Contact us


3D Security

3D Security

3D Secure functionality allows a merchant to process Verified by Visa and MasterCard SecureCode through a single payment gateway. Use of this functionality provides additional chargeback protection and preferred Interchange rates.

This process involves the additional requirement of posting a URL for the consumer to either register their card or perform the secure code process as part of their transaction request.

Contents

  1. Introduction
  2. 360 One API: 3D Security Interface
  3. Request fields
  4. Response fields
  5. Examples

Introduction

3D Secure, also known as Verified by Visa and MasterCard SecureCode are security protocols developed by the associations to allow consumers to shop in a more secure environment on the Internet. These programs allow participating issuers and their cardholders to validate that the online purchaser is the cardholder, reducing overall online fraud.

Merchants are encouraged to participate and may receive Interchange benefits as well as some limited chargeback protection.

Transaction flow

  • During the checkout process, information is routed to the appropriate card association to verify their enrollment status.
  • If a cardholder is enrolled, the cardholder’s bank will display an authentication form.
  • Cardholder completes authentication form and bank validates if the data entered is correct.
  • Results are returned to the merchant with data elements that are proof the merchant performed the authentication or attempted to authenticate the cardholder.
  • The transaction is then sent for the typical authorization including address verification.

Chargeback Protection

Visa and MasterCard rules related to chargeback protection vary depending on authentication results (authentication versus attempted authentication). For authenticated transactions merchants are generally protected from the “No Cardholder Authorization” or “Cardholder Does Not Recognize Transaction” chargeback reason codes.

Prior to implementation, merchants should obtain the most recent rules and regulations related to this service.

360 One API: 3D Security Interface

Merchants wishing to use this feature must contact their representative to be enrolled in the two programs and will then need to update their check out software to implement the required additional steps.

Usage

3D Security is provided as a value added service to registered payment gateway users. This feature allows merchants to implement Verified By Visa and MasterCard SecureCode programs without requiring use of a separate API.

When processing a 3D transaction, it is acceptable to use the validation data from an initial authorization when a subsequent authorization is needed (such as in the case of a backorder, etc.). They key is that the cardholder validated the initial transaction with the merchant. This validation is good for up to 90 days, therefore authorizations that occur after that timeframe must initiate a new 3D validation with the cardholder.

Request Flow

Merchant check out process must perform the following tasks when performing Verified by Visa or MasterCard SecureCode transactions.

  1. Execute an enrollment check request (transaction type E) to the 360 One API. \If the enrollment status is N process to last step.
  2. Store the 3d_transaction_id returned in the response for subsequent use.
  3. Forward the cardholder to the 3d_acs_url returned in the enrollment check response passing the 3d_payloadfrom the enrollment response in the PaReq parameter. The merchant is also responsible for providing a URL for the issuer to return the cardholder to once validation is complete. The return URL should be passed to the 3d_acs_urlin the TermUrl parameter.
  4. Execute an authorization request. If 3D security validation completed successfully, pass the PaRes from the issuer result in the 3d_payload request parameter and the 3d_transaction_id stored during step 2.

3d Secure Logo

Request fields

Enrollment Request

Field Name Description Required Length Format Comments
transaction_type Transaction Type Yes 1 A/N Always E

Immediate Sale or Pre-Authorization with 3D Security

Field Name Description Required Length Format Comments
transaction_type Transaction Type Yes 1 A/N D or P
3d_payload 3D Security Type Yes vaiable A/N Pass the value returned from the card issuer in the PaRes parameter.
3d_transaction_id 3D Security Transaction ID Yes 1 A/N Pass the 3d_transaction_idreturned in the enrollment response.

Response fields

Field Name Description Length Format Comments
3d_payload 3D Security Payload variable A/N Contains the 3D Payload returned from the card issuer verification process.
3d_transaction_id 3D Security Transaction ID 32 A/N Returned by the enrollment check process. Must be passed back to the API during the card authorization process.
3d_order_id 3D Security Order ID 17 A/N This will contain the purchase_id from the original enrollment request.
3d_acs_url 3D Security Validation URL vaiable A/N This field will be URL encoded. Merchants need to forward their customers to this URL to complete the 3D validation process.
3d_enrollment 3D Security Enrollment Flag 1 A/N Values:* Y = Card Issuer is enrolled* N = Card Issuer is not enrolled.

Examples

Enrollment Request

  1. https://cert.merchante-solutions.com/mes-api/tridentApiprofile_id=xxxxxxxxxxxxxxxxxxxx&pro
    file_key=xxxx&transaction_type=E&transaction_amount=1.00&card_number=4012888812348882&card
    _exp_date=0210

Response

  1. transaction_id=f2eb6b9576ea38c8afe27779e2ef05c1&error_code=000&auth_response_text=RequestC
    omplete&moto_ecommerce_ind=07&3d_enrolled=Y&3d_transaction_id=IiO6SKBOVanlrv9zgebw&d_order
    _id=3338523554448173&3d_acs_url=https%3A%2F%2Ftestcustomer34.cardinalcommerce.co%2FV3DSSta
    rt%3Fosb%3Dvisa3%26VA%3DB&3d_payload=eNpVUtluwjAQfPdXoKpS33BCjAposcRRxBlutepbMFtIASc4DtfX
    1w5QWj%2FtrNfjmbFhtlaIzSmKVCGHASZJsMJcuKw%2B9Q7x2Yuak1nZ7%2FluN%2FJidnniKpNc%2FhgCoJI8ndvJ
    MvAL1DYiiUWAdScwjEvt7xOWPM8zygN0hgh6rT5GXmOmaVHOaVgV57BGSwQ95Yp2LzkuQ0Jhpo1iIgolRqdeYl5gC9
    AwKp2vK11nFSoVSg1KHErT2XF4FahjLYimhnyAXmTQHUjhOgD5Gj1FaJ8X4Kl3zqfR5x5h8mre58OC%2F2Z9%2Bt3u
    LiH%2F12VAVqJwgsA4284Dhlp%2Bi85txihbGK6wLN%2BgSCndXGn00wRugNEYjtPbUrcu3O34ZxlyqFUtzt3REBPM
    WRNL64Cfm3Ng4euhttG7XQJj9%2FM6zX3o9fxctHOh9jwX3zB%2FGqP1aLo80%2Fm8koQ5OdUXHlDLMgqeWht9elt4
    9gqn8f5AfZdbdR

Sale Request

  1. https://cert.merchante-solutions.com/mes-api/tridentApiprofile_id=xxxxxxxxxxxxxxxxxxxx&pro
    file_key=xxxx&transaction_type=D&cardholder_street_address=123&cardholder_zip=55555&cvv2=1
    23&transaction_amount=1.00&card_number=4012888812348882&card_exp_date=0210&invoice_number=
    11f28b27c8add98b7&3d_payload=(PaRes returned from Cardinal)&3d_transaction_id=IiO6SKBOVanl
    rv9zgebwÂ

Response

  1. transaction_id=9e395f681bd9333a8a9f5720ee4f18c5&error_code=000&auth_response_text=ZipMatch
    &avs_result=Y&cvv2_result=M&auth_code=T8311H
image
https://360-one.com/wp-content/themes/imperio/
https://360-one.com/
#6cd0f2
style1
paged
Loading posts...
/home/s7jsyzsnu9qr/public_html/
#
on
none
loading
#
Sort Gallery
on
yes
yes
off
Enter your email here
off
off