You can use a third-party 3D Secure provider to perform authentication, and use the obtained authentication data when making a payment request to Adyen. This allows you to use a third-party 3D Secure 2 provider to perform authentication while using Adyen to authorize payments.
This page describes passing authentication data in a /payments API request. If you are using the /authorise endpoint, refer to 3D Secure Classic integration.
Before you begin
Before you begin to integrate, make sure you have followed the Get started with Adyen guide to:
- Get an overview of the steps needed to accept live payments.
- Create your test account.
After you have created your test account:
- Get your API Key and store it securely in your system. You will need it for API calls you make to the Adyen payments platform.
- Check that you are using v46 or later of the /payments endpoint.
Step 1: Get third-party authentication data
To authorize a 3D Secure 2 authenticated payment, you need the following data:
Some card schemes do not provide all fields; the Applies to column shows which fields are required for which schemes.
| Field | Applies to |
|---|---|
| authenticationResponse | All schemes |
| directoryResponse | All schemes |
| authenticationValue | All schemes |
| dsTransID | All schemes |
| eci | All schemes |
| threeDSVersion | All schemes |
| cavvAlgorithm | Cartes Bancaires |
| challengeCancel | Cartes Bancaires |
| challengeIndicator | Cartes Bancaires |
| exemptionIndicator | Cartes Bancaires |
| riskScore | Cartes Bancaires |
Step 2: Make a payment with third-party authentication data
If you didn't authenticate with Adyen, refer to Mapping Adyen parameters to EMVCo fields. You first need to map the third-party authentication data to Adyen parameters when making a payment request to Adyen.
Make a POST /payments request that includes an mpiData object containing the following:
Some card schemes require different fields. The Applies to column shows which fields are required for which schemes.
| Field | Applies to |
|---|---|
| paymentMethod.type | All schemes. Learn more for co-badged cards. |
| mpiData.authenticationResponse | All schemes |
| mpiData.directoryResponse | All schemes |
| mpiData.cavv | All schemes |
| dsTransID | All schemes |
| mpiData.eci | All schemes |
| mpiData.threeDSVersion | All schemes |
| threeDS2RequestData.challengeInd | Cartes Bancaires |
| mpiData.cavvAlgorithm | Cartes Bancaires |
| mpiData.challengeCancel | Cartes Bancaires |
| mpiData.riskScore | Cartes Bancaires |
| additionalData.acquirerCode | Cartes Bancaires. Set to "AdyenCartesBancaires". |
| additionalData.scaExemption | Cartes Bancaires |
| shopperInteraction | All schemes |
| recurringProcessingModel | All schemes |
Co-badged cards
If you are making a payment with a co-badged card, you need to set the paymentMethod.type to scheme and paymentMethod.brand to the scheme that authenticated the payment. For example, if you are making a payment with a card co-badged with Visa and Cartes Bancaires, set paymentMethod.brand to either visa or cartebancaire, depending on which scheme performed the authentication. Otherwise, the payment can be refused.
Sample request
curl https://checkout-test.adyen.com/checkout/v70/payments/ \ -H 'x-api-key: ADYEN_API_KEY' \ -H 'content-type: application/json' \ -d '{ "amount": { "currency": "EUR", "value": 1000 }, "merchantAccount": "YOUR_MERCHANT_ACCOUNT", "reference": "YOUR_ORDER_NUMBER", "channel": "Web", "mpiData": { "cavv": "3q2+78r+ur7erb7vyv66vv////8=", "eci": "05", "dsTransID": "c4e59ceb-a382-4d6a-bc87-385d591fa09d", "directoryResponse": "C", "authenticationResponse": "Y", "threeDSVersion": "2.1.0", "cavvAlgorithmOnly applies to Cartes Bancaires.": "ABC", "riskScoreOnly required for Cartes Bancaires.": "95" }, "paymentMethod": { "type": "card", "number": "4917610000000000", "expiryMonth": "03", "expiryYear": "2030", "holderName": "John Smith", "cvc": "737" }, "threeDS2RequestDataOnly required for Cartes Bancaires.": { "challengeIndicator": "requestChallenge" }, "additionalDataOnly required for Cartes Bancaires.": { "scaExemption": "lowValue", "acquirerCode": "AdyenCartesBancaires" }, "shopperInteraction": "Ecommerce", "recurringProcessingModel": "CardOnFile" }'
Sample response
You will receive an Authorised resultCode if the payment authorization was successful. See Result codes for a complete list of values and the actions that you need to take.
{ ... "pspReference": "V4HZ4RBFJGXXGN82", "resultCode": "Authorised", }