Are you looking for test card numbers?

Would you like to contact support?

Default icon

Redirect 3DS Components integration

Support cards with 3D Secure authentication through a redirect on your website.

Use our Components to render the available cards in your payment form, collect any sensitive card information, and redirect the shopper to perform 3D Secure 1 or 3D Secure 2 authentication, depending on which version the issuer supports.

When adding card payments with redirect 3D Secure authentication to your integration, you need to:

  1. Configure the Component to collect the card holder name.
  2. Provide the required 3D Secure parameters when making a payment request.
  3. Use createFromAction to handle the redirect.

Before you begin

This page explains how to add to your existing Web Components integration. The Web Components integration works the same way for all payment methods. If you haven't done this integration yet, refer to our Components integration guide.

Before starting your integration:

  1. Make sure that you have set up your back end implementation, and created an instance of AdyenCheckout.
  2. Add in your Customer Area.
  3. If you are using 3D Secure for PSD2 compliance, read our comprehensive PSD2 SCA guide.

Show the available cards in your payment form

For information about the supported countries and currencies for each card, refer to Payment methods.

To show the Card Component in your payment form:

  1. Specify in your /paymentMethods request a combination of countryCode and amount.currency. This is used to determine which cards are available to the shopper.

When the shopper is entering their card details, Card Component tries to recognize the card brand. When successful, the Component renders the brand icon and the corresponding input field for the card security code (CVC, CVV, or CID).

  1. Add the Card Component:

    a. Create a DOM element for cards, placing it where you want the card form to be rendered:

    <div id="card-container"></div>

    b. Create an instance of the Card Component, and mount it.

Collect additional parameters in your payment form

For higher authentication rates, we strongly recommend that you collect the card holder name, billing address, and email address for payments with 3D Secure authentication.

Configure Component

When creating an instance of Component, you can optionally specify the following fields:

Field Description Default
hasHolderName Set to true to show the input field for the card holder name. false
holderNameRequired Set to true to make the card holder name a required field. To show the field, you additionally need to set hasHolderName to true. false
enableStoreDetails Set to true to show the checkbox for saving the card details for recurring payments. false
name String that is used to display the payment method name to the shopper. Depends on the shopperLocale specified in /paymentMethods request.
billingAddressRequired v 3.5.0 Set to true to collect the shopper's billing address. false
const card = checkout.create("card", {
    // Optional configuration
    enableStoreDetails: true,
    hasHolderName: true,
    holderNameRequired: true,
    billingAddressRequired: true, // Optional. Set to true to show the billing address input fields.
    brands: ["visa", "amex"],
    onBrand: handleOnBrand // Your function for handling onBrand event
    data : {
        holderName: 'S. Hopper'

You can also customize your shopper's experience with optional configuration parameters and specific events.

Collect shopper email in your payment form

We also recommend that you collect the shopper email in advance in your payment form. Deliver this parameter to your backend when making a payment as it is required by the card schemes.

Make a payment

From your server, make a /payments request, specifying:

Parameter name Required Description
paymentMethod -white_check_mark- The object from the onChange event.
browserInfo -white_check_mark- The object from the onChange event.
channel -white_check_mark- Set to web.
origin -white_check_mark- The origin URL of the page where you are rendering the Component. This should not include subdirectories and a trailing slash. For example, if you are rendering the Component on, specify as the origin.
You can get the origin by opening the browser console and calling window.location.origin. The origin can be a maximum of 80 characters.
returnUrl -white_check_mark- The URL where the shopper will be redirected back to after completing 3D Secure authentication. The URL should include the protocol http:// or https://. For example, You can also include your own additional query parameters, for example, shopper ID or order reference number. The return URL must not include // (double slash) after the top-level domain. Although you can use a maximum of 1024 characters, we recommend that you keep the number of characters as small as possible.
billingAddress The object from the onChange event.
shopperEmail The cardholder's email address.
shopperIP The shopper's IP address.

For higher authorisation rates, we recommend that you send additional parameters.

