ThreeDS initiateAuthentication()

initiateAuthentication()

Authentication for the arguments passed. This method will call INITIATE_AUTHENTICATION REST API and returns the raw response in data.response field.


Usage Copied to clipboard

ThreeDS.initiateAuthentication(orderId, transactionId, callback, optionalParams)


Example Copied to clipboard

var optionalParams = {
    sourceOfFunds: {
        type: "CARD"
    },
    order: {
        walletProvider: "MASTERPASS_ONLINE"
    }
};

ThreeDS.initiateAuthentication("1234", "XYZ", function (data) {
    if (data && data.error) {
        var error = data.error;
        // Something bad happened, the error value will match what is returned by the Authentication API
        console.error("error.code : ", error.code);
        console.error("error.msg : ", error.msg);
        console.error("error.result : ", error.result);
        console.error("error.status : ", error.status);
    }
    else {
        console.log("After Initiate 3DS ", data);

        //data.response will contain information like gatewayRecommendation, authentication version, etc.
        console.log("REST API raw response ", data.restApiResponse);
        console.log("Correlation Id", data.correlationId);
        console.log("Gateway Recommendation", data.gatewayRecommendation);
        console.log("HTML Redirect Code", data.htmlRedirectCode);
        console.log("Authentication Version", data.authenticationVersion);

        switch (data.gatewayRecommendation) {
            case "PROCEED":
                authenticatePayer(); //merchant's method
                break;
            case "DO_NOT_PROCEED":
                tryOtherPayment(); //merchant's method, you can offer the payer the option to try another payment method.
                break;
        }
    }
}, optionalParams);
    

Arguments Copied to clipboard

orderId Copied to clipboard String REQUIRED

Unique identifier for this order.

transactionId Copied to clipboard String REQUIRED

Unique identifier for this payment authentication.

callback Copied to clipboard Function REQUIRED

The callback function.

optionalParams Copied to clipboard Object

Optional parameters contain white labeled api parameters.

correlationId Copied to clipboard String

A transient identifier for the request, that can be used to match the response to the request.

The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.
Data can consist of any characters, XSD type String
Min length:1
Max length:100
order Copied to clipboard Object

Information about the order associated with this transaction.

walletProvider Copied to clipboard Enumeration

The wallet provider used to collect the customer's payment details used for this transaction.

Value must be a member of the following list. The values are case-sensitive.
AMEX_EXPRESS_CHECKOUTAmex Express Checkout wallet provider.
ANDROID_PAYAndroid Pay mobile wallet provider.
APPLE_PAYApple Pay mobile wallet provider.
CHASE_PAYChase Pay wallet provider.
GOOGLE_PAYGoogle Pay mobile wallet provider.
MASTERPASS_ONLINEMasterPass Online wallet provider.
SAMSUNG_PAYSamsung Pay mobile wallet provider.
VISA_CHECKOUTVisa Checkout wallet provider.
session Copied to clipboard Object
version Copied to clipboard String

Use this field to implement optimistic locking of the session content.

Do this if you make business decisions based on data from the session and wish to ensure that the same data is being used for the request operation.

To use optimistic locking, record session.version when you make your decisions, and then pass that value in session.version when you submit your request operation to the gateway.

If session.version provided by you does not match that stored against the session, the gateway will reject the operation with error.cause=INVALID_REQUEST.

See Making Business Decisions Based on Session Content.

Data consists of ASCII characters, JSON type String
Min length:10
Max length:10
sourceOfFunds Copied to clipboard Object

The details describing the source of the funds to be used.

For card payments these may be represented by combining one or more of the following: explicitly provided card details, a session identifier which the gateway will use to look up the card details and/or a card token. Precedence rules will be applied in that explicitly provided card details will override session card details which will override card token details. Each of these may represent partial card details, however the combination must result in a full and complete set of card details. See Using Multiple Sources of Card Details for examples.

provided Copied to clipboard Object

Information about the source of funds when it is directly provided (as opposed to via a token or session).

