Using External Authorization Services With Snap*
3-D Secure 2.0 is a protocol that was developed in compliance with the PSD2 mandate to make online payments more secure through advanced cardholder verification. The External Authentication workflow is offered for integrators who wish to perform the Authentication protocol through a 3rd party. The integrator will then Authorize the transaction through one of the Snap* front-ends. These updates will be supported for the eService and TRON front-ends.
The External Authentication supports both the Browser and Application flows at this time.
Documentation on implementing this feature can be found here: 3-D Secure 2.0 External Authentication Integration Guide (Last updated: 19 September 2022).
Note: Integrating to 3-D Secure requires integration to CWS, as well. Click here for the CWS Overview.
API Reference
**Last updated: 28 August 2020
Request
| Required | Parameter | Description | Data Type | Browser/App | Path |
|---|---|---|---|---|---|
| Conditional – Required on a 3DS 2.0 External Authentication Request if it is a Card On File transaction initiated by the Merchant. i.e. BankcardTransactionData/CardOnFileInfo/InitiatedBy is Merchant. | ACSTransactionId | Identifier assigned by the Access Control Server to identify a single transaction. | String, 36 Char | Both | BankcardTransaction/ BankcardTenderData/ EcommerceSecurityData/ ACSTransactionId |
| Conditional – Required on a 3DS 2.0 External Authentication Request if TransactionStatus is SuccessfullyAuthenticated or UnableToAuthenticate. | AuthenticationValue | Payment System-specific value provided by the ACS or DS using an algorithm defined by Payment System. It is used to provide proof of authentication. | String, 28 Char | Both | BankcardTransaction/ BankcardTenderData/ EcommerceSecurityData/ AuthenticationValue |
| Conditional – Required on a 3DS 2.0 External Authentication Request. | DSTransactionId | Identifier assigned by the Directory Server to identify a single transaction. | String, 36 Char | Both | BankcardTransaction/ BankcardTenderData/ EcommerceSecurityData/ DSTransactionId |
| Conditional – Required on a 3DS 2.0 External Authentication Request if TransactionStatus is SuccessfullyAuthenticated or UnableToAuthenticate. | AuthenticationECI | Payment System-specific value provided by the Access Control Server or Directory Server to indicate the results of the attempt to authenticate the Cardholder. | String, 2 Char | Both | BankcardTransaction/ BankcardTenderData/ EcommerceSecurityData/ AuthenticationECI |
| Conditional – Required on a 3DS 2.0 External Authentication Flow. | TransactionStatus | This value defines the authentication status for validation purposes. | Enum –
|
Both | BankcardTransaction/ BankcardTenderData/ EcommerceSecurityData/ TransactionStatus |
| Conditional – Required on a 3DS 2.0 External Authentication Request if TransactionStatus is SuccessfullyAuthenticated or UnableToAuthenticate. | AuthenticationTimestamp | Date and time in UTC of the prior cardholder authentication. | Datetime – Format accepted: YYYYMMDDHHMM |
Both | BankcardTransaction/ BankcardTenderData/ EcommerceSecurityData/ AuthenticationTimestamp |
| Conditional – Required on a 3DS 2.0 External Authentication Request if TransactionStatus is SuccessfullyAuthenticated or UnableToAuthenticate. | AuthenticationMethod | Mechanism used by the Cardholder to previously authenticate. | Enum –
|
Both | BankcardTransaction/ BankcardTenderData/ EcommerceSecurityData/ AuthenticationMethod |
| Required on a 3DS Request | ProtocolVersion | This will be the Protocol Version Number the transaction should be processed as. | Enum –
|
Both | BankcardTransactionData/ ThreeDSData/ ProtocolVersion |
Response
| Required | Parameter | Description | Data Type | Browser/App | Path |
|---|---|---|---|---|---|
| Expected on a 3DS 2.0 Response. | ProcessedAs3D | Identifies how the requested 3DS transaction was processed. | Bool | Both | BankcardTransactionResponse/ ProcessedAs3D |
| Expected on a 3DS 2.0 Response. | TokenResult | Visa’s ECI Response and MasterCard’s UCAF Response Data for clarification on how the transaction was processed. | String | Both | BankcardTransactionResponse/ TokenResult |