Pending Authentication Flow

Challenge Required

---

Characteristics:

• Card enrolled in 3D Secure

• Issuer requires additional cardholder verification

• User interaction required

Flow Steps:

1. Setup → Get authentication tokens
2. Capture → Collect device data automatically
3. Enroll → 3D Secure check: CHALLENGE REQUIRED 
4. Challenge → Display authentication modal to user
5. User Action → Complete OTP, biometric, or other verification
6. Validation → Confirm challenge completion
7. Result → Authentication successful (ECI: 06 for VISA/AMEX, 02 for Mastercard) or authentication failed
8. Authorization → Process payment (if successful)
9. Complete → Transaction finalized

API Responses:

• Setup: status: "Completed"

• Enroll: status: "Pending_authentication"

• Validation: status: "Authentication_successful" or status: "Authentication_failed"

Challenge Types:

• SMS OTP verification

• Mobile app push notification

• Biometric authentication

• Security questions

• Hardware tokens

Implementation Notes:

• Use Cardinal Commerce SDK for challenge display

• Handle challenge timeout scenarios

• Provide fallback authentication methods