Guides
Start typing to search…

👮‍♂️ 3DS Process

What is 3D Secure?

3D Secure is a protocol created by the credit card companies that allows a one-to-one authentication of the credit card holder in an online payments in order to decrease scams leading to denial of transactions.

The implementation of the 3DS protocol by SHVA was made to fit the regulatory requirements in Israel and to work with all the local payment providers.

By the protocol a credit card holder that makes the payment will need to complete his identification by a temporary code sent to him (OTP) from the credit card provider after that he will need to enter the temporary code in a designated page of the provider.

When the 3DS checkup is successful the transaction process will continue as usual and the defrayal company will return the status accordingly - approval/failure.

This is an extra paid service - iCredit prices


📘

Note

The challenge and redirect pages of the credit card provider companies are fixed in design and cannot be changed.



Terminal Activation and permissions

The terminal should be defined in SHVA with:

Internet provider = 3

After that iCredit technical team will contact the defrayal company to complete the activation of the 3DS (this process may take a few days).

After the approval of the defrayal company is granted the iCredit technical team will set the 3DS service in the iCredit business user.


Payment Process

The 3DS checkup in the payment process will be as follows:

  1. The card holder will enter the credit card details in the payment page.
  2. The card holder will be transferred to the credit card provider 3DS challenge page.
  3. A massage with a temporary code will be sent to the credit card holder.
  4. The card holder will enter the temporary code in the challenge page.
  5. When the challenge is completed successfully the transaction process will continue and will be sent to the defrayal company.
  6. The customer will be transferred accordingly to a “Thank You” page or to the payment page with an error message.

iCredit Payment Pages

The 3DS service is already combined in the payment page process so there is no need for developing in that part.

It is possible to control the activation of the service in each transaction.

Method -

GetUrl


Send in request parameter:

'Use3DS'

true - Activate the 3DS checkup

false - Deactivate the 3DS checkup


Direct Payment

In direct payment the customer process of 3DS is similar to the payment pages but in this case the APP/system developer will need to create the payment page and transfer the customer to the 3DS challenge page and back after it was finished.


Step 1:

The system server will send a request to one of the methods accordingly.

Methods -

Authenticate

In case the customer entered a new credit card details.


AuthenticateToken

In case there is a saved credit card token.


Step 2:

The payment process will continue according to the response from the credit card company.

The response parameter:

'Status'


A, Y = Approved

It is possible to continue the payment process and send the charge - pass to step 4

Save the value returned in the response to use it in the charge:

'ThreeDSServerTransID'


C = Challenge

In order to complete the authentication transfer the customer to the 3DS challenge page - pass to step 3

Save the values returned in the response:

'ChallengeUrl'

'ThreeDSServerTransID'


Other Status = Failure

End the payment process.

The error message will return in the response the values:

'debug_message'

'client_message'


🚧

It's recommended to display the customer a custom error message accordingly and allow him to re-enter the payment details.


Step 3:

In order to make the challenge the server will redirect the customer to the card provider challenge page that was received in step 1.

The response value:

'ChallengeUrl'


Meanwhile the system server will check if the challenge is finished.

Method-

Verify3DSChallenge

Use the ID received in step 1

The response value:

'ThreeDSServerTransID'


❗️

checkup should be repeated every 5 seconds and the total checkup should be less than 5 minutes (after that the challenge validity will end).


The payment process will continue according to the response from the credit card company.

The response parameter:

'Status'


W = Challenge is still valid

The customer hasn’t finished the challenge yet, the server will send the checkup again


Method -

Verify3DSChallenge

❗️

Send and check again after another 5 seconds.


Y = Challenge was successful

Continue to charge the payment - step 4 (the method - ChargeSimple).


Other Status = Challenge Failed

End the payment process.

The error message will return in the response the values:

'debug_message'

'client_message'

🚧

It's recommended to display the customer a custom error message accordingly and allow him to re-enter the payment details.


Step 4:

The server will send the payment.

Method -

ChargeSimple/Full

Send the relevant payment details - credit card, amount etc.

Send the ID received in step 1

The response value:

'ThreeDSServerTransID'


Step 5:

The process is finished.

Success/failure by response parameter:

'Status'

🚧

According to the payment status received from the credit card company, the server will redirect the customer and will present a message for a success/error.

Updated 11 days ago

What’s Next