3D Secure 2 Component

Add native 3D Secure 2 authentication to your integration.

Our 3D Secure 2 Component handles the 3D Secure 2 device fingerprinting and challenge flows, including the data exchange between your front end and the issuer's Access Control Server (ACS).

When adding native 3D Secure 2 authentication to your integration:

Collect additional parameters in your payment form.
Provide additional parameters when making a payment request.
Use the 3D Secure 2 Component to perform the authentication flow.
If the payment was routed to 3D Secure 2 redirect flow, use the Redirect Component.

This page describes the integration steps for v3.0.0 or later of iOS Components. If you are using an earlier version, refer to an earlier version of this integration guide.

Before you begin

Before starting your integration, make sure that you have integrated our Card Component, or built your own UI for collecting shopper's card details.

Collect additional parameters in your payment form

For higher authentication rates, we strongly recommend that you collect the cardholder name for payments with 3D Secure authentication.
To collect the cardholder name using our Card Component, specify the following when adding the Card Component:

showsHolderNameField: true

let configuration = CardComponent.Configuration(showsHolderNameField: true)
let component =  CardComponent(paymentMethod: paymentMethod,
                                   apiContext: apiContext,
                                   configuration: configuration)
component.delegate = self
self.cardComponent = component
present(component.viewController, animated: true)

We also recommend that you collect the shopper billing address in advance in your payment form. Deliver this parameter to your backend when making a payment as it is required by the card schemes.

Make a payment

From your server, make a /payments request, specifying:

Parameter name	Required	Description
paymentMethod		If using the Card Component, pass the `data.paymentMethod` object from the `didSubmit` event from your client app. If submitting raw card data, refer to Raw card data for the fields that you need to pass.
channel		Set to iOS.
`authenticationData.threeDSRequestData.nativeThreeDS`		Set to preferred. Indicates that your payment page can handle 3D Secure 2 transactions natively.
browserInfo		Contains the `userAgent` and `acceptHeader` fields. Indicates that your integration can handle 3D Secure 2 redirect authentication. If your integration is unable to generate this information, you can send the same data as in the request below.
returnUrl		In case of a 3D Secure 2 redirect flow, this is the URL where the shopper will be redirected back to after completing authentication. Use the custom URL for your app, for example, `my-app://`. For more information on setting custom URL schemes, refer to the Apple Developer documentation.
billingAddress		The cardholder's billing address.
shopperEmail		The cardholder's email address.

To increase the likelihood of achieving a frictionless flow and higher authorisation rates, we recommend that you send additional parameters.

For channel iOS, we recommend including these additional parameters: billingAddress and shopperEmail.

curl https://checkout-test.adyen.com/v69/payments \
-H "X-API-key: [Your API Key here]" \
-H "Content-Type: application/json" \
-d '{
   "amount":{
      "currency":"EUR",
      "value":1000
   },
   "reference":"YOUR_ORDER_NUMBER",
   "shopperReference":"YOUR_UNIQUE_SHOPPER_ID",
   "{hint:data.paymentMethod from app}paymentMethod{/hint}": {
      "type":"scheme",
      "encryptedCardNumber":"adyenjs_0_1_18$k7s65M5V0KdPxTErhBIPoMPI8HlC..",
      "encryptedExpiryMonth":"adyenjs_0_1_18$p2OZxW2XmwAA8C1Avxm3G9UB6e4..",
      "encryptedExpiryYear":"adyenjs_0_1_18$CkCOLYZsdqpxGjrALWHj3QoGHqe+..",
      "encryptedSecurityCode":"adyenjs_0_1_24$XUyMJyHebrra/TpSda9fha978+..",
      "holderName":"S. Hopper"
   },
   "authenticationData": {
      "threeDSRequestData": {
        "nativeThreeDS": "preferred"
      }
   },
   "{hint:state.data.billingAddress from onSubmit}billingAddress{/hint}": {
      "street": "Infinite Loop",
      "houseNumberOrName": "1",
      "postalCode": "1011DJ",
      "city": "Amsterdam",
      "country": "NL"
   },
   "{hint:Required for 3D Secure 1}browserInfo{/hint}: {
      "userAgent":"Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A5370a Safari/604.1",
      "acceptHeader":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8"
   },
   "shopperEmail":"s.hopper@example.com"
   "channel":"iOS",
   "returnUrl":"my-app://",
   "merchantAccount":"YOUR_MERCHANT_ACCOUNT"
}'

require 'adyen-ruby-api-library'

# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen::Client.new
adyen.env = :test
adyen.api_key = "YOUR_X-API-KEY"

# STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
paymentMethod = STATE_DATA

response = adyen.checkout.payments({
    :authenticationData => {
        :threeDSRequestData => {
            :nativeThreeDS => "preferred"
        }
    },
    :paymentMethod => paymentMethod,
    :billingAddress => {
        :city => "Amsterdam",
        :country => "NL",
        :houseNumberOrName => "1",
        :postalCode => "1011DJ",
        :street => "Infinite Loop"
    },
    :browserInfo => {        # Data object passed from the onSubmit event, parsed from JSON to a Hash.
        :userAgent =>  "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A5370a Safari/604.1",
        :acceptHeader => "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
    },
    :amount => {
        :currency => 'EUR',
        :value => 1000
    },
    :channel => 'iOS',
    :reference => 'YOUR_ORDER_NUMBER',
    :shopperEmail => "s.hopper@example.com",
    :returnUrl => 'my-app://',
    :merchantAccount => 'YOUR_MERCHANT_ACCOUNT'
})

// Set your X-API-KEY with the API key from the Customer Area.
String xApiKey = "YOUR_X-API-KEY";
Client client = new Client(xApiKey,Environment.TEST);
Checkout checkout = new Checkout(client);
PaymentsRequest paymentsRequest = new PaymentsRequest();
paymentsRequest.setMerchantAccount("YOUR_MERCHANT_ACCOUNT");
// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.

AuthenticationData authenticationData = new AuthenticationData();
ThreeDSRequestData threeDSRequestData = new ThreeDSRequestData();
threeDSRequestData.setNativeThreeDS("preferred");
authenticationData.setThreeDSRequestData(threeDSRequestData);
paymentsRequest.setAuthenticationData(authenticationData);

paymentsRequest.setPaymentMethod(STATE_DATA)

Amount amount = new Amount();
amount.setCurrency("EUR");
amount.setValue(1000L);
paymentsRequest.setAmount(amount);

Address billingAddress = new Address();
billingAddress.setCity("Amsterdam");
billingAddress.setCountry("NL");
billingAddress.setHouseNumberOrName("1");
billingAddress.setPostalCode("1011DJ");
billingAddress.setStreet("Infinite Loop");

paymentsRequest.setBillingAddress(billingAddress);
BrowserInfo browserInfo = new BrowserInfo();
browserInfo.setUserAgent("Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A5370a Safari/604.1");
browserInfo.setAcceptHeader("text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8");

{ % REQUEST_INSTANCE % }.setChannel({ % REQUEST_CLASS % }.ChannelEnum.iOS);
paymentsRequest.setReference("YOUR_ORDER_NUMBER");
paymentsRequest.setShopperEmail("s.hopper@example.com");
paymentsRequest.setReturnUrl("my-app://");
PaymentsResponse paymentsResponse = checkout.payments(paymentsRequest);

// Set your X-API-KEY with the API key from the Customer Area.
$client = new \Adyen\Client();
$client->setEnvironment(\Adyen\Environment::TEST);
$client->setXApiKey("YOUR_X-API-KEY");
$service = new \Adyen\Service\Checkout($client);

// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
$paymentMethod = STATE_DATA;;

$params = array(
    "authenticationData" => array(
         "threeDSRequestData" => [
            "nativeThreeDS" => "preferred"
         ]

