Implementation examples
Node.js
Our Web Drop-in renders the available cards in your payment form, and securely collects any sensitive card information, so it doesn't touch your server. Drop-in also redirects the shopper to perform the 3D Secure 2 authentication.
Follow the instructions on this page if your integration uses the /payments or /payments/details endpoint, and Checkout API 49 or later.
If your integration uses only the /sessions endpoint, you do not need additional configuration for 3D Secure. If you are using Checkout API 46 or earlier, follow instructions in the 3D Secure 2 integration guide for v46 or earlier.
When adding card payments with redirect 3D Secure authentication to your integration, you additionally need to:
- Configure Drop-in to collect the card holder name.
- Provide the required 3D Secure parameters when making a payment request.
- Handle the redirect result after the shopper returns to your website.
Requirements
This page explains how to add cards with redirect 3D Secure authentication to an existing Web Drop-in integration. The Web Drop-in integration works the same way for all payment methods. If you haven't done this integration yet, refer to our Drop-in integration guide.
Before starting your integration:
- Make sure that you have set up your back end implementation, and added Drop-in to your payments form.
- Add the cards that you want to accept in your test Customer Area.
- If you are using 3D Secure for PSD2 compliance, read our comprehensive PSD2 SCA guide.
Show the available cards in your payment form
For information about the supported countries/regions and currencies for each card, refer to Payment methods.
Drop-in uses the combination of countryCode and amount.currency from your /paymentMethods request to show the available cards to your shopper.
When the shopper is entering their card details, Drop-in tries to recognize the card brand. When successful, Drop-in renders the brand icon and the corresponding input field for the card security code (CVC, CVV, or CID).
Collect additional parameters in your payment form
For higher authentication rates, we strongly recommend that you collect the card holder name, billing address, and email address for payments with 3D Secure authentication.
Configure Drop-in
When creating an instance of Drop-in, you can optionally specify the following fields:
Field | Description | Default |
---|---|---|
hasHolderName |
Set toĀ trueĀ to show the input field for the card holder name. | false |
holderNameRequired |
Set toĀ trueĀ to make the card holder name a required field. To show the field, you additionally need to set hasHolderName to true. |
false |
enableStoreDetails |
Set toĀ trueĀ to show the checkbox for saving the card details for recurring payments. | false |
name |
String that is used to display the payment method name to the shopper. | Depends on the shopperLocale specified in /paymentMethods request. |
billingAddressRequired |
false |
const dropin = checkout
.create('dropin', {
paymentMethodsConfiguration: {
card: { // Sample Drop-in configuration for 3D Secure
hasHolderName: true,
holderNameRequired: true,
enableStoreDetails: true,
name: 'Credit or debit card',
billingAddressRequired: true
},
...
}
})
.mount('#dropin');
You can also customize your shopper's experience with optional configuration parameters and specific events.
Collect shopper email in your payment form
We also recommend that you collect the shopper email in advance in your payment form. Deliver this parameter to your backend when making a payment, because it is required by the card schemes.
Make a payment
When the shopper selects to pay, Drop-in calls the onSubmit
event, which contains a state.data
.
- Pass the
state.data
to your server. -
From your server, make a /payments request, specifying:
Parameter name Required Description paymentMethod
The state.data.paymentMethod
object from theonSubmit
event.paymentMethod.holderName
Required for Visa The cardholder's name. browserInfo
The state.data.browserInfo
object from theonSubmit
event.channel
Set to Web. origin
The origin URL of the page where you are rendering the Drop-in. This should not include subdirectories and a trailing slash. For example, if you are rendering the Drop-in on https://your-company.com/checkout/payment
, specifyhttps://your-company.com
as the origin.
You can get the origin by opening the browser console and callingwindow.location.origin
. The origin can be a maximum of 80 characters.returnUrl
The URL where the shopper will be redirected back to after completing 3D Secure authentication. The URL should include the protocol http://
orhttps://
. For example,https://your-company.com/checkout/
. You can also include your own additional query parameters, for example, shopper ID or order reference number. The return URL must not include//
(double slash) after the top-level domain. Although you can use a maximum of 1024 characters, we recommend that you keep the number of characters as small as possible.billingAddress
The state.data.billingAddress
object from theonSubmit
event.shopperIP Required for Visa The shopper's IP address. shopperEmail
Required for Visa The cardholder's email address. shopperEmail
or a phone number is required for Visa.threeDS2requestData.homePhone
threeDS2RequestData.workPhone
threeDS2RequestData.mobilePhone
Required for Visa A phone number for the shopper, include one of these fields. shopperEmail
or a phone number is required for Visa.
For higher authorisation rates, we recommend that you send additional parameters.
Your next steps depend on whether the /payments response contains an action
object. Choose your API version:
Handle the redirect
Drop-in uses dropin.handleAction(action)
to redirect the shopper to a page where we render the issuer's DOM element (the action.url
from the /payments response) to perform 3D Secure authentication.
In our test environment, this is the page: https://checkoutshopper-test.adyen.com/checkoutshopper/identifyShopper.shtml
, and you perform the authentication using the 3D Secure test credentials:
- Username: user
- Password: password
Handle the redirect result
Present the payment result
Use theĀ resultCode from the /payments or /payments/details response to present the payment result to your shopper. You will also receive the outcome of the payment asynchronously in a webhook.
For card payments, you can receive the following resultCode
values:
resultCode | Description | Action to take |
---|---|---|
Authorised | The payment was successful. | Inform the shopper that the payment has been successful. If you are using manual capture, you also need to capture the payment. |
Cancelled | The shopper cancelled the payment. | Ask the shopper if they want to continue with the order, or ask them to select a different payment method. |
Error | There was an error when the payment was being processed. For more information, check the
refusalReason
field. |
Inform the shopper that there was an error processing their payment. |
Refused | The payment was refused. For more information, check the
refusalReason
field. |
Ask the shopper to try the payment again using a different payment method. |
Test and go live
Use our test card numbers to test how your integration handles different 3D Secure authentication scenarios.