3D Secure 2.x

3D Secure 2.x

Keep your transactions compliant with Strong Customer Authentication (SCA) requirements and bring more friendly user experience to your customers with a 3D Secure 2, also known as EMV 3D Secure. It's a brand new secure authentication protocol which supports app-based authentication. 3DS SDK makes it easy to integrate all new 3DS features into your e-commerce app.

App-based authentication

In the app-based flow, a cardholder initiates a transaction on a mobile device (Android or iOS) from a 3DS-enabled app. 3DS SDK collects as many data from the mobile device as possible and sends it to a cardholder's bank. The bank then can make decision if the data is enough to trust that the real cardholder is making the purchase or it needs further proof.

Frictionless flow

If bank verification is passed then the transaction goes through the “frictionless” flow and the authentication is completed without any additional input from the cardholder. The ability to share more data using 3D Secure 2 aims to increase the number of transactions that can be authenticated without further customer input.

Challenge flow

If the bank decides cardholder needs to pass further verification, the transaction is sent through the “challenge” flow and the customer is asked to provide additional input to authenticate the payment. Authentication is embedded directly into mobile checkout flow, no more redirects. It also might be implemented as authentication through the mobile banking app using fingerprint or even facial recognition (“out-of-band authentication”). New challenge flow aims to make authentication smoother and more reliable using latest techniques.

Integration types

1. Using in a bundle with the Mobile SDK

The Mobile SDK (MSDK) provides seamless integration with the 3DS SDK.

Integration steps differs depending on how MSDK is used in your app. In these guides we assume that you already integrated base MSDK to make payments with one of the following ways:

Where do I start?

We recommend to get started with the Ready-to-Use UI integration. As you can see from the table below, in case of using Ready-to-use screens everything works out of box. Just configure 3DS 2 in the Administration Portal for the card brands, and this info will be automatically fetched in the MSDK. Then import 3DS libraries to your project, and you are ready to run first 3DS 2 transaction.

Even if you are not going to use Ready-to-Use UI, there are still quite a few steps to enhance your payments with the new 3DS 2 verification. Check integration steps below. Mandatory steps are marked in bold in the left column.

Integration steps3DS + MSDK + Ready-to-Use UI3DS + MSDK + Your Custom UI
1. Import librariesimplementation requiredimplementation required
2. Request app permissionsoptionaloptional
3. Customize 3DS for your appoptionaloptional
4. Initialize 3DS serviceoptional (implemented in MSDK on checkout start, you may want to start initialization earlier)implementation required
5. Verify security warningsoptionaloptional
6. Send authentication requestimplemented in MSDKimplementation required
7. Handle authentication responseimplemented in MSDKimplementation required (challenge screens are implemented in the 3DS SDK, you should just initiate challenge flow if needed)

2. Standalone 3DS SDK

If you are not going to implement payments through the Mobile SDK but would like to integrate new 3DS SDK into your app, it can be used as standalone solution. Refer to the following integration guide.