For channel Web, we recommend including these additional parameters: billingAddress, shopperEmail, and shopperIP.

curl \
-H "X-API-key: [Your API Key here]" \
-H "Content-Type: application/json" \
-d '{
   "{ from onSubmit}paymentMethod{/hint}":{
      "holderName":"S. Hopper"
   "{ from onSubmit}browserInfo{/hint}":{
      "userAgent":"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36",
   "{ from onSubmit}billingAddress{/hint}": {
       "street": "Infinite Loop",
       "houseNumberOrName": "1",
       "postalCode": "1011DJ",
       "city": "Amsterdam",
       "country": "NL"
require 'adyen-ruby-api-library'

# Set your X-API-KEY with the API key from the Customer Area.
adyen =
adyen.env = :test
adyen.api_key = "YOUR_X-API-KEY"

response = adyen.checkout.payments({
    :paymentMethod => {     # Data object passed from Component, parsed from JSON to a Hash.
        :type => "scheme",
        :encryptedCardNumber => "adyenjs_0_1_18$k7s65M5V0KdPxTErhBIPoMPI8HlC..",
        :encryptedExpiryMonth => "adyenjs_0_1_18$p2OZxW2XmwAA8C1Avxm3G9UB6e4..",
        :encryptedExpiryYear => "adyenjs_0_1_18$CkCOLYZsdqpxGjrALWHj3QoGHqe+..",
        :encryptedSecurityCode => "adyenjs_0_1_24$XUyMJyHebrra/TpSda9fha978+..",
        :holderName => "S. Hopper"
    :billingAddress => {
        :city => "Amsterdam",
        :country => "NL",
        :houseNumberOrName => "1",
        :postalCode => "1011DJ",
        :street => "Infinite Loop"
    :browserInfo => {        # Data object passed from the onSubmit event, parsed from JSON to a Hash.
        :userAgent =>  "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36",
        :acceptHeader => "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
        :language => "nl-NL",
        :colorDepth => 24,
        :screenHeight => 723,
        :screenWidth => 1536,
        :timeZoneOffset => 0,
        :javaEnabled => "true"
    :amount => {
        :currency => 'EUR',
        :value => 1000
    :channel => 'Web',
    :reference => 'YOUR_ORDER_NUMBER',
    :shopperEmail => "",
    :shopperIP => "",
    :origin => "",
    :returnUrl => '',
    :merchantAccount => 'YOUR_MERCHANT_ACCOUNT'
// Set your X-API-KEY with the API key from the Customer Area.
String xApiKey = "YOUR_X-API-KEY";
Client client = new Client(xApiKey,Environment.TEST);
Checkout checkout = new Checkout(client);
PaymentsRequest paymentsRequest = new PaymentsRequest();
DefaultPaymentMethodDetails paymentMethodDetails = new DefaultPaymentMethodDetails();
paymentMethodDetails.setHolderName("S. Hopper");

Amount amount = new Amount();
Address billingAddress = new Address();
billingAddress.setStreet("Infinite Loop");

BrowserInfo browserInfo = new BrowserInfo();
browserInfo.setUserAgent("Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36");
{ % REQUEST_INSTANCE % }.setChannel({ % REQUEST_CLASS % }.ChannelEnum.Web);
PaymentsResponse paymentsResponse = checkout.payments(paymentsRequest);
// Set your X-API-KEY with the API key from the Customer Area.
$client = new \Adyen\Client();
$service = new \Adyen\Service\Checkout($client);

$params = array(
    "paymentMethod" => {
        "type" => "scheme",
        "encryptedCardNumber" => "adyenjs_0_1_18$k7s65M5V0KdPxTErhBIPoMPI8HlC..",
        "encryptedExpiryMonth" => "adyenjs_0_1_18$p2OZxW2XmwAA8C1Avxm3G9UB6e4..",
        "encryptedExpiryYear" => "adyenjs_0_1_18$CkCOLYZsdqpxGjrALWHj3QoGHqe+..",
        "encryptedSecurityCode" => "adyenjs_0_1_24$XUyMJyHebrra/TpSda9fha978+..",
        "holderName" => "S. Hopper"
    "billingAddress" => [
        "city" => "Amsterdam",
        "country" => "NL",
        "houseNumberOrName" => "1",
        "postalCode" => "1011DJ",
        "street" => "Infinite Loop"
    "browserInfo" => [
        "userAgent" => "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36",
        "acceptHeader" => "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
        "language" => "nl-NL",
        "colorDepth" => 24,
        "screenHeight" => 723,
        "screenWidth" => 1536,
        "timeZoneOffset" => 0,
        "javaEnabled" => true
    "amount" => array(
        "currency" => "EUR",
        "value" => 1000
    "channel" => "Web",
    "reference" => "YOUR_ORDER_NUMBER",
    "shopperEmail" = "",
    "shopperIP" => "",
    "origin" => "",
    "returnUrl" => "",
    "merchantAccount" => "YOUR_MERCHANT_ACCOUNT"
$result = $service->payments($params);
# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen.Adyen()
adyen.payment.client.platform = "test"
adyen.client.xapikey = 'YOUR_X-API-KEY'