For browser payments, the source of funds details are usually collected from the payer on the payment provider's website and provided to you when you retrieve the transaction details (for a successful transaction). However, for some payment types (such as giropay), you must collect the information from the payer and supply it here.

card Copied to clipboard Object

Details as shown on the card.

devicePayment Copied to clipboard Object

If the payer chose to pay using a device you must provide payment details in this parameter group. Use this parameter group when accepting payments using device payment methods such as Apple Pay, Android Pay or Samsung Pay.

3DSecure Copied to clipboard Object

Details used to process a digital payment where the payment data keys for the online payment cryptogram are provided using the 3-D Secure format.

Use this parameter group for:

  • Device payments: if you decrypt the payment token yourself. In this case, you source these fields directly from the decrypted payment token.
    You do not need to use this parameter group if you provide the payment token in sourceOfFunds.provided.card.devicePayment.paymentToken.
  • Card scheme tokens: if you decrypt the transaction credentials yourself.
eciIndicator Copied to clipboard Digits

The Electronic Commerce Indicator generated for payments made using a device payment method.

You source this field directly from the decrypted payment token.

You must provide this field if you have it. This field is not applicable for payments using digital wallets.

Data is a string that consists of the characters 0-9, JSON type String
Min length:1
Max length:2
onlinePaymentCryptogram Copied to clipboard Base64

A cryptogram used to authenticate the transaction.

Use this field for:
  • Device payments: source this field directly from the decrypted payment token.
  • Card scheme tokens: source this field directly from the decrypted transaction credentials. For MDES (Mastercard Digital Enablement Service) tokens this is the UCAF cryptogram (de48se43Data). For VTS (Visa Token Service) tokens this is the TAVV cryptogram.
Data is Base64 encoded
Min length:1
Max length:128
cryptogramFormat Copied to clipboard Enumeration

The format of the cryptogram provided for the digital payment.Use this field for:

  • Device payments: provide the cryptogram format when you decrypt the payment token and provide the payment details (including the online payment cryptogram) in the transaction request.

This field does not apply to Card Scheme token payments.

Value must be a member of the following list. The values are case-sensitive.
3DSECUREThe payment data keys for the online payment cryptogram are provided using the 3-D Secure format.
EMVThe payment data keys for the online payment cryptogram are provided using the EMV format.
paymentToken Copied to clipboard String

This is the payment token that you received from the device's payment SDK.

For example:

For Apple Pay - this is the PKPaymentToken.paymentData value.

For Google - this is PaymentMethodToken.getToken().

Note 1: The gateway API considers this value to be a string, NOT JSON itself. Therefore, when using the JSON gateway API, this field will typically look like:

"sourceOfFunds": {
"provided": {
"card": {
"devicePayment": {
"paymentToken": "{\"data\":\"869ss19ew ....

Note 2: The gateway will ignore the currency and amount information in the payment token, and will instead use the values passed on the amount and currency fields. For normal usage, you should populate those fields with the exact same values as you got from the SDK.

Data can consist of any characters, JSON type String
Min length:1
Max length:16384
number Copied to clipboard Digits

The account number of the payer's account used for this authentication.

On requests, provide the number in the form that you receive it (as explained below). On responses, the gateway populates it with a form that the payer would recognize (also explained in more detail below).

  • Request

    On request, populate this field based on the payment method you are using for the payment:

    • Card: the account number embossed onto the card.
    • Scheme tokens such as MDES (Mastercard Digital Enablement Service) - supply the value called the "Token PAN" or VTS (Visa Token Service) - supply the value called "token".
  • Response

    On return, the card number will be populated in 6.4 masking format, for example, 000000xxxxxx0000.

Data is a string that consists of the characters 0-9, JSON type String
Min length:9
Max length:19
token Copied to clipboard Alphanumeric

Gateway token that uniquely identifies a card and associated details.

Data may consist of the characters 0-9, a-z, A-Z, JSON type String
Min length:1
Max length:40
type Copied to clipboard Enumeration

The payment method used for this authentication.

If you are passing card or scheme token data on the API, then you need to set this value, and also provide the card or token details in the sourceOfFunds.provided.card group.

If you are making a payment with a gateway token, then you can leave this field unset, and only populate the sourceOfFund.token field.

Value must be a member of the following list. The values are case-sensitive.
CARDUse this value for authentications using the card number.
SCHEME_TOKENUse this value for authentications using scheme tokens.

Return Value Copied to clipboard

None