Search

Are you looking for test card numbers?

Would you like to contact support?

Classic-integration icon

Authorise a payment with 3D Secure 2 authenticated data

Submit a payment authorisation with Adyen, using authentication data from a third-party 3D Secure 2 provider.

This page is for our classic Direct API (/authorise) integration. If you are integrating using our Checkout APIs, refer to the authorisation-only integration on Checkout API documentation instead.

Before you begin

Before you can start accepting 3D Secure 2 authenticated transactions on browsers or in-app, make sure that you:

  1. Sign up for an Adyen test account at https://www.adyen.com/signup
  2. Get your API Key. Save a copy as you'll need it for API calls you make to the Adyen payments platform.
  3. Install one of our Libraries to connect with the Adyen APIs. For more information on these steps, refer to Get started with Adyen.

Get authentication data

If you didn't authenticate with Adyen, refer to Mapping Adyen parameters to EMVCo ones.

To authorise a 3D Secure 1 authenticated payment, you need the following data:

To authorise a 3D Secure 2 authenticated payment, you need the following data:

Some issuers don't provide all fields; the Applies to column shows which fields you need from which issuers.

Field Applies to
authenticationResponse All issuers
directoryResponse All issuers
authenticationValue All issuers
dsTransID All issuers
eci All issuers
threeDSVersion All issuers
cavv All issuers
cavvAlgorithm Cartes Bancaires
challengeCancel Cartes Bancaires
challengeIndicator Cartes Bancaires
exemptionIndicator Cartes Bancaires
riskScore Cartes Bancaires

Send a payment authorisation request with 3D Secure authentication data

Make a POST /authorise request and include the following:

Some issuers don't require all fields; the Applies to column shows which issuers require each field.

Field Applies to
selectedBrand All issuers.
Learn more for co-branded cards.
mpiData.authenticationResponse All issuers
mpiData.directoryResponse All issuers
mpiData.cavv All issuers
mpiData.dsTransID All issuers
mpiData.eci All issuers
mpiData.threeDSVersion All issuers
threeDS2RequestData.challengeIndicator Cartes Bancaires
mpiData.cavvAlgorithm Cartes Bancaires
mpiData.challengeCancel Cartes Bancaires
mpiData.riskScore Cartes Bancaires
additionalData.acquirerCode Cartes Bancaires.
Set to "AdyenCartesBancaires".
additionalData.scaExemption Cartes Bancaires

Co-branded cards

If you are authorising for a co-branded card, you need to set the paymentMethod.type value to the scheme that authenticated the payment. For example, if you are authorising for a card co-branded with Visa and Cartes Bancaires, set the value to either visa or cartebancaire, depending on which scheme performed the authentication. Otherwise, the authorisation can be refused.

Sample request

/authorise request 
curl https://pal-test.adyen.com/pal/servlet/Payment/v67/authorise \
-H "x-API-key: YOUR_X-API-KEY" \
-H "content-type: application/json" \
-d '{
  "card":{
    "cvc":"737",
    "expiryMonth":"03",
    "expiryYear":"2030",
    "holderName":"Simon Hopper",
    "number":"4035501428146300"
  },
  "selectedBrand": "visa",
  "amount":{
    "value":1499,
    "currency":"EUR"
  },
  "mpiData":{
    "cavv":"3q2+78r+ur7erb7vyv66vv\/\/\/\/8=",
    "cavvAlgorithm":"1",
    "eci":"05",
    "xid":"ODUzNTYzOTcwODU5NzY3Qw==",
    "directoryResponse":"Y",
    "authenticationResponse":"Y"
  },
  "reference":"YOUR_REFERENCE_NUMBER",
  "merchantAccount":"YOUR_MERCHANT_ACCOUNT"
}
/authorise request 
curl https://pal-test.adyen.com/pal/servlet/Payment/v67/authorise \
-H "x-API-key: YOUR_X-API-KEY" \
-H "content-type: application/json" \
-d '{
  "card":{
    "cvc":"737",
    "expiryMonth":"03",
    "expiryYear":"2030",
    "holderName":"Simon Hopper",
    "number":"4035501428146300"
  },
  "selectedBrand": "visa",
  "amount":{
    "value":1499,
    "currency":"EUR"
  },
  "mpiData":{
    "cavv": "3q2+78r+ur7erb7vyv66vv\/\/\/\/8=",
    "eci":"05",
    "dsTransID":"c4e59ceb-a382-4d6a-bc87-385d591fa09d",
    "directoryResponse":"C",
    "authenticationResponse":"Y",
    "threeDSVersion":"2.1.0",
    {hint: Only required for Cartes Bancaires.}"cavvAlgorithm"{/hint}:"ABC",
    {hint: Only required for Cartes Bancaires.}"challengeCancel"{/hint}: "00",
    {hint: Only required for Cartes Bancaires.}"riskScore"{/hint}: "95"
  },
  {hint: Only required for Cartes Bancaires.}"threeDS2RequestData"{/hint}: {
    "challengeIndicator": "requestChallenge",
  },
  {hint: Only required for Cartes Bancaires.}"additionalData"{/hint}: {
    "scaExemption": "lowValue",
    "acquirerCode": "AdyenCartesBancaires"
  }
  "reference":"YOUR_REFERENCE_NUMBER",
  "merchantAccount":"YOUR_MERCHANT_ACCOUNT"
}

Sample response

You will receive an Authorised resultCode if the payment authorisation was successful. Otherwise, see Result codes for a complete list of values and the actions that you need to take.

/authorise request 
{
    "additionalData": {
        "liabilityShift": "true",
        "authCode": "76233",
        "avsResult": "4 AVS not supported for this card type",
        "threeDOffered": "true",
        "refusalReasonRaw": "AUTHORISED",
        "authorisationMid": "1000",
        "acquirerAccountCode": "TestPmmAcquirerAccount",
        "cvcResult": "1 Matches",
        "avsResultRaw": "4",
        "threeDAuthenticated": "true",
        "cvcResultRaw": "M",
        "acquirerCode": "TestPmmAcquirer",
        "acquirerReference": "7CAT290GCFV"
    },
    "pspReference": "8535505811653878",
    "resultCode": "Authorised",
    "authCode": "76233"
}