result = adyen.checkout.payments({
    'paymentMethod': {
        'type': 'scheme',
        'encryptedCardNumber': 'adyenjs_0_1_18$k7s65M5V0KdPxTErhBIPoMPI8HlC..',
        'encryptedExpiryMonth': 'adyenjs_0_1_18$p2OZxW2XmwAA8C1Avxm3G9UB6e4..',
        'encryptedExpiryYear': 'adyenjs_0_1_18$CkCOLYZsdqpxGjrALWHj3QoGHqe+..',
        'encryptedSecurityCode': 'adyenjs_0_1_24$XUyMJyHebrra/TpSda9fha978+..',
        'holderName': 'S. Hopper'
    'billingAddress': {
        'street': 'Infinite Loop',
        'houseNumberOrName': '1',
        'postalCode': '1011DJ',
        'city': 'Amsterdam',
        'country': 'NL'
    'browserInfo': {
        'userAgent':  'Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36',
        'acceptHeader': 'text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8',
        'language': 'nl-NL',
        'colorDepth': 24,
        'screenHeight': 723,
        'screenWidth': 1536,
        'timeZoneOffset': 0,
        'javaEnabled': 'true'
    'amount': {
        'value': 1000,
        'currency': 'EUR'
    'channel': 'Web',
    'reference': 'YOUR_ORDER_NUMBER',
    'shopperEmail': '',
    "shopperIP": "",
    "origin": "",
    'returnUrl': '',
    'merchantAccount': 'YOUR_MERCHANT_ACCOUNT'
// Set your X-API-KEY with the API key from the Customer Area.
string apiKey = "YOUR_X-API-KEY";
var client = new Client (apiKey, Environment.Test);
var checkout = new Checkout(client);
var amount = new Adyen.Model.Checkout.Amount("EUR", 1000);
var paymentRequest = new Adyen.Model.Checkout.PaymentRequest
    PaymentMethod = new DefaultPaymentMethodDetails
        EncryptedCardNumber = "adyenjs_0_1_18$k7s65M5V0KdPxTErhBIPoMPI8HlC..",
        EncryptedExpiryMonth = "adyenjs_0_1_18$p2OZxW2XmwAA8C1Avxm3G9UB6e4..",
        EncryptedExpiryYear = "adyenjs_0_1_18$CkCOLYZsdqpxGjrALWHj3QoGHqe+..",
        EncryptedSecurityCode = "adyenjs_0_1_24$XUyMJyHebrra/TpSda9fha978+..",
        HolderName = "S. Hopper",
        Type = "scheme"
    BillingAddress = new Model.Checkout.Address
        City = "Amsterdam",
        Country = "NL",
        HouseNumberOrName = "1",
        PostalCode = "1011DJ",
        Street = "Infinite Loop"
    BrowserInfo = new Model.Checkout.BrowserInfo
        UserAgent = @"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36",
        AcceptHeader = @"text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8"
        Language = "nl-NL",
        ColorDepth = 24,
        ScreenHeight = 723,
        ScreenWidth = 1536,
        TimeZoneOffset = 0,
        JavaEnabled = true
    Amount = amount,
    Channel = PaymentMethodsRequest.ChannelEnum.Web
    Reference = "YOUR_ORDER_NUMBER",
    ShopperEmail = "",
    ShopperIP = "",
    Origin = "",
    ReturnUrl = @"",
var paymentResponse = checkout.Payment(paymentRequest);
const {Client, Config, CheckoutAPI} = require('@adyen/api-library');
const config = new Config();
// Set your X-API-KEY with the API key from the Customer Area.
config.apiKey = '[YOUR_X-API-KEY]';
config.merchantAccount = '[YOUR_MERCHANT_ACCOUNT]';
const client = new Client({ config });
const checkout = new CheckoutAPI(client);
    merchantAccount: config.merchantAccount,
    paymentMethod: {
        type: "scheme",
        encryptedCardNumber: "adyenjs_0_1_18$k7s65M5V0KdPxTErhBIPoMPI8HlC..",
        encryptedExpiryMonth: "adyenjs_0_1_18$p2OZxW2XmwAA8C1Avxm3G9UB6e4..",
        encryptedExpiryYear: "adyenjs_0_1_18$CkCOLYZsdqpxGjrALWHj3QoGHqe+..",
        encryptedSecurityCode: "adyenjs_0_1_24$XUyMJyHebrra/TpSda9fha978+..",
        holderName: "S. Hopper"
        userAgent: "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.110 Safari\/537.36",
        acceptHeader: "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
        language: "nl-NL",
        colorDepth: 24,
        screenHeight: 723,
        screenWidth: 1536,
        timeZoneOffset: 0,
        javaEnabled: true
    billingAddress: {
        city: "Amsterdam",
        country: "NL",
        houseNumberOrName: "1",
        postalCode: "1011DJ",
        street: "Infinite Loop"
    amount: { currency: "EUR", value: 1000, },
    channel: "Web",
    reference: "YOUR_ORDER_NUMBER",
    shopperEmail: "",
    shopperIP: "",
    origin: "",
    returnUrl: "",
}).then(res => res);

