Native 3DS2 Drop-in integration

Add cards with native 3D Secure 2 authentication to an existing Drop-in integration.

Our Web Drop-in renders the available cards in your payment form, and securely collects any sensitive card information, so it doesn't touch your server. Drop-in also handles the 3D Secure 2 device fingerprinting and challenge flows, including the data exchange between your front end and the issuer's Access Control Server (ACS).

When making a card payment with native 3D Secure 2 authentication:

Configure Drop-in to collect the card holder name.
Provide additional parameters when making a payment request.
Submit authentication result if you receive an action object in response to your /payments or /payments/details request.
Handle the redirect result if the payment was routed to the 3D Secure 1 flow.

This page describes the integration steps for v3.1.0 or later of Web Drop-in. If you are using an earlier version, refer to an earlier version of this integration guide.

Before you begin

This page explains how to add cards with native 3D Secure 2 authentication to your existing Web Drop-in integration. The Web Drop-in integration works the same way for all payment methods. If you haven't done this integration yet, refer to our Drop-in integration guide.

Before starting your integration:

Make sure that you have set up your back end implementation, and added Drop-in to your payments form.
Add the cards that you want to accept in your test Customer Area.

Show the available cards in your payment form

For information about the supported countries and currencies for each card, refer to Payment methods.

Drop-in uses the combination of countryCode and amount.currency from your /paymentMethods request to show the available cards to your shopper.

When the shopper is entering their card details, Drop-in tries to recognize the card brand. When successful, Drop-in renders the brand icon and the corresponding input field for the card security code (CVC, CVV, or CID).

Collect additional parameters in your payment form

For higher authentication rates, we strongly recommend that you collect the card holder name, billing address, and email address for payments with 3D Secure authentication.

Configure Drop-in

When creating an instance of Drop-in, you can optionally specify:

Field	Description	Default
`hasHolderName`	Set to true to show the input field for the card holder name.	false
`holderNameRequired`	Set to true to make the card holder name a required field. To show the field, you additionally need to set `hasHolderName` to true.	false
`enableStoreDetails`	Set to true to show the check box for saving the card details for recurring payments.	false
`name`	String that is used to display the payment method name to the shopper.	Depends on the `shopperLocale` specified in `/paymentMethods` request.
`billingAddressRequired`	Set to true to collect the shopper's billing address.	false

const dropin = checkout
   .create('dropin', {
       paymentMethodsConfiguration: {
           card: { // Sample Drop-in configuration for 3D Secure
               hasHolderName: true,
               holderNameRequired: true,
               enableStoreDetails: true,
               name: 'Credit or debit card',
               billingAddressRequired: true
           },
           ...
       }
   })
   .mount('#dropin');

You can also customize your shopper's experience with optional configuration parameters and specific events.

Collect shopper email in your payment form

We also recommend that you collect the shopper email in advance in your payment form. Deliver this parameter to your backend when making a payment as it is required by the card schemes.

Make a payment

When the shopper selects to pay, Drop-in calls the onSubmit event, which contains a state.data.

Pass the state.data to your server.

From your server, make a /payments request, specifying:

Parameter name	Required	Description
`paymentMethod`		The `state.data.paymentMethod` object from the `onSubmit` event.
`browserInfo`		The `state.data.browserInfo` object from the `onSubmit` event.
`additionalData.allow3DS2`		Set to `true`.
`channel`		Set to Web.
`origin`		The origin URL of the page where you are rendering the Drop-in. This can be a maximum of 80 characters and should not include subdirectories and a trailing slash. For example, if you are rendering the Drop-in on `https://your-company.com/checkout/payment`, specify: `https://your-company.com`. To get the origin: Open the browser console and call `window.location.origin`.
`returnUrl`		In case of a 3D Secure 1 flow, this is the URL where the shopper is redirected back to after completing 3D Secure 1 authentication. The URL should include the protocol: `http://` or `https://`. For example, `https://your-company.com/checkout/`. You can also include your own additional query parameters, for example, shopper ID or order reference number.
`billingAddress`		The `state.data.billingAddress` object from the `onSubmit` event.
`shopperEmail`		The cardholder's email address.
`shopperIP`		The shopper's IP address.