    ),
    "paymentMethod" => $paymentMethod,
    "billingAddress" => array(
        "city" => "Amsterdam",
        "country" => "NL",
        "houseNumberOrName" => "1",
        "postalCode" => "1011DJ",
        "street" => "Infinite Loop"
    ),
    "browserInfo" => array(
        "userAgent" => "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A5370a Safari/604.1",
        "acceptHeader" => "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
    ),
    "amount" => array(
        "currency" => "EUR",
        "value" => 1000
    ),
    "channel" => "iOS",
    "reference" => "YOUR_ORDER_NUMBER",
    "shopperEmail" = "s.hopper@example.com",
    "returnUrl" => "my-app://",
    "merchantAccount" => "YOUR_MERCHANT_ACCOUNT"
);
$result = $service->payments($params);

# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen.Adyen()
adyen.payment.client.platform = "test"
adyen.client.xapikey = 'YOUR_X-API-KEY'

# STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
paymentMethod = STATE_DATA

result = adyen.checkout.payments({
    'authenticationData': {
        'threeDSRequestData': {
            'nativeThreeDS': 'preferred'
        }
    },
    'paymentMethod': paymentMethod,
    'billingAddress': {
        'street': 'Infinite Loop',
        'houseNumberOrName': '1',
        'postalCode': '1011DJ',
        'city': 'Amsterdam',
        'country': 'NL'
    },
    'browserInfo': {
        'userAgent':  'Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A5370a Safari/604.1',
        'acceptHeader': 'text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8',

    },
    'amount': {
        'value': 1000,
        'currency': 'EUR'
    },
    'channel': 'iOS',
    'reference': 'YOUR_ORDER_NUMBER',
    'shopperEmail': 's.hopper@example.com',
    'returnUrl': 'my-app://',
    'merchantAccount': 'YOUR_MERCHANT_ACCOUNT'
})

// Set your X-API-KEY with the API key from the Customer Area.
string apiKey = "YOUR_X-API-KEY";
var client = new Client (apiKey, Environment.Test);
var checkout = new Checkout(client);
var amount = new Adyen.Model.Checkout.Amount("EUR", 1000);
var threeDSRequestData = new Adyen.Model.Checkout.ThreeDSRequestData
{
    NativeThreeDS = "preferred"
}
var paymentRequest = new Adyen.Model.Checkout.PaymentRequest
{
// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
    AuthenticationData = new Model.Checkout.AuthenticationData
    {
        ThreeDSRequestData = threeDSRequestData
    },
    PaymentMethod = STATE_DATA,
    BillingAddress = new Model.Checkout.Address
    {
        City = "Amsterdam",
        Country = "NL",
        HouseNumberOrName = "1",
        PostalCode = "1011DJ",
        Street = "Infinite Loop"
    },
    BrowserInfo = new Model.Checkout.BrowserInfo
    {
        UserAgent = @"Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A5370a Safari/604.1",
        AcceptHeader = @"text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8"

    },
    Amount = amount,
    Channel = PaymentMethodsRequest.ChannelEnum.iOS
    Reference = "YOUR_ORDER_NUMBER",
    ShopperEmail = "s.hopper@example.com",
    ReturnUrl = @"my-app://",
};
var paymentResponse = checkout.Payment(paymentRequest);