Your next steps depend on whether the /payments response contains an action object. Choose your API version:

Description Next steps
No action object The transaction was either exempted or out-of-scope for 3D Secure authentication. Use the resultCode to present the payment result to your shopper.
action object
The payment qualifies for 3D Secure. 1. Pass the action object to your front end.
2. Use createFromAction to handle the redirect.

A sample /payments response with action.type: redirect:

/payments response
        "resultCode": "RedirectShopper",
        "action": {
          "paymentMethodType": "scheme",
          "url": "",
          "data": {
            "MD": "OEVudmZVMUlkWjd0MDNwUWs2bmhSdz09...",
            "PaReq": "eNpVUttygjAQ/RXbDyAXBYRZ00HpTH3wUosPfe...",
            "TermUrl": ""
          "method": "POST",
          "type": "redirect"

Handle the redirect

Step 1: Redirect the shopper

If you received action.type: redirect, use the Redirect Component to redirect your shopper.

Call createFromAction and pass the action object from the previous step. This will return a new Component that you need to mount:


The Component redirects the shopper to the issuer page (the action.url from the /payments response) to perform 3D secure authentication.

In our test environment, this is the page:, and you perform the authentication using the 3D Secure test credentials:

  • Username: user
  • Password: password

When the shopper completes authentication, the payment is authorized. The shopper is redirected back to the returnUrl from your /payments request, and you can make another API call to verify the payment result.

Step 2: Verify the payment result

The issuer (or our back end, if you're using the test environment) redirects the shopper back to the returnUrl from your /payments request. The redirect is via an HTTP GET and is appended with the Base64-encoded redirectResult.

If a shopper completed the payment but failed to return to your website, wait for the AUTHORISATION webhook to know the payment result.

GET /?shopperOrder=12xy...&&redirectResult=X6XtfGC3%21Y.... HTTP/1.1

To verify the payment result, make another API request with the redirectResult parameter:

  1. URL-decode the redirectResult, and pass it to your server.

  2. From your server, make a /payments/details request specifying:
    • details: Object that contains the decoded redirectResult.
/payments/details request
 curl \
 -H "x-API-key: YOUR_X-API-KEY" \
 -H "content-type: application/json" \
 -d '{
      "details": {
        "redirectResult": "eyJ0cmFuc1N0YXR1cyI6IlkifQ=="

The /payments/details response contains:

/payments/details response
     "resultCode": "Authorised",
     "pspReference": "V4HZ4RBFJGXXGN82"

Present the payment result

Use the resultCode from the /payments or /payments/details response to present the payment result to your shopper. You will also receive the outcome of the payment asynchronously in a notification webhook.

For card payments, you can receive the following resultCode values:

resultCode Description Action to take
Authorised The payment was successful. Inform the shopper that the payment has been successful.
If you are using manual capture, you also need to capture the payment.
Cancelled The shopper cancelled the payment. Ask the shopper whether they want to continue with the order, or ask them to select a different payment method.
Error There was an error when the payment was being processed. For more information, check the refusalReason field. Inform the shopper that there was an error processing their payment.
Refused The payment was refused. For more information, check the refusalReason field. Ask the shopper to try the payment again using a different payment method.

Test and go live

Use our test card numbers to test how your integration handles different 3D Secure authentication scenarios.

See also