Are you looking for test card numbers?

Would you like to contact support?

Issuin icon

One-time password (OTP) authentication

Learn how to add the cardholder's mobile phone number and a password to support 3D Secure.

If you choose to enroll your Adyen-issued card in 3D Secure through the one-time password (OTP) flow, the cardholder goes through the following process when making an online payment:

  1. The cardholder is redirected to a 3D Secure authentication page. In this page, they must provide:
    • Their password.
    • A one-time password (OTP) sent through a text message to their mobile phone number.
  2. The cardholder's credentials are validated against the authentication data that you set for the card.
    • If the authentication is successful, the payment is sent to Adyen for authorisation.
    • If the authentication fails, the payment fails.
  3. If the payment authorisation is approved, the payment is completed.

To help your cardholders recognize your brand when authenticating, you can change the logo shown in the 3D Secure authentication page. Reach out to your Adyen contact if you want to add a logo.

Add authentication data

To enroll the Adyen-issued card in 3D Secure, add the cardholder's mobile phone number and a password when issuing cards.

When creating or updating the card, include the authentication object containing:

  • A password.
  • A phone object that includes the number and type set to mobile.

Adyen enrolls the card with the phone number and password in 3D Secure.

Here is an example of how you can create a card with authentication data to support 3D Secure authentication.

Create a card with authentication data for 3D Secure
curl https://balanceplatform-api-test.adyen.com/bcl/v2/paymentInstruments \
-H "x-API-key: YOUR_X-API-KEY" \
-H "content-type: application/json" \
-d '{
  "type": "card",
  "issuingCountryCode": "NL",
  "balanceAccountId": "BA3227C223222B5CTBLR8BWJB",
  "status": "inactive",
  "card": {
    "formFactor": "physical",
    "brand": "mc",
    "brandVariant": "mcdebit",
    "cardholderName": "Sam Hopper",
    "authentication": {
       "password": "CARDUSERPASSWORD$1",
       "phone":
         {
            "number": "31611223344",
            "type": "Mobile"
         }
    },
    "deliveryContact": {
      "address": {
        "city": "Amsterdam",
        "country": "NL",
        "stateOrProvince": "NH",
        "street": "274 Brannan Street, Suite 600",
        "houseNumberOrName": "50",
        "postalCode": "1020CD"
      },
      "name": {
        "firstName": "Sam",
        "lastName": "Hopper"
      }
    },
    "configuration": {
      "configurationProfileId": "YOUR_CONFIGURATION_PROFILE_ID"
    }
  },
  "description": "YOUR_DESCRIPTION"
}'

You can also add the authentication object at a later time or change the cardholder's phone number and password by sending a PATCH /paymentInstruments/{id} request to update the card.

Add or change authentication data of existing card
curl --request PATCH https://balanceplatform-api-test.adyen.com/bcl/v2/paymentInstruments/{id} \
-H "x-API-key: YOUR_X-API-KEY" \
-H "content-type: application/json" \
-d '{
  "card": {
    "authentication": {
       "password": "CARDUSERPASSWORD$1",
       "phone":
         {
            "number": "31611223344",
            "type": "Mobile"
         }
    }
  }
}'

Next steps

Before your users can start making purchases with the newly issued card, you will have to choose how to fund the accounts, process payments, and manage the card lifecycle.