const {Client, Config, CheckoutAPI} = require('@adyen/api-library');
const config = new Config();
// Set your X-API-KEY with the API key from the Customer Area.
config.apiKey = '[YOUR_X-API-KEY]';
config.merchantAccount = '[YOUR_MERCHANT_ACCOUNT]';
const client = new Client({ config });
client.setEnvironment("TEST");
const checkout = new CheckoutAPI(client);
checkout.payments({
    merchantAccount: config.merchantAccount,
// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
    paymentMethod: STATE_DATA,
    authenticationData: {
        threeDSRequestData: { nativeThreeDS: "preferred"}
    },
    browserInfo:{
        userAgent: "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A5370a Safari/604.1",
        acceptHeader: "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
    },
    billingAddress: {
        city: "Amsterdam",
        country: "NL",
        houseNumberOrName: "1",
        postalCode: "1011DJ",
        street: "Infinite Loop"
    },
    amount: { currency: "EUR", value: 1000, },
    channel: "iOS",
    reference: "YOUR_ORDER_NUMBER",
    shopperEmail: "s.hopper@example.com",
    returnUrl: "my-app://",
}).then(res => res);

https://docs.adyen.com/online-payments/3d-secure/native-3ds2/ios-component#payments-request-3ds-native-mobile

Your next steps depend on whether the /payments response contains an action object, and on the action.type. Choose your API version:

`action.type`	Description	Next steps
No `action` object	The transaction was either exempted or out-of-scope for 3D Secure 2 authentication.	Use the `resultCode` to present the payment result to your shopper.
threeDS2	The payment qualifies for 3D Secure 2, and will go through the authentication flow.	1. Pass the `action` object to your client app to perform the authentication flow. 2. Submit the challenge result.
redirect	The payment is routed to the 3D Secure 2 redirect flow.	1. Pass the `action` object to your client app 2. Handle the redirect result.

The following example shows a /payments response with action.type: threeDS2

{
    "action":{
        "type":"threeDS2",
        "subtype": "fingerprint",
        "paymentData":"Ab02b4c0!BQABAgCuZFJrQOjSsl\/zt+...",
        "paymentMethodType":"scheme",
        "token":"eyJ0aHJlZURTTWV0aG9kTm90aWZpY..."
    },
    "resultCode":"IdentifyShopper",
    ...
}

https://docs.adyen.com/online-payments/3d-secure/native-3ds2/web-drop-in#-payments-response-with-action

Use the 3D Secure 2 Component

Use the 3D Secure 2 Component to perform the 3D Secure 2 authentication flows, and receive the information that you need to submit in your next API request.

Create and persist an instance of the 3D Secure 2 Component.

let component = ThreeDS2Component(apiContext: apiContext)
component.delegate = self
component.presentationDelegate = presentationDelegate
self.threeDS2Component = component

Pass the action object from the /payments (or the /payments/details) response.

let action = try JSONDecoder().decode(Action.self, from: actionData)
threeDS2Component.handle(action)

After completing the required authentication, the Component invokes the didProvide method from the ActionComponentDelegate. Get the contents of data.details and data.paymentData, and pass this to your server. Dismiss the Component immediately, or wait until you have submitted the details to your server.
```
func didSubmit(_ data: ActionComponentData, from component: ActionComponent)
```
In case an error occurs on the app, the Component invokes the didFail method from the ActionComponentDelegate. Dismiss the Component's view controller and display an error message.
```
func didFail(with error: Error, from component: ActionComponent)
```
From your server, make a /payments/details request, specifying:
- paymentData: The data.paymentData from the didProvide method from your client app. Not required for Checkout API v67 and above.
- details: The data.details from the didProvide method from your client app.

curl https://checkout-test.adyen.com/v69/payments/details \
-H "x-API-key: YOUR_X-API-KEY" \
-H "content-type: application/json" \
-d '{hint:object passed from the front end or client app}STATE_DATA{/hint}'

require 'adyen-ruby-api-library'

# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen::Client.new
adyen.env = :test
adyen.api_key = "YOUR_X-API-KEY"

# STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
request = STATE_DATA 
response = adyen.checkout.payments.details(request)  

# Check if further action is needed.
if response.body.has_key(:action)
   # Pass the action object to your frontend
   puts response.body[:action]
else
   # No further action needed, pass the resultCode to your frontend
   puts response.body[:resultCode]
end

