3D secure

Authorisation/Debit with 3DS 2 Data

 

Merchants have the choice of doing 3D secure authentication directly with the 3DS Vendor ("MPI")  or via the iVeri Gateway. In any event, when the authentication process is completed successfully, the merchant can POST the payment instruction to the iVeri Gateway with the authentication data using the SOAP or REST webservice. 

Debit/Authorisation Payment Parameters
The applicable set of 3DS 2 parameters are expected in the Authorisation/Debit message are as follows

Parameter

Description

CardHolderAuthenticationID 

Mandatory for 3DS 1 and 2: Commonly known as an XID: Unique identifier generated during the 3D secure process

CardHolderAuthenticationData 

Mandatory for 3DS 1 and 2: Commonly known as UCAF -(universal cardholder authentication field) for Mastercard or CAVV( cardholder authentication verification value)generated on completion of the authentication  between cardholder and card issuer

ElectronicCommerceIndicator 

Mandatory for 3DS 1 and 2: Commonly known as “ECI”: Indicates if the cardholder was fully authenticated, attempted or not.

Possible values: ThreeDSecure (ECI “05”, “02”), ThreeDSecureAttempted (“ECI “06” or “01”) or SecureChannel (ECI “07”)

ThreeDSecure_VEResEnrolled 

Optional: Possible values:  Y|N|U - Indicates if the card is enrolled.

ThreeDSecure_RequestID 

Optional: Unique identifier returned by the Gateway on completion of the 3D secure authentication process 

New 3D Secure 2 Parameters

ThreeDSecure_AuthenticationType

Optional: Possible values( not limited to) "01", "02", "03". Must be as generated on completion of the 3D secure authentication process. indicates the method of authentication used.

ThreeDSecure_ProtocolVersion

Mandatory: Indicates the version of 3D secure used


ThreeDSecure_DSTransID 

Mandatory: Directory Server Transaction ID returned on completion of the 3D secure authentication process  

 

 


Webservice Service Payment Samples
For submission of transactions to the Gateway the merchant can post to the existing Portal URL's . The Portal URL's are listed in the  REST and SOAP sections by acquiring bank. As a note, the submission of the Debit/Authorisation message assumes the following:

  • 3DS 2 authentication was a success.
  • The merchant is making use of the test application ID with mode "Test" for integration testing 
REST Webservice
SOAP Webservice

Format: JSON

Transaction Endpoint - https://[portal domain]/api/transactions

 

 

 

{

    "Version": "2.0",

    "CertificateID": "{4c96973f-71dd-4044-802d-6e234effe8f2}",

    "ProductType": "Enterprise",

    "ProductVersion": "WebAPI",

    "Direction": "Request",

    "Transaction": {

        "ApplicationID": "{ca8a6eae-a469-4b39-bef3-aa029ca3a806}",

        "Command": "Debit",

        "Mode": "Test",

        "Amount": "1500",

        "ExpiryDate": "0123",

        "MerchantReference": "3DS2:20210920.004",

        "Currency": "ZAR",

        "PAN": "4069425217889137",

        "ThreeDSecure_ProtocolVersion": "2.1.0",

        "CardHolderAuthenticationID": "xVyRZy0bYuN69j1pZi/zlmC68Vw=",

        "CardHolderAuthenticationData": "AJkBCWhygQAAAAEDhXKBAAAAAAA=",

        "ElectronicCommerceIndicator": "ThreeDSecure",

        "ThreeDSecure_DSTransID": "2e962032-0499-4fb6-9cf3-e640ceebeb63",

        "ThreeDSecure_AuthenticationType":  "01"

        "ThreeDSecure_VEResEnrolled": "Y"

    }

}

 

 

 

 

Format: XML

Transaction Endpoint - https://[portal domain] /iVeriWebservice/Service.asmx

 

 

 

<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

  xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">

  <soap:Body>

  <Execute xmlns="http://iveri.com/">

  <validateRequest>false</validateRequest>

  <protocol>V_XML</protocol>

  <protocolVersion>7.0</protocolVersion>

  <request>&lt;V_XML Version="2.0" CertificateID="b2fd980c-f61a-473e-a685-5e8d38595d84" ProductType="Enterprise"

ProductVersion="iVeriWebService" Direction="Request"&gt;

&lt;Transaction ApplicationID="66bc5003-88dd-4cd5-9b27-2b5cdb7a8b73" Command="Debit" Mode="Test"&gt;

&lt;MerchantTrace&gt;9AE2405C07E7227568BEEE5A58E890&lt;/MerchantTrace&gt;

&lt;Amount&gt;2000&lt;/Amount&gt;

&lt;Currency&gt;ZAR&lt;/Currency&gt;

&lt;ExpiryDate&gt;012023&lt;/ExpiryDate&gt;

&lt;MerchantReference&gt;3DS2:202112.002&lt;/MerchantReference&gt;

&lt;CardSecurityCode&gt;123&lt;/CardSecurityCode&gt;

&lt;PAN&gt;4069425217889137&lt;/PAN&gt;

&lt;ElectronicCommerceIndicator&gt;ThreeDSecure&lt;/ElectronicCommerceIndicator&gt;

&lt;CardHolderAuthenticationID&gt;nhkWtFs6DlxCbpAyOFmjjxTtZOc=&lt;/CardHolderAuthenticationID&gt;

&lt;CardHolderAuthenticationData&gt;AJkBCIZ1CQAAAAfQcQADdISCkYQ=&lt;/CardHolderAuthenticationData&gt;

&lt;ThreeDSecure_ProtocolVersion&gt;2.1.0&lt;/ThreeDSecure_ProtocolVersion&gt;