For higher authorisation rates, we recommend that you send additional parameters.

For channel Web, we recommend including these additional parameters: billingAddress, shopperEmail, and shopperIP.

https://docs.adyen.com/online-payments/3d-secure/native-3ds2/web-drop-in#payments-3ds-native

curl https://checkout-test.adyen.com/v66/payments \
-H "X-API-key: [Your API Key here]" \
-H "Content-Type: application/json" \
-d '{
   "amount":{
      "currency":"EUR",
      "value":1000
   },
   "reference":"YOUR_ORDER_NUMBER",
   "shopperReference":"YOUR_UNIQUE_SHOPPER_ID",
   "{hint:state.data.paymentMethod from onSubmit}paymentMethod{/hint}":{
      "type":"scheme",
      "encryptedCardNumber":"adyenjs_0_1_18$k7s65M5V0KdPxTErhBIPoMPI8HlC..",
      "encryptedExpiryMonth":"adyenjs_0_1_18$p2OZxW2XmwAA8C1Avxm3G9UB6e4..",
      "encryptedExpiryYear":"adyenjs_0_1_18$CkCOLYZsdqpxGjrALWHj3QoGHqe+..",
      "encryptedSecurityCode":"adyenjs_0_1_24$XUyMJyHebrra/TpSda9fha978+..",
      "holderName":"S. Hopper"
   },
   "additionalData":{
      "allow3DS2":true
   },
   "{hint:state.data.browserInfo from onSubmit}browserInfo{/hint}":{
      "userAgent":"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36",
      "acceptHeader":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
      "language":"nl-NL",
      "colorDepth":24,
      "screenHeight":723,
      "screenWidth":1536,
      "timeZoneOffset":0,
      "javaEnabled":true
   },
   "{hint:state.data.billingAddress from onSubmit}billingAddress{/hint}": {
       "street": "Infinite Loop",
       "houseNumberOrName": "1",
       "postalCode": "1011DJ",
       "city": "Amsterdam",
       "country": "NL"
  },
   "shopperEmail":"s.hopper@example.com",
   "shopperIP":"192.0.2.1",
   "channel":"web",
   "origin":"https:your-company.com",
   "returnUrl":"https://your-company.com/checkout?shopperOrder=12xy..",
   "merchantAccount":"YOUR_MERCHANT_ACCOUNT"
}'

require 'adyen-ruby-api-library'

# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen::Client.new
adyen.env = :test
adyen.api_key = "YOUR_X-API-KEY"

# STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
paymentMethod = STATE_DATA

response = adyen.checkout.payments({
    :additionalData => {
        :allow3DS2 => "true"
  },
    :paymentMethod => paymentMethod,
    :billingAddress => {
        :city => "Amsterdam",
        :country => "NL",
        :houseNumberOrName => "1",
        :postalCode => "1011DJ",
        :street => "Infinite Loop"
  },
    :browserInfo => {        # Data object passed from the onSubmit event, parsed from JSON to a Hash.
        :userAgent =>  "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36",
        :acceptHeader => "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
        :language => "nl-NL",
        :colorDepth => 24,
        :screenHeight => 723,
        :screenWidth => 1536,
        :timeZoneOffset => 0,
        :javaEnabled => "true"
  },
    :amount => {
        :currency => 'EUR',
        :value => 1000
    },
    :channel => 'Web',
    :reference => 'YOUR_ORDER_NUMBER',
    :shopperEmail => "s.hopper@example.com",
    :shopperIP => "192.0.2.1",
    :origin => "https:your-company.com",
    :returnUrl => 'https://your-company.com/checkout?shopperOrder=12xy..',
    :merchantAccount => 'YOUR_MERCHANT_ACCOUNT'
})

