Search

Are you looking for test card numbers?

Would you like to contact support?

Classic-integration icon

Data-only flow

Implement 3D Secure 2 without sending an authentication request to the issuer.

Data-only is currently only available for Mastercard. Before using the data-only flow, make sure to check the regulations that apply to your country or region. Using the data-only flow in countries where SCA is mandated (for example, within the EEA) can lead to an increased amount of authentication rejections.

In a regular 3D Secure 2 flow, the payment has to be authenticated by the issuer before it can be authorised. In a data-only flow, you send the same 3D Secure 2 data but the schemes directly handle the authentication request. The data-only request goes directly to the scheme, and then the scheme includes their own risk data in the authorisation message before sending it to the issuer.

Using the data-only flow

The data-only flow allows you to use the scheme's 3D Secure-specific risk scoring models, which helps increase your authorisation rates in specific markets, without incurring additional fees.

You can also use the data-only flow when you integrate with Adyen as a standalone 3D Secure 2 provider with an authentication-only implementation.

Since there is no authentication request sent to the issuer in a data-only flow, your shoppers will not be presented with a 3D Secure 2 challenge.

Since no strong customer authentication is applied to a data-only transaction, the chargeback liability stays with you and does not shift to the issuer.

Before you begin

Before you can start accepting 3D Secure 2 authenticated transactions on browsers or in-app, make sure that you:

  1. Sign up for an Adyen test account at https://www.adyen.com/signup
  2. Get your API Key. Save a copy as you'll need it for API calls you make to the Adyen payments platform.
  3. Install one of our Libraries to connect with the Adyen APIs. For more information on these steps, refer to Get started with Adyen.

Submit a data-only payment request

Submit POST /authorise call containing the required 3D Secure 2 fields and the following parameter:

  • additionalData.threeDS2DataOnlytrue
We recommend that you provide all available information to increase the likelihood of achieving a frictionless flow and a higher authorisation rate. In addition to the regular parameters you provide to Adyen, send additional parameters in this list.

Request

curl https://pal-test.adyen.com/pal/servlet/Payment/v46/authorise \
-H "X-API-key: [Your API Key here]" \
-H "Content-Type: application/json" \
-d '{
    "amount":{
    "currency":"EUR",
    "value":1500
    },
    "merchantAccount":"YOUR_MERCHANT_ACCOUNT",
    "reference":"YOUR_ORDER_NUMBER",
    "threeDS2RequestData":{
      "deviceChannel":"app"
    },
    "additionalData": {
      "threeDS2DataOnly": true
    },
    "card":{
      "cvc":"737",
      "expiryMonth":"10",
      "expiryYear":"2020",
      "holderName":"Card Holder",
      "number":"5454545454545454"
    }
  }'

Response

{
"pspReference": "991563647392517G",
"resultCode": "Authorised"
}

You'll receive a response containing:

  • resultCode: You can get any of the following result codes:

    • IdentifyShopper: Perform the corresponding 3D Secure 2 device fingerprinting flow depending on your integration and proceed to submit the device fingerprint result.
    • Authorised : If the transaction is exempted from 3D Secure 2 device fingerprinting, you might get an Authorised result code.

For other possible resultCode values and the actions that you need to take, see Result codes.

Testing the data-only flow

Use the test card below to try the 3D Secure 2 data-only flow.

Card Type Card Number Expiry Date CVC/CVV
Mastercard 5201 2818 2278 3116 10/2020 737