&lt;ThreeDSecure_DSTransID&gt;c43c9d4a-3461-46e9-be29-3c7a0e033e11&lt;/ThreeDSecure_DSTransID&gt;

&lt;ThreeDSecure_AuthenticationType&gt;01&lt;/ThreeDSecure_AuthenticationType&gt;

&lt;ThreeDSecure_VEResEnrolled&gt;Y&lt;/ThreeDSecure_VEResEnrolled&gt;

&lt;/Transaction&gt;

&lt;/V_XML&gt;

</request>

  </Execute>

  </soap:Body>

  </soap:Envelope>

 

Response:

 

{

    "Version": "2.0",

    "CertificateID": "{4c96973f-71dd-4044-802d-6e234effe8f2}",

    "ProductType": "Enterprise",

    "ProductVersion": "WebAPI",

    "Direction": "Request",

    "Transaction": {

        "ApplicationID": "{ca8a6eae-a469-4b39-bef3-aa029ca3a806}",

        "Command": "Debit",

        "Mode": "Test",

        "Amount": "1500",

        "ExpiryDate": "0123",

        "MerchantReference": "3DS2:20210920.004",

        "Currency": "ZAR",

        "PAN": "4069425217889137",

        "ThreeDSecure_ProtocolVersion": "2.1.0",

        "CardHolderAuthenticationID": "xVyRZy0bYuN69j1pZi/zlmC68Vw=",

        "CardHolderAuthenticationData": "AJkBCWhygQAAAAEDhXKBAAAAAAA=",

        "ElectronicCommerceIndicator": "ThreeDSecure",

        "ThreeDSecure_DSTransID": "2e962032-0499-4fb6-9cf3-e640ceebeb63",

        "ThreeDSecure_AuthenticationType":  "01"

        "ThreeDSecure_VEResEnrolled": "Y"

    }

}

 

 

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">

    <soap:Body>

        <ExecuteResponse xmlns="http://iveri.com/">

            <ExecuteResult>&lt;V_XML Version="2.0" Direction="Response"&gt;

  &lt;Transaction ApplicationID="{66BC5003-88DD-4CD5-9B27-2B5CDB7A8B73}" Command="Debit" Mode="Test" RequestID="{AF5214BF-878E-4691-A124-96E0748CF062}"&gt;

    &lt;Result Status="0" Code="0" Description="" AppServer="QAGW2012APP1" DBServer="QAGW2012DB2" Gateway="QA" AcquirerCode="00" AcquirerDescription="" /&gt;

    &lt;MerchantTrace&gt;9AE2405C07E7227568BEEE5A58E890&lt;/MerchantTrace&gt;

    &lt;Amount&gt;2000&lt;/Amount&gt;

    &lt;AuthorisationCode&gt;315669&lt;/AuthorisationCode&gt;

    &lt;CCNumber&gt;4069........9137&lt;/CCNumber&gt;

    &lt;Currency&gt;ZAR&lt;/Currency&gt;

    &lt;ElectronicCommerceIndicator&gt;ThreeDSecure&lt;/ElectronicCommerceIndicator&gt;

    &lt;ExpiryDate&gt;012023&lt;/ExpiryDate&gt;

    &lt;MerchantReference&gt;3DS2:202112.002&lt;/MerchantReference&gt;

    &lt;Terminal&gt;Default&lt;/Terminal&gt;

    &lt;TransactionIndex&gt;{F9401D94-4CA7-46EF-A007-9883950A80D3}&lt;/TransactionIndex&gt;

    &lt;MerchantName&gt;iVeri Payment Technology&lt;/MerchantName&gt;

    &lt;MerchantUSN&gt;7771777&lt;/MerchantUSN&gt;

    &lt;Acquirer&gt;NBPostilionNBSouthAfrica&lt;/Acquirer&gt;

    &lt;AcquirerReference&gt;81774:09170322&lt;/AcquirerReference&gt;

    &lt;AcquirerDate&gt;20220103&lt;/AcquirerDate&gt;

    &lt;AcquirerTime&gt;154109&lt;/AcquirerTime&gt;

    &lt;DisplayAmount&gt;R 20.00&lt;/DisplayAmount&gt;

    &lt;BIN&gt;4&lt;/BIN&gt;

    &lt;Association&gt;VISA&lt;/Association&gt;

    &lt;CardType&gt;Unknown Card Type&lt;/CardType&gt;

    &lt;Issuer&gt;Unknown Issuer&lt;/Issuer&gt;

    &lt;Jurisdiction&gt;International&lt;/Jurisdiction&gt;

    &lt;PAN&gt;4069........9137&lt;/PAN&gt;

    &lt;PANMode&gt;Keyed,CVV&lt;/PANMode&gt;

    &lt;ReconReference&gt;09170322&lt;/ReconReference&gt;

    &lt;CardHolderPresence&gt;CardNotPresent,eCommerce,ThreeDSecure&lt;/CardHolderPresence&gt;

    &lt;MerchantAddress&gt;MERCHANT ADDRESS&lt;/MerchantAddress&gt;

    &lt;MerchantCity&gt;Sandton&lt;/MerchantCity&gt;

    &lt;MerchantCountryCode&gt;ZA&lt;/MerchantCountryCode&gt;

    &lt;MerchantCountry&gt;South Africa&lt;/MerchantCountry&gt;

    &lt;DistributorName&gt;Nedbank&lt;/DistributorName&gt;

  &lt;/Transaction&gt;

&lt;/V_XML&gt;</ExecuteResult>

        </ExecuteResponse>

    </soap:Body>

</soap:Envelope>