// Set your X-API-KEY with the API key from the Customer Area.
String xApiKey = "YOUR_X-API-KEY";
Client client = new Client(xApiKey,Environment.TEST);
Checkout checkout = new Checkout(client);
PaymentsRequest paymentsRequest = new PaymentsRequest();
paymentsRequest.setMerchantAccount("YOUR_MERCHANT_ACCOUNT");
// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
  Map<String, String> additionalData = new HashMap<>();
  additionalData.put("allow3DS2", "true");

  paymentsRequest.setAdditionalData(additionalData);
paymentsRequest.setPaymentMethod(STATE_DATA)
Amount amount = new Amount();
amount.setCurrency("EUR");
amount.setValue(1000L);
paymentsRequest.setAmount(amount);
Address billingAddress = new Address();
billingAddress.setCity("Amsterdam");
billingAddress.setCountry("NL");
billingAddress.setHouseNumberOrName("1");
billingAddress.setPostalCode("1011DJ");
billingAddress.setStreet("Infinite Loop");

paymentsRequest.setBillingAddress(billingAddress);
BrowserInfo browserInfo = new BrowserInfo();
browserInfo.setUserAgent("Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36");
browserInfo.setAcceptHeader("text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8");
browserInfo.setLanguage("nl-NL");
browserInfo.setColorDepth(24);
browserInfo.setScreenHeight(723);
browserInfo.setScreenWidth(1536);
browserInfo.setTimeZoneOffset(0);
browserInfo.setJavaEnabled(true);
{ % REQUEST_INSTANCE % }.setChannel({ % REQUEST_CLASS % }.ChannelEnum.Web);
paymentsRequest.setReference("YOUR_ORDER_NUMBER");
paymentsRequest.setShopperEmail("s.hopper@example.com");
paymentsRequest.setShopperIP("192.0.2.1");
paymentsRequest.setOrigin("https:your-company.com");
paymentsRequest.setReturnUrl("https://your-company.com/checkout?shopperOrder=12xy..");
PaymentsResponse paymentsResponse = checkout.payments(paymentsRequest);

// Set your X-API-KEY with the API key from the Customer Area.
$client = new \Adyen\Client();
$client->setEnvironment(\Adyen\Environment::TEST);
$client->setXApiKey("YOUR_X-API-KEY");
$service = new \Adyen\Service\Checkout($client);

// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
$paymentMethod = STATE_DATA;;

$params = array(
    "additionalData" => [
         "allow3DS2" => true
  ],
    "paymentMethod" => $paymentMethod,
    "billingAddress" => [
        "city" => "Amsterdam",
        "country" => "NL",
        "houseNumberOrName" => "1",
        "postalCode" => "1011DJ",
        "street" => "Infinite Loop"
  ],
    "browserInfo" => [
        "userAgent" => "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36",
        "acceptHeader" => "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
        "language" => "nl-NL",
        "colorDepth" => 24,
        "screenHeight" => 723,
        "screenWidth" => 1536,
        "timeZoneOffset" => 0,
        "javaEnabled" => true
  ],
    "amount" => array(
        "currency" => "EUR",
        "value" => 1000
    ),
    "channel" => "Web",
    "reference" => "YOUR_ORDER_NUMBER",
    "shopperEmail" = "s.hopper@example.com",
    "shopperIP" => "192.0.2.1",
    "origin" => "https:your-company.com",
    "returnUrl" => "https://your-company.com/checkout?shopperOrder=12xy..",
    "merchantAccount" => "YOUR_MERCHANT_ACCOUNT"
);
$result = $service->payments($params);

# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen.Adyen()
adyen.payment.client.platform = "test"
adyen.client.xapikey = 'YOUR_X-API-KEY'

# STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
paymentMethod = STATE_DATA

result = adyen.checkout.payments({
    'additionalData': {
        'allow3DS2': 'true'
  },
    'paymentMethod': paymentMethod,
    'billingAddress': {
        'street': 'Infinite Loop',
        'houseNumberOrName': '1',
        'postalCode': '1011DJ',
        'city': 'Amsterdam',
        'country': 'NL'
  },
    'browserInfo': {
        'userAgent':  'Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36',
        'acceptHeader': 'text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8',
        'language': 'nl-NL',
        'colorDepth': 24,
        'screenHeight': 723,
        'screenWidth': 1536,
        'timeZoneOffset': 0,
        'javaEnabled': 'true'
  },
    'amount': {
        'value': 1000,
        'currency': 'EUR'
    },
    'channel': 'Web',
    'reference': 'YOUR_ORDER_NUMBER',
    'shopperEmail': 's.hopper@example.com',
    "shopperIP": "192.0.2.1",
    "origin": "https:your-company.com",
    'returnUrl': 'https://your-company.com/checkout?shopperOrder=12xy..',
    'merchantAccount': 'YOUR_MERCHANT_ACCOUNT'
})

// Set your X-API-KEY with the API key from the Customer Area.
string apiKey = "YOUR_X-API-KEY";
var client = new Client (apiKey, Environment.Test);
var checkout = new Checkout(client);
var amount = new Adyen.Model.Checkout.Amount("EUR", 1000);
var paymentRequest = new Adyen.Model.Checkout.PaymentRequest
{ 
// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
   AdditionalData = new Dictionary<string, string> { { "allow3DS2", "true" } },
    PaymentMethod = STATE_DATA,
    BillingAddress = new Model.Checkout.Address
    {
        City = "Amsterdam",
        Country = "NL",
        HouseNumberOrName = "1",
        PostalCode = "1011DJ",
        Street = "Infinite Loop"
    },
    BrowserInfo = new Model.Checkout.BrowserInfo
    {
        UserAgent = @"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36",
        AcceptHeader = @"text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8"
        Language = "nl-NL",
        ColorDepth = 24,
        ScreenHeight = 723,
        ScreenWidth = 1536,
        TimeZoneOffset = 0,
        JavaEnabled = true
    },
    Amount = amount,
    Channel = PaymentMethodsRequest.ChannelEnum.Web
    Reference = "YOUR_ORDER_NUMBER",
    ShopperEmail = "s.hopper@example.com",
    ShopperIP = "192.0.2.1",
    Origin = "https:your-company.com",
    ReturnUrl = @"https://your-company.com/checkout?shopperOrder=12xy..",
};
var paymentResponse = checkout.Payment(paymentRequest);

const {Client, Config, CheckoutAPI} = require('@adyen/api-library');
const config = new Config();
// Set your X-API-KEY with the API key from the Customer Area.
config.apiKey = '[YOUR_X-API-KEY]';
config.merchantAccount = '[YOUR_MERCHANT_ACCOUNT]';
const client = new Client({ config });
client.setEnvironment("TEST");
const checkout = new CheckoutAPI(client);
checkout.payments({ 
    merchantAccount: config.merchantAccount,
// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
    paymentMethod: STATE_DATA,
    additionalData : {
        allow3DS2: true
  },
    browserInfo:{
        userAgent: "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36",
        acceptHeader: "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
        language: "nl-NL",
        colorDepth: 24,
        screenHeight: 723,
        screenWidth: 1536,
        timeZoneOffset: 0,
        javaEnabled: true
  },
    billingAddress: {
        city: "Amsterdam",
        country: "NL",
        houseNumberOrName: "1",
        postalCode: "1011DJ",
        street: "Infinite Loop"
  },
    amount: { currency: "EUR", value: 1000, },
    channel: "Web",
    reference: "YOUR_ORDER_NUMBER",
    shopperEmail: "s.hopper@example.com",
    shopperIP: "192.0.2.1",
    origin: "https:your-company.com",
    returnUrl: "https://your-company.com/checkout?shopperOrder=12xy..",
}).then(res => res);

Your next steps depend on whether the /payments response contains an action object. Choose your API version:

Checkout API v66
Checkout API v67

`action.type`	Description	Next steps
No `action` object	The transaction was either exempted or out-of-scope for 3D Secure 2 authentication.	Use the `resultCode` to present the payment result to your shopper.
threeDS2Fingerprint	The payment qualifies for 3D Secure 2, and will go through either the frictionless or the challenge flow.	1. Pass the `action` object to your front end. 2. Submit the device fingerprinting result.
threeDS2Challenge	The payment qualifies for 3D Secure 2, and the issuer is initiating a challenge flow.	1. Pass the `action` object to your front end. 2. Submit the challenge result.
redirect	The payment is routed to the 3D Secure 1 flow, based on issuer performance.	1. Store `action.paymentData` on your server. 2. Pass the `action` object to your front end. 3. Handle the redirect result.