// Set your X-API-KEY with the API key from the Customer Area.
String xApiKey = "YOUR_X-API-KEY";
Client client = new Client(xApiKey,Environment.TEST);
Checkout checkout = new Checkout(client);
// STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
PaymentsDetailsRequest paymentsDetailsRequest = STATE_DATA;
PaymentsResponse paymentsDetailsResponse = checkout.paymentsDetails(paymentsDetailsRequest);

// Set your X-API-KEY with the API key from the Customer Area.
$client = new \Adyen\Client();
$client->setEnvironment(\Adyen\Environment::TEST);
$client->setXApiKey("YOUR_X-API-KEY");
$service = new \Adyen\Service\Checkout($client);

// STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
$params = STATE_DATA;
$result = $service->paymentsDetails($params);

// Check if further action is needed
if (array_key_exists("action", $result)){
   // Pass the action object to your frontend.
   // $result["action"]
}
else {
   // No further action needed, pass the resultCode to your front end
   // $result['resultCode']
}

# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen.Adyen()
adyen.payment.client.platform = "test"
adyen.client.xapikey = 'YOUR_X-API-KEY'

# STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
request = STATE_DATA
result = adyen.checkout.payments_details(request)

# Check if further action is needed.
if 'action' in result.message:
   # Pass the action object to your front end
   # result.message['action']
else:
   # No further action needed, pass the resultCode to your front end
   # result.message['resultCode']

// Set your X-API-KEY with the API key from the Customer Area.
string apiKey = "YOUR_X-API-KEY";
var client = new Client (apiKey, Environment.Test);
var checkout = new Checkout(client);
// STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
var paymentsDetailsRequest = STATE_DATA;
var paymentsDetailsResponse = checkout.PaymentsDetails(paymentsDetailsRequest);

const {Client, Config, CheckoutAPI} = require('@adyen/api-library');
const config = new Config();
// Set your X-API-KEY with the API key from the Customer Area.
config.apiKey = '[YOUR_X-API-KEY]';
const client = new Client({ config });
client.setEnvironment("TEST");
const checkout = new CheckoutAPI(client);
// STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
checkout.paymentsDetails(STATE_DATA).then(res => res);

https://docs.adyen.com/online-payments/3d-secure/native-3ds2/ios-component#details-request-component-3ds

Your next steps depend on whether the /payments/details response contains an action object.

If you receive an action object, store the action.paymentData on your server - you'll need this when making a /payments/details request later.

`action.type`	Description	Next steps
No `action` object	The 3D Secure 2 authentication process has been completed.	Use the `resultCode` from the /payments response to present the payment result to your shopper.
threeDS2Challenge	The issuer requires further shopper interaction and is initiating a challenge flow.	1. Pass the `action` object to your client app. 2. Go back to step 2 to initiate the challenge process and submit authentication results.

Customizing the UI for 3D Secure 2

The Component inherits your app's theme to ensure the UI of the challenge flow fits your app's look and feel. For more UI customizations, use the customization options provided in the appearanceConfiguration property.

For more information on iOS Components classes, refer to our Reference documentation.

Present the payment result

Use the resultCode from the /payments or /payments/details response to present the payment result to your shopper. You will also receive the outcome of the payment asynchronously in a notification webhook.

For card payments, you can receive the following resultCode values:

resultCode	Description	Action to take
Authorised	The payment was successful.	Inform the shopper that the payment has been successful. If you are using manual capture, you also need to capture the payment.
Cancelled	The shopper cancelled the payment.	Ask the shopper if they want to continue with the order, or ask them to select a different payment method.
Error	There was an error when the payment was being processed. For more information, check the `refusalReason` field.	Inform the shopper that there was an error processing their payment.
Refused	The payment was refused. For more information, check the `refusalReason` field.	Ask the shopper to try the payment again using a different payment method.

Test and go live

Use our test card numbers to test how your integration handles different 3D Secure 2 authentication scenarios.

Are you looking for test card numbers?

Would you like to contact support?