": {
"liabilityShift": "true",
"authCode": "44402",
"avsResult": "4 AVS not supported for this card type",
"threeDOffered": "true",
"refusalReasonRaw": "AUTHORISED",
"authorisationMid": "1000",
"acquirerAccountCode": "TestPmmAcquirerAccount",
"cvcResult": "1 Matches",
"avsResultRaw": "4",
"threeDAuthenticated": "true",
"cvcResultRaw": "M",
"acquirerCode": "TestPmmAcquirer",
"acquirerReference": "7CASOGMCCB4"
},
"pspReference": "8825495331860022",
"resultCode": "Authorised",
"authCode": "44402"
}
Optional: Prefetch device fingerprinting keys
This functionality requires additional configuration on Adyen's end. To enable it, contact the Support Team.
You can opt to retrieve and cache 3D Secure device fingerprint keys for specific BIN ranges or card brands. When you cache the keys, you reduce the number of calls for each transaction as you can already start with performing 3D Secure 2 device fingerprinting.
To use cached keys for your authentication flow, you will need to:
- Retrieve and cache device fingerprinting keys once for each card brand or BIN.
- Perform 3D Secure 2 device fingerprinting and submit the result in a payment request.
- Present a challenge if required by the issuer.
Make sure to update your cache regularly to get the latest keys and to avoid getting your transactions refused.
Get device fingerprinting keys
To retrieve device fingerprinting keys, send a POST /get3dsAvailability request, providing either a cardNumber
from a BIN range you want to cache or a list of card brand
names, along with your merchantAccount
.
Sample request with card number
cardNumber
{
"merchantAccount":"YOUR_MERCHANT_ACCOUNT",
"cardNumber":"4917610000000000"
}
Response
{
"binDetails": {
"issuerCountry": "PL"
},
"dsPublicKeys": [
{
"brand": "visa",
"directoryServerId": "F013371337",
"publicKey": "eyJrdHkiOiJSU0==.."
}
],
"threeDS1Supported": true,
"threeDS2CardRangeDetails": [
{
"brandCode": "visa",
"endRange": "491761000000",
"startRange": "491761000000",
"threeDS2Version": "2.1.0",
"threeDSMethodURL": "https://pal-test.adyen.com/threeds2simulator/acs/startMethod.shtml"
}
],
"threeDS2supported": true
}
Sample request with card brand
{
"merchantAccount":"YOUR_MERCHANT_ACCOUNT",
"brands" : ["visa","mc"]
}
Response
{
"dsPublicKeys":[
{
"brand":"visa",
"directoryServerId":"A000000003",
"publicKey":"eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiI4VFBxZkFOW..."
},
{
"brand":"mc",
"directoryServerId":"A000000011",
"publicKey":"dabJHa91fadhUVZjZ1g4LUpWZ1Y0M2diWURtYmdTY0N5SkVSN..."
}
]
}
Cache the values of the following parameters for the specific BIN range or brand:
dsPublicKeys.directoryServerId
dsPublicKeys.publicKey
Next, use the cached keys to get the shopper's 3D Secure 2 device fingerprint.
Perform 3D Secure 2 device fingerprinting with cached keys
-
Create an instance of
ConfigParameters
with the cached keys.ConfigParameters configParameters = AdyenConfigParameters.from( directoryServerId, directoryServerPublicKey );
-
Use
ThreeDS2Service.INSTANCE
to create a transaction.ThreeDS2Service.INSTANCE.initialize(/*Activity*/ this, configParameters, null, null); Transaction mTransaction = ThreeDS2Service.INSTANCE.createTransaction(null, null);
-
Use the
AuthenticationRequestParameters
and pass them on to your server.AuthenticationRequestParameters authenticationRequestParameters = mTransaction.getAuthenticationRequestParameters();
Get the following information:
transaction.authenticationRequestParameters.deviceData
transaction.authenticationRequestParameters.SDKTransactionID
transaction.authenticationRequestParameters.SDKAppID
transaction.authenticationRequestParameters.SDKReferenceNumber
transaction.authenticationRequestParameters.SDKEphemeralPublicKey
transaction.authenticationRequestParameters.MessageVersion
-
Send the encrypted device fingerprint information to Adyen. Get the data from the
AuthenticationRequestParameters
and pass them as parameters in a /authorise call.-
sdkEncData
: Device data -
sdkTransID
: SDK Transaction ID -
sdkAppID
: SDK App ID -
sdkReferenceNumber
: SDK Reference Number -
sdkEphemPubKey
: SDK Ephemeral Public Key
-
Request
{
"merchantAccount":"YOUR_MERCHANT_ACCOUNT",
"reference":"YOUR_ORDER_NUMBER",
"amount":{
"currency":"EUR",
"value":1500
},
"card":{
"cvc":"737",
"expiryMonth":"10",
"expiryYear":"2020",
"holderName":"Card Holder",
"number":"4917610000000000"
},
"threeDS2RequestData":{
"deviceChannel":"app",
"sdkAppID":"9063b12c-fcde-43c7-b28e-8d0af5520e8a",
"sdkEncData":"<device-fingerprint>",
"sdkEphemPubKey":{
"crv":"P-256",
"kty":"EC",
"x":"LYImJkRzS92vogM6AUPCBhJ20VagSe8IL0Q9SdisUSo",
"y":"Rav4sKHnLUIUHVdyR4dyV7G2_EeAnuCn_6621ZhqZYU"
},
"sdkReferenceNumber":"3DS_LOA_SDK_ADBV_739485_94783",
"sdkTransID":"b60c9879-ac77-4918-a317-7b01c4317053/8Q==.."
}
}
Response
You'll receive a response containing a resultCode
that can either be:
- Authorised – Indicates that the 3D Secure 2 authentication was frictionless, and the payment authorisation was successfully completed. This state serves as an indicator to proceed with the delivery of goods and services.
