--- title: "Native 3D Secure 2 authentication" description: "Learn how you can natively support 3D Secure 2 in your site or app with your classic API integration." url: "https://docs.adyen.com/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2" source_url: "https://docs.adyen.com/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2.md" canonical: "https://docs.adyen.com/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2" last_modified: "2020-10-01T18:37:00+02:00" language: "en" --- # Native 3D Secure 2 authentication Learn how you can natively support 3D Secure 2 in your site or app with your classic API integration. [View source](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2.md) **Adyen is no longer developing the Classic API integration** This page is for the Classic API (`/authorise`) integration, which we no longer accept new integrations with. We strongly recommend migrating to the newer [Native 3D Secure 2 on Checkout API](/online-payments/3d-secure/native-3ds2) integration. To use this newer integration, you must also [migrate to the Checkout API](/online-payments/upgrade-your-integration/migrate-to-checkout-api). ##### PSD2 compliance If you are using 3D Secure for PSD2 SCA compliance, get more information from our [comprehensive guide](/online-payments/psd2-sca-compliance-and-implementation-guide). The latest version of 3D Secure brings a new approach to authentication through a wider range of data and biometric authentication, and with an improved online payments experience. Unlike 3D Secure 1 where the shopper is redirected to another site to verify the payment, in 3D Secure 2 the card issuer performs the authentication within your app or payment form. The shopper's identity may be verified using passive, biometric, and two-factor authentication approach. A transaction may go through a passive [frictionless](#frictionless-flow) authentication flow or a [challenge](#challenge-flow) authentication flow where the issuer requires further interaction with a shopper. As a general rule, the chargeback liability shifts from you to the issuer if the shopper completes a successful challenge authentication flow. For more information on 3D Secure 2 chargeback liability rules, see [3D Secure liability shift rules](/online-payments/3d-secure-for-regulation-compliance#3dsecurechargebackliabilityshiftrules). ## Native 3DS2 implementation options Support 3D Secure 2 natively on top of your existing classic API integration with us. | Your Adyen integration | What you need to do to support 3D Secure 2 native authentication | | ----------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Checkout API | [Add 3D Secure 2 Components](/online-payments/3d-secure/native-3ds2) on your frontend or client and include 3D Secure 2 parameters in your existing API calls. | | Quick integration Checkout SDKs | For mobile, upgrade to- [Checkout Android SDK version 2.4.0 and later](https://github.com/Adyen/adyen-android). - [Checkout iOS SDK version 2.6.0 and later](https://github.com/Adyen/adyen-ios)For Web SDK, no action required. 3D Secure 2 will be supported in all existing versions through a redirect. | | Plugins for Magento 1 and 2, PrestaShop, SFCC, or SAP Commerce (Hybris) | Upgrade to the following plugin versions to support native 3D Secure 2 authentication:- [Magento 2 version 4.2.0 and later](https://github.com/Adyen/adyen-magento2). - [Salesforce Commerce Cloud version 19.1.0 and later](https://github.com/Adyen/adyen-salesforce-commerce-cloud). - [SAP Commerce (Hybris) version 5.0.0 and later](https://github.com/Adyen/adyen-hybris).Our [PrestaShop plugin](https://github.com/Adyen/adyen-prestashop/wiki) supports native 3D Secure 2 from version 1.0.0.We recommend that you upgrade to the versions above however, if you choose to continue using an older version of our plugins, we will support 3D Secure 2 through a redirect. | | HPP | 3D Secure 2 will be supported through a redirect. However, we strongly recommend to move your implementation to our [online payments API](/online-payments/drop-in-web/) with the [3D Secure 2 Component](/online-payments/3d-secure/native-3ds2) for a better user experience. | | Classic API or CSE | Use our [helper functions](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2/browser-based-integration/3d-secure-2-helper-functions/) for web and the [Classic integration 3D Secure 2 SDKs](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2/) for mobile. | ## Authentication flows A 3D Secure 2 transaction can go through either a frictionless or challenge authentication flow depending on the issuer's requirements. ### Frictionless flow In a frictionless flow, the acquirer, issuer, and card scheme exchange all necessary information in the background through passive authentication using the shopper's device fingerprint. In your integration, you will need to get the 3D Secure 2 device fingerprint and if it is validated and approved by the issuer, the transaction is completed without further shopper interaction. ![](/user/pages/docs/02.online-payments/60.classic-integrations/01.classic-api-integration/03.3d-secure-authentication/09.native-3ds2/3DS2-Frictionless.png) ### Challenge flow The issuer requires additional shopper interaction for verification, either through biometrics, two-factor authentication, or similar methods based on [SCA authentication factors](/get-started-with-adyen/adyen-glossary/#strong-customer-authentication-sca).  