The following example shows a /payments response with action.type: threeDS2Fingerprint.

https://docs.adyen.com/online-payments/3d-secure/native-3ds2/web-drop-in#-payments-response

/payments response

   {
     "resultCode":"IdentifyShopper",
     "action":{
       "paymentData":"Ab02b4c0!BQABAgCuZFJrQOjSsl\/zt+...",
       "paymentMethodType":"scheme",
       "token":"eyJ0aHJlZURTTWV0aG9kTm90aWZpY...",
       "type":"threeDS2Fingerprint"
     },
     "authentication":{
       "threeds2.fingerprintToken":"eyJ0aHJlZURTTWV0aG9kTm90aWZpY..."
     },
     "details":[
       {
         "key":"threeds2.fingerprint",
         "type":"text"
       }
     ],
     ...
   }

`action.type`	Description	Next steps
No `action` object	The transaction was either exempted or out-of-scope for 3D Secure 2 authentication.	Use the `resultCode` to present the payment result to your shopper.
threeDS2	The payment qualifies for 3D Secure 2, and will go through the authentication flow.	1. Pass the `action` object to your front end to perform the authentication flow. 2. Submit the challenge result.
redirect	The payment is routed to the 3D Secure 1 flow, based on issuer performance.	1. Store `action.paymentData` on your server. 2. Pass the `action` object to your front end. 3. Handle the redirect result.

The following example shows a /payments response with action.type: threeDS2.

https://docs.adyen.com/online-payments/3d-secure/native-3ds2/web-drop-in#-payments-response

/payments response

   {
     "action":{
        "type":"threeDS2",
        "subtype": "fingerprint",
        "paymentData":"Ab02b4c0!BQABAgCuZFJrQOjSsl\/zt+...",
        "paymentMethodType":"scheme",
        "token":"eyJ0aHJlZURTTWV0aG9kTm90aWZpY..."
     },
     ...
   }

Drop-in uses dropin.handleAction(action) to perform the required authentication flow, and then calls the onAdditionalDetails event.

Get the state.data from the onAdditionalDetails event, and pass it to your server.
From your server, make a POST /payments/details request, specifying:
- details: The state.data.details from the onAdditionalDetails event.
- paymentData: The state.data.paymentData from the onAdditionalDetails event.

https://docs.adyen.com/online-payments/3d-secure/native-3ds2/web-drop-in#details-request-component-3ds

curl https://checkout-test.adyen.com/v66/payments/details \
-H "x-API-key: YOUR_X-API-KEY" \
-H "content-type: application/json" \
-d '{hint:object passed from the front end or client app}STATE_DATA{/hint}'

require 'adyen-ruby-api-library'

# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen::Client.new
adyen.env = :test
adyen.api_key = "YOUR_X-API-KEY"

# STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
request = STATE_DATA 
response = adyen.checkout.payments.details(request)  

# Check if further action is needed.
if response.body.has_key(:action)
   # Pass the action object to your frontend
   puts response.body[:action]
else
   # No further action needed, pass the resultCode to your frontend
   puts response.body[:resultCode]
end

// Set your X-API-KEY with the API key from the Customer Area.
String xApiKey = "YOUR_X-API-KEY";
Client client = new Client(xApiKey,Environment.TEST);
Checkout checkout = new Checkout(client);
// STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
PaymentsDetailsRequest paymentsDetailsRequest = STATE_DATA;
PaymentsResponse paymentsDetailsResponse = checkout.paymentsDetails(paymentsDetailsRequest);

