There are two ways to setup 3DSecure:
Via Gateway
This option is based on the Merchant Gateway. If 3DS is offered by the Gateway, it can be enable on the merchant within Sublytics.
To add 3DS on a Merchant
Select Processing → Merchant → Check "Attempt 3D Secure"
- Check Attempt 3D Secure
- Enter API Key, provided by the Gateway (NMI & Paysafe only)
This option can be frictionless, it all depends on the response back from the gateway.
- 101 Response
- You will need to redirect the user to a new page that you specify in the API request.
- Once the customer verifies, there will be API call to finalize the payment.
- 100 Response
- No need to redirect the customer.
Required fields needed to pass when using 3DS through the gateway:
user_agent
ip_address
browser_accept_header
browser_language
browser_screen_size
browser_timezone
browser_java_enabled
browser_javascript_enabled
browser_screen_color_depth
redirect_url -> this is the URL that the user will be redirected to after they complete the challenge
ip_address
browser_accept_header
browser_language
browser_screen_size
browser_timezone
browser_java_enabled
browser_javascript_enabled
browser_screen_color_depth
redirect_url -> this is the URL that the user will be redirected to after they complete the challenge
Using NMI Three Step Redirect for initial transactions? Find more information here
Via 3rd Party
Note
This option does not require any setup or configuration within Sublytics if using a single 3rd party account
If using paay.co on your pages, Sublytics API will accept additional parameters that are generated from paay.co
order_cavv
order_xid
order_3ds_authentication_status
order_3ds_enrollment_status
order_3ds_version
order_3ds_ds_transaction_id
If passing these values to Sublytics ( this should be available to you via paay.co integration on the front end ), then Sublytics passes this along to the gateway.
Note
Pass an array of values to use for each corresponding cycle.
These values are in Sublytics documentation https://{instancename}.sublytics.com/api_docs under the doProcess, doAddProcess and doAddProcessOrder.
Common ERROR: XID data must be 20 bytes REFID:1160745918
This happens either when a user tries with one card brand like visa, the trans declines, then they use another card brand like MasterCard but using the tokens obtained from the visa.
Or the wrong XID value is being passed.
| Authenticated Status | Defined |
|---|---|
| Y | Authenticated |
| A | Attempted. Proof of (Liability is still shifted. Network stepped in for the authentication.) |
| C | Requiring a Cardholder challenge to complete authentication |
| N | Not authenticated |
| U | Authentication could not be performed due to a technical or other problem |
| R | Issuer is rejecting authentication and requesting that authorization not be attempted |
| ECI | Defined |
|---|---|
| 01 | Authenticated |
| 02 | Attempted (Liability is still shifted. Network stepped in for the authentication.) |
| 00 | Not Authenticate |
| 05 | Authenticated |
| 06 | Attempted (Liability is still shifted. Network stepped in for the authentication.) |
| 07 | Not Authenticate |
Have multiple accounts via 3rd Party?
If you have more than one account with paay.co, you can use the Sublytics API simulates they payment router to determine which key the javascript should show.
In this case, there is setup within Sublytics.
To add Multiple 3DS Accounts
Select Processing → Merchant → Third Party Integrations