In a web-based integration, the issuer might require the challenge right after you submit a payment request or after you send the 3D Secure 2 device fingerprint. In an app-based flow, the 3D Secure 2 device fingerprinting process is always performed before a challenge is deemed required. ![](/user/pages/docs/02.online-payments/60.classic-integrations/01.classic-api-integration/03.3d-secure-authentication/09.native-3ds2/3DS2-ChallengeFlow.png) ## 3D Secure 2 payment flows The following diagram illustrates full implementation authentication flows based on result codes: ![](/user/pages/docs/02.online-payments/60.classic-integrations/01.classic-api-integration/03.3d-secure-authentication/09.native-3ds2/3DS2-overview.png) A 3D Secure authentication flow starts with a payment request. Send a payment request from your server with the required 3D Secure 2 objects indicating that you are ready to support 3D Secure authenticated payments. You will get a response containing any of the following result codes: * **Authorised**: The payment has been successfully authorised. If you receive this as a response to your payment request, this could mean that the transaction was either exempted or out-of-scope for 3D Secure 2.  * **IdentifyShopper**: The issuer requires the 3D Secure 2 device fingerprint.  * **ChallengeShopper**: The issuer requires shopper interaction.  * **RedirectShopper**: The payment is routed to the 3D Secure 1 flow, based on issuer performance. The transaction needs to be authenticated with [3D Secure 1](#3d-secure-1-fallback). * **Refused/ Error:** The transaction was refused or something went wrong. This response includes a refusal reason. Handle the transaction based on the result code. For example, if you received an **IdentifyShopper** result code, proceed to get the 3D Secure device fingerprint and then submit the required data to Adyen. The possible responses after you submit the device fingerprint results are: * **Authorised**: This means the authentication was [frictionless](#frictionless-flow) and the payment has been authorised. * **ChallengeShopper**: The issuer requires additional shopper interaction. Proceed to the [challenge flow](#challenge-flow). * **Refused/ Error:** The authentication was refused or something went wrong. This response includes a refusal reason. For more information on result codes and the actions that you need to take, see [Result codes](/online-payments/payment-result-codes). ## Payments routed to 3D Secure 1 It is possible that the authentication falls back to redirecting the shopper to the issuer's site. Therefore, we recommend that your integration also supports the [redirect flow](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/3d-secure-1). ## Implementation options In a full 3D Secure 2 integration, we will perform the authentication and proceed with the payment authorisation. If you choose to only perform one part of the process with us, use the following implementations: * [Full integration on web](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2/browser-based-integration), [iOS](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2/ios-sdk-integration), or [Android](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2/android-sdk-integration): Perform both 3D Secure 2 authentication and payment authorisation with Adyen. * [Authentication-only](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2/authentication-only-integration): Perform only the 3D Secure 2 authentication with us and submit the payment authorisation later. * [Authorize with 3D Secure 2 authentication data](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/other-3ds-flows/authorize-mpidata): Use a third-party 3D Secure 2 provider and perform the payment authorisation request with Adyen. ## Next steps [Integrate a browser-based flow](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2/browser-based-integration) [Learn how you can support 3D Secure 2 on a browser.](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2/browser-based-integration) [Use Android 3D Secure 2 SDK](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2/android-sdk-integration) [Learn how you can use the SDK on your Android app.](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2/android-sdk-integration) [Use iOS 3D Secure 2 SDK](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2/ios-sdk-integration) [Learn how you can use the SDK on your iOS app.](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/native-3ds2/ios-sdk-integration)