Implementation examples
Node.js
The Card Component handles 3D Secure redirect flow to complete the required 3D Secure authentication.
Follow the instructions on this page if your integration uses the /payments or /payments/details endpoint, and Checkout API 49 or later.
If your integration uses only the /sessions endpoint, you do not need additional configuration for 3D Secure. If you are using Checkout API 46 or earlier, follow instructions in the 3D Secure 2 integration guide for v46 or earlier.
To handle card payments with redirect 3D Secure authentication:
- Get additional shopper details in your payment form.
- Make a payment request with additional 3D Secure parameters.
- Handle the redirect.
- Show the payment result.
Requirements
This page assumes you have already built a Card Component integration.
If you are using 3D Secure for PSD2 compliance, read our comprehensive PSD2 SCA guide.
Step 1: Get additional shopper details in your payment form
For higher authentication rates, we strongly recommend that you collect the shopper's email address, cardholder name, billing address, and IP address for payments with 3D Secure authentication.
Get the shopper's email outside of the Card Component because it doesn't have a configuration to include shopper email in the payment form.
To get the cardholder name and billing address in your payment form, include the following when creating an instance of the Card Component:
hasHolderName: true. This shows the input field for the cardholder name.holderNameRequired: true. This makes the cardholder name a required field.billingAddressRequired: true. This shows the billing address input fields.
const card = checkout.create("card", {
hasHolderName: true,
holderNameRequired: true,
billingAddressRequired: true
}).mount("#card-container");Step 2: Make a payment
-
When you make a payment request, include the following additional 3D Secure 2 parameters.
See additional 3D Secure 2 parameters that we recommend to include in your request to increase authentication performance in our API reference.
Parameter name Required Description paymentMethod 
The type and required details for a card payment method. This is the state.data.paymentMethodobject from theonSubmitevent.paymentMethod.holderName 
Use case: required for Visa and JCB transactions.
The cardholder's name.browserInfo The shopper's browser information. All sub-fields of this object are required for channel: Web. This is thestate.data.browserInfoobject from theonSubmitevent.channel The platform where the transaction takes place. Set to Web. origin The origin URL of the page where you are rendering the Component.
To get the origin, open the browser console and callwindow.location.origin.
When this field is not set, or set incorrectly, the 3D Secure 2 action can not be handled correctly.
Format:- Maximum characters: 80.
- Do not include subdirectories and a trailing slash.
https://your-company.com/checkout/payment, set tohttps://your-company.com.returnUrl The URL where the shopper is redirected back to after completing authentication, including the protocol http://orhttps://. You can also include your own additional query parameters, for example, shopper ID or order reference number. Format:- The return URL must not include
//(double slash) after the top-level domain. - Maximum characters: 1024. We recommend that you keep the number of characters as small as possible.
https://your-company.com/checkout/.shopperEmail Use case: required for Visa and JCB transactions.
The cardholder's email address. If you do not include the shopper email, you must include the shopper's phone number in your request.shopperIP Use case: required for Visa and JCB transactions on the web. The shopper's IP address. telephoneNumber Use case: required for Visa and JCB transactions if you did not include the shopperEmailfield.
The shopper's phone number. To be more specific, you can use themobilePhone,homePhone, andworkPhonefields in thethreeDS2RequestDataobject.
Format: The phone number must include a plus sign (+) and a country code (1-3 digits), followed by the number (4-15 digits).
Example: +4912345678901If the value you provide does not follow the guidelines, we drop the value and do not submit it for authentication.
Required for all transactions. 
Required for particular setups, or issuers and card schemes. -
In the response, check if there is an
actionobject.
Step 3: Handle the redirect
The Component uses handleAction(action) to redirect the shopper to the issuer page (the action.url from the /payments response) to perform 3D Secure authentication. When the shopper completes authentication, they are redirected back to the returnUrl from your /payments request.
In our test environment, you can perform the authentication with test credentials. The action.url for testing is https://checkoutshopper-test.adyen.com/checkoutshopper/threeDS/checkoutRedirect/....
Perform the authentication using the 3D Secure test credentials:
- Username: user
- Password: password
Step 4: Show the payment result
Use the resultCode from the /payments or /payments/details response to present the payment result to your shopper. You will also receive the outcome of the payment asynchronously in a webhook.
For card payments, you can receive the following resultCode values:
| resultCode | Description | Action to take |
|---|---|---|
| Authorised | The payment was successful. | Inform the shopper that the payment has been successful. If you are using manual capture, you also need to capture the payment. |
| Cancelled | The shopper cancelled the payment. | Ask the shopper if they want to continue with the order, or ask them to select a different payment method. |
| Error | There was an error when the payment was being processed. For more information, check the
refusalReason
field. |
Inform the shopper that there was an error processing their payment. |
| Refused | The payment was refused. For more information, check the
refusalReason
field. |
Ask the shopper to try the payment again using a different payment method. |
Test and go live
Use our test card numbers to test how your integration handles different 3D Secure authentication scenarios.