initiateAuthentication()
Authentication for the arguments passed.
This method will call INITIATE_AUTHENTICATION REST API and returns the raw response
in data.response field.
Usage Copied to clipboard
ThreeDS.initiateAuthentication(orderId, transactionId, callback, optionalParams)
Example Copied to clipboard
var optionalParams = {
sourceOfFunds: {
type: "CARD"
},
order: {
walletProvider: "MASTERPASS_ONLINE"
}
};
ThreeDS.initiateAuthentication("1234", "XYZ", function (data) {
if (data && data.error) {
var error = data.error;
// Something bad happened, the error value will match what is returned by the Authentication API
console.error("error.code : ", error.code);
console.error("error.msg : ", error.msg);
console.error("error.result : ", error.result);
console.error("error.status : ", error.status);
}
else {
console.log("After Initiate 3DS ", data);
//data.response will contain information like gatewayRecommendation, authentication version, etc.
console.log("REST API raw response ", data.restApiResponse);
console.log("Correlation Id", data.correlationId);
console.log("Gateway Recommendation", data.gatewayRecommendation);
console.log("HTML Redirect Code", data.htmlRedirectCode);
console.log("Authentication Version", data.authenticationVersion);
switch (data.gatewayRecommendation) {
case "PROCEED":
authenticatePayer(); //merchant's method
break;
case "DO_NOT_PROCEED":
tryOtherPayment(); //merchant's method, you can offer the payer the option to try another payment method.
break;
}
}
}, optionalParams);
Arguments Copied to clipboard
Unique identifier for this order.
Unique identifier for this payment authentication.
The callback function.
Optional parameters contain white labeled api parameters.
A transient identifier for the request, that can be used to match the response to the request.
Information about the order associated with this transaction.
The wallet provider used to collect the customer's payment details used for this transaction.
AMEX_EXPRESS_CHECKOUTAmex Express Checkout wallet provider.
ANDROID_PAYAndroid Pay mobile wallet provider.
APPLE_PAYApple Pay mobile wallet provider.
CHASE_PAYChase Pay wallet provider.
GOOGLE_PAYGoogle Pay mobile wallet provider.
MASTERPASS_ONLINEMasterPass Online wallet provider.
SAMSUNG_PAYSamsung Pay mobile wallet provider.
VISA_CHECKOUTVisa Checkout wallet provider.
Use this field to implement optimistic locking of the session content.
Do this if you make business decisions based on data from the session and wish to ensure that the same data is being used for the request operation.
To use optimistic locking, record session.version when you make your decisions, and then pass that value in session.version when you submit your request operation to the gateway.
If session.version provided by you does not match that stored against the session, the gateway will reject the operation with error.cause=INVALID_REQUEST.
See Making Business Decisions Based on Session Content.
The details describing the source of the funds to be used.
For card payments these may be represented by combining one or more of the following: explicitly provided card details, a session identifier which the gateway will use to look up the card details and/or a card token. Precedence rules will be applied in that explicitly provided card details will override session card details which will override card token details. Each of these may represent partial card details, however the combination must result in a full and complete set of card details. See Using Multiple Sources of Card Details for examples.
Information about the source of funds when it is directly provided (as opposed to via a token or session).
For browser payments, the source of funds details are usually collected from the payer on the payment provider's website and provided to you when you retrieve the transaction details (for a successful transaction). However, for some payment types (such as giropay), you must collect the information from the payer and supply it here.
Details as shown on the card.
If the payer chose to pay using a device you must provide payment details in this parameter group. Use this parameter group when accepting payments using device payment methods such as Apple Pay, Android Pay or Samsung Pay.
Details used to process a digital payment where the payment data keys for the online payment cryptogram are provided using the 3-D Secure format.
Use this parameter group for:
-
Device payments: if you decrypt the payment token yourself.
In this case, you source these fields directly from the decrypted
payment
token.
You do not need to use this parameter group if you provide the payment token in sourceOfFunds.provided.card.devicePayment.paymentToken. - Card scheme tokens: if you decrypt the transaction credentials yourself.
The Electronic Commerce Indicator generated for payments made using a device payment method.
You source this field directly from the decrypted payment token.
You must provide this field if you have it. This field is not applicable for payments using digital wallets.
A cryptogram used to authenticate the transaction.
- Device payments: source this field directly from the decrypted payment token.
- Card scheme tokens: source this field directly from the decrypted transaction credentials. For MDES (Mastercard Digital Enablement Service) tokens this is the UCAF cryptogram (de48se43Data). For VTS (Visa Token Service) tokens this is the TAVV cryptogram.
The format of the cryptogram provided for the digital payment.Use this field for:
- Device payments: provide the cryptogram format when you decrypt the payment token and provide the payment details (including the online payment cryptogram) in the transaction request.
This field does not apply to Card Scheme token payments.
3DSECUREThe payment data keys for the online payment
cryptogram are provided using the 3-D Secure format.
EMVThe payment data keys for the online payment cryptogram
are provided using the EMV format.
This is the payment token that you received from the device's payment SDK.
For example:
For Apple Pay - this is the PKPaymentToken.paymentData value.
For Google - this is PaymentMethodToken.getToken().
Note 1: The gateway API considers this value to be a string, NOT JSON itself. Therefore, when using the JSON gateway API, this field will typically look like:
"sourceOfFunds": {
"provided": {
"card": {
"devicePayment": {
"paymentToken": "{\"data\":\"869ss19ew ....
Note 2: The gateway will ignore the currency and amount information in the payment token, and will instead use the values passed on the amount and currency fields. For normal usage, you should populate those fields with the exact same values as you got from the SDK.
The account number of the payer's account used for this authentication.
On requests, provide the number in the form that you receive it (as explained below). On responses, the gateway populates it with a form that the payer would recognize (also explained in more detail below).
-
Request
On request, populate this field based on the payment method you are using for the payment:
- Card: the account number embossed onto the card.
- Scheme tokens such as MDES (Mastercard Digital Enablement Service) - supply the value called the "Token PAN" or VTS (Visa Token Service) - supply the value called "token".
-
Response
On return, the card number will be populated in 6.4 masking format, for example, 000000xxxxxx0000.
Gateway token that uniquely identifies a card and associated details.
The payment method used for this authentication.
If you are passing card or scheme token data on the API, then you need to set this value, and also provide the card or token details in the sourceOfFunds.provided.card group.
If you are making a payment with a gateway token, then you can leave this field unset, and only populate the sourceOfFund.token field.
CARDUse this value for authentications using the card number.
SCHEME_TOKENUse this value for authentications using scheme tokens.
Return Value Copied to clipboard
None