3D Secure 2.0 API Migration
Because of the global mandate for 3D secure transactions to move to 3DS 2.0 , there are some additional changes you'll have to make to your API so that you can still process transactions requiring 3D secure once the mandate is in effect.
The changes are minimal, and the major changes are for you to capture information about the paying customer from their browser or device so that the issuer can have more data points to be able to profile the transaction and decide whether or not to prompt the user for additional authentication.
Purchase Request
Request Using ISW TermUrl
This is the regular purchases call. You're going to have to send the paying customer's device details in the call. The deviceInformation field is where it's going to be sent.
{
"customerId": "[email protected]",
"amount": "13000",
"transactionRef": "asdwsfe232221aaaa",
"deviceInformation": {
"httpBrowserLanguage": "en-US",
"httpBrowserJavaEnabled": false,
"httpBrowserJavaScriptEnabled": true,
"httpBrowserColorDepth": 24,
"httpBrowserScreenHeight": 1203,
"httpBrowserScreenWidth": 2138,
"httpBrowserTimeDifference": "",
"userAgentBrowserValue": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"
},
"currency": "NGN",
"authData": "xxx"
}
Request Using ISW Your TermUrl
This is the regular purchases call. You're going to have to send the paying customer's device details and your TermUrl in the call. The deviceInformation and the callbackUrl fields are where it's going to be sent.
{
"customerId": "1407002510",
"amount": "200",
"transactionRef": "aaaa32432s411as",
"currency": "NGN",
"authData": "aaa",
"callbackUrl": "https://avasyn.com",
"deviceInformation": {
"httpBrowserLanguage": "en-US",
"httpBrowserJavaEnabled": true,
"httpBrowserJavaScriptEnabled": true,
"httpBrowserColorDepth": 24,
"httpBrowserScreenHeight": 1203,
"httpBrowserScreenWidth": 2138,
"httpBrowserTimeDifference": "",
"userAgentBrowserValue": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"
}
}
There is a new parameters returned in the response that you'll need to send as a Form Post to the ACSUrl to loading the 3D secure page.
Purchase Response
{
"transactionRef": "asdwsfe232221asaawa",
"paymentId": "474320737",
"amount": "13000.00",
"responseCode": "S0",
"transactionId": "2qA8L0gfUtt8HSiBHa30",
"jwt": "eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJlNjA4MWY3Zi1hY2UzLTRjMTAtOWFmZS1hM2IzMGRlZTc1OWYiLCJpYXQiOjE2NjU0OTI3MTMsImlzcyI6IjVmZTIwZDBkNmJiMzg0MzJlYjgzNjRiOCIsIk9yZ1VuaXRJZCI6IjU1ZWYzZjgyZjcyM2FhNDMxYzk5ZTJlNiIsIlJldHVyblVybCI6Imh0dHBzOi8vcWEuaW50ZXJzd2l0Y2huZy5jb20vY29sbGVjdGlvbnMvYXBpL3YxL3BheS9jYXJkaW5hbENhbGxCYWNrIiwiUmVmZXJlbmNlSWQiOiJhc2R3c2ZlMjMyMjIxYXNhYXdhIiwiUGF5bG9hZCI6eyJBQ1NVcmwiOiJodHRwczovLzBlYWZzdGFnLmNhcmRpbmFsY29tbWVyY2UuY29tL0VBRlNlcnZpY2UvanNwL3YxL3JlZGlyZWN0IiwiUGF5bG9hZCI6IlAuNTE4NjJjYjcyOTNjYTgyYzI3Zjk3MzVmM2NjN2E4MzQwZWQxMDg4MjZlY2YzZjI5Njk3YjY3ZTJlY2M1NjgxZTBmZmUxMTczNDY0MDdlZDk4ZDNmMTc4YjY4NTgyZjQ3OGJhNTRmZmE2MzI2MTU0NmFkZjM3YTc0MjZjODgyMTY1MTNlZDk2MjFhZTJiMmJiNDJjNTNlNDdhNTVlMjM2NiIsIlRyYW5zYWN0aW9uSWQiOiIycUE4TDBnZlV0dDhIU2lCSGEzMCJ9LCJPYmplY3RpZnlQYXlsb2FkIjp0cnVlfQ.uU0cUyOq79h1R09NzboEkrW-TBQGnI83aHp-BGZOYvI",
"MD": "474320737",
"ACSUrl": "https://centinelapistag.cardinalcommerce.com/V2/Cruise/StepUp",
"TermUrl": "https://qa.interswitchng.com/collections/api/v1/pay/cardinalCallBack",
"eciFlag": "07"
}
Load 3D Secure Page
You should send the JWT and MD in a form POST when redirecting to load the 3D secure page
<html>
<body>
<form method='POST' action='https://centinelapistag.cardinalcommerce.com/V2/Cruise/StepUp'>
<input type="text" name="JWT" value="" placeholder="JWT"/>
<input type="text" name="MD" value="" placeholder="MD" />
<input type="submit" value="Cardinal" />
</form>
</body>
<html>
OTP Validation Request (VISA)
Send the paymentId, transactionId and eciFlag to /api/v3/purchases/otps/auths to complete the transaction
{
"paymentId":"474322315",
"transactionId": "NO6wHD8TTVESDfmDMaB1",
"eciFlag":"07"
}
Updated 8 months ago