-
ChallengeShopper – The issuer has requested further shopper interaction. Perform the Challenge flow.
For a complete list ofresultCode
values and the actions that you need to take, see Result codes.
{
"additionalData": {
"threeds2.threeDS2ResponseData.acsSignedContent": "eyJhbGciOiJQUzI1NiIsIngPVEFOQmdrcWhraUc5dtw4I-RBJ8_OUt8yIZEsoc...",
"threeds2.threeDS2ResponseData.transStatus": "C",
"threeds2.threeDS2ResponseData.acsChallengeMandated": "Y",
"threeds2.threeDS2ResponseData.acsURL": "https://pal-test.adyen.com/threeds2simulator/services/ThreeDS2Simulator/v1/handle/83e78317-e73f-4a6f-j738-7hj09p07n178",
"threeds2.threeDS2ResponseData.threeDSServerTransID": "930h2k09-1986-4hl2-800a-c8d7783918bf",
"threeds2.threeDS2ResponseData.authenticationType": "01",
"threeds2.threeDS2ResponseData.messageVersion": "2.1.0",
"threeds2.threeDS2Token": "BQABAQBPNOSJD5YAoli8YHpWY9ygByNSoij2518FFwnM5JmKgAOApra0oHu6/=...",
"threeds2.threeDS2ResponseData.acsTransID": "45e79886-e60c-4c6d-a962-7aa43d59b150",
"threeds2.threeDS2ResponseData.acsReferenceNumber": "ADYEN-ACS-SIMULATOR"
},
"pspReference": "8825495326513370",
"resultCode": "ChallengeShopper"
}
UI customizations
Customize the SDK theme
The SDK inherits your app's theme to ensure the UI of the challenge flow fits your app's look and feel. You can override the default SDK theme to inherit from one of AppCompat's theme variants. To do this, add the following XML snippet to your styles.xml
file.
<style name="ThreeDS2Theme" parent="Theme.AppCompat.Light.DarkActionBar">
<!-- Customize the SDK theme here. -->
<item name="colorPrimary">@color/colorPrimary</item>
<item name="colorPrimaryDark">@color/colorPrimaryDark</item>
<item name="colorAccent">@color/colorAccent</item>
</style>
Using UiCustomization class
If you require further UI customizations, the SDK provides some customization options through the UiCustomization
class.
To use the UiCustomization
class, create an instance of UiCustomization
, configure the desired properties and pass it during initialization of the ThreeDS2Service.INSTANCE
.
For example, to change the toolbar's title text and text color:
ToolbarCustomization toolbarCustomization = new ToolbarCustomization();
toolbarCustomization.setHeaderText("Secure Checkout");
toolbarCustomization.setTextColor("#FFFFFF");
UiCustomization uiCustomization = new UiCustomization();
uiCustomization.setToolbarCustomization(toolbarCustomization);
ThreeDS2Service.INSTANCE.initialize(getContext(), configParameters, null, uiCustomization);
Check out the UiCustomization class reference documentation for a complete list of customizable properties.
You can also customize the following UI elements used in the challenge flow:
Customizable elements | Customizable properties |
---|---|
Body |
|
Header |
|
Info items |
|
Input fields |
|
Input fields header |
|
Navigation bar |
|
Screen |
|
Continue/Verify button |
|
Cancel button |
|
Resend button |
|
Testing 3D Secure 2
Before going live, use the following card numbers and credentials to test your integration.
We recommend testing each Card Type.
To test how your integration handles different 3D Secure 2 authentication scenarios, use our test card numbers.
All our test cards use the following expiry dates and security codes:
Expiry Date | CVC/CVV | CID |
---|---|---|
10/2020 | 737 | 7373 |
03/2030 | 737 | 7373 |
When prompted for 3D Secure 2 text challenges, use the following credentials:
- For mobile, use password: 1234
- For web, use password: password
Card Type | Card Number |
---|---|
American Express | 3714 4963 5398 431 |
Cartes Bancaires | 4035 5014 2814 6300 |
Diners | 3056 9309 0259 04 |
Discover | 6011 1111 1111 1117 |
JCB | 3566 1111 1111 1113 |
Mastercard | 5454 5454 5454 5454 |
UnionPay | 6212 3456 7890 1232 |
Visa | 4917 6100 0000 0000 |
When you make a payment request with these cards, you'll receive the following result codes depending on your integration:
- RedirectShopper: You'll receive this result code if you are using the Redirect authentication.
- IdentifyShopper: You'll receive this result code if you are using the Native authentication.
- ChallengeShopper: You might get this result code after you submit the 3D Secure 2 device fingerprinting result in a Native authentication, indicating a challenge flow.
To test the web-based flow where the device fingerprinting step is skipped (because the issuer's ACS has not configured a threeDSMethodURL
), and you get a ChallengeShopper resultCode
immediately after submitting the payment request, use the following card:
Card Type | Card Number |
---|---|
Visa | 4212 3456 7891 0006 |
To test the frictionless flow, specify in your payment request:
-
amount.value
: 12002
App-based integration
To test different authentication scenarios for app-based integration, use the following test cards:
Card number | Authentication scenario |
---|---|
5201 2855 6567 2311 | Basic text authentication |
5201 2874 9905 2008 | Basic single select |
5201 2815 9233 1633 | Basic multi select |
5201 2888 2269 6974 | Basic out-of-band (OOB) authentication |
5201 2895 0084 3268 | HTML OOB authentication |
5201 2861 5377 1465 | App single select then text authentication |
Other scenarios
Card number | Scenario |
---|---|
4199 3500 0000 0002 | The card is not enrolled for 3D Secure transactions, |
5201 2829 9900 5515 | There was a technical error. |