// Set your X-API-KEY with the API key from the Customer Area.
$client = new \Adyen\Client();
$client->setEnvironment(\Adyen\Environment::TEST);
$client->setXApiKey("YOUR_X-API-KEY");
$service = new \Adyen\Service\Checkout($client);

// STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
$params = STATE_DATA;
$result = $service->paymentsDetails($params);

// Check if further action is needed
if (array_key_exists("action", $result)){
   // Pass the action object to your frontend.
   // $result["action"]
}
else {
   // No further action needed, pass the resultCode to your front end
   // $result['resultCode']
}

# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen.Adyen()
adyen.payment.client.platform = "test"
adyen.client.xapikey = 'YOUR_X-API-KEY'

# STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
request = STATE_DATA
result = adyen.checkout.payments_details(request)

# Check if further action is needed.
if 'action' in result.message:
   # Pass the action object to your front end
   # result.message['action']
else:
   # No further action needed, pass the resultCode to your front end
   # result.message['resultCode']

// Set your X-API-KEY with the API key from the Customer Area.
string apiKey = "YOUR_X-API-KEY";
var client = new Client (apiKey, Environment.Test);
var checkout = new Checkout(client);
// STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
var paymentsDetailsRequest = STATE_DATA;
var paymentsDetailsResponse = checkout.PaymentsDetails(paymentsDetailsRequest);

const {Client, Config, CheckoutAPI} = require('@adyen/api-library');
const config = new Config();
// Set your X-API-KEY with the API key from the Customer Area.
config.apiKey = '[YOUR_X-API-KEY]';
const client = new Client({ config });
client.setEnvironment("TEST");
const checkout = new CheckoutAPI(client);
// STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
checkout.paymentsDetails(STATE_DATA).then(res => res);

Your next steps depend on whether the /payments/details response contains an action object:

`action.type`	Description	Next steps
No `action` object	The 3D Secure 2 authentication process has been completed.	Use the `resultCode` to present the payment result to your shopper.
threeDS2Challenge	The issuer requires shopper interaction, and is initiating a challenge flow.	1. Pass the `action` object to your front end. 2. Get `state.data` from `onAdditionalDetails` to submit the challenge result and make another POST /payments/details request. 3. Continue to present the payment result.

Drop-in uses dropin.handleAction(action) to perform the required authentication flow. If the issuer requires shopper interaction, Drop-in presents the challenge screen. Drop-in then calls the onAdditionalDetails event.

Get the state.data from the onAdditionalDetails event, and pass it to your server.
From your server, make a POST /payments/details request, specifying:
- details: The state.data.details from the onAdditionalDetails event.
https://docs.adyen.com/online-payments/3d-secure/native-3ds2/web-drop-in#-payments-details-request
/payments/details request
curl https://checkout-test.adyen.com/v67/payments/details \ -H "x-API-key: YOUR_X-API-KEY" \ -H "content-type: application/json" \ -d '{ "details": { "threeDSResult": "eyJ0cmFuc1N0YXR1cyI6IlkifQ==" } }'

The /payments/details response has a resultCode. You will need it to present the payment result.

Present the payment result

Use the resultCode from the /payments or /payments/details response to present the payment result to your shopper. You will also receive the outcome of the payment asynchronously in a notification webhook.

For card payments, you can receive the following resultCode values:

resultCode	Description	Action to take
Authorised	The payment was successful.	Inform the shopper that the payment has been successful. If you are using manual capture, you also need to capture the payment.
Cancelled	The shopper cancelled the payment.	Ask the shopper whether they want to continue with the order, or ask them to select a different payment method.
Error	There was an error when the payment was being processed. For more information, check the `refusalReason` field.	Inform the shopper that there was an error processing their payment.
Refused	The payment was refused. For more information, check the `refusalReason` field.	Ask the shopper to try the payment again using a different payment method.

Test and go live

Use our test card numbers to test how your integration handles different 3D Secure 2 authentication scenarios.