Firstoken API Docs
  • ⚙️API Reference
    • Firstoken API
      • Tokenization As A Service
        • Simple Tokenization
        • Simple Detokenization
        • Inspect Token
        • Delete Tokens
      • Transactions
        • Create a Transaction
        • Retrieve a Transaction
        • Inspect a Transaction
        • Delete a Transaction
        • Tokenize a Transaction
      • Proxy
        • Allowed Headers
        • Actions
        • Methods
          • POST - Proxy
          • GET - Proxy
          • PUT - Proxy
          • PATCH - Proxy
          • DELETE - Proxy
        • Get Payload Hash
        • Proxy JOSE
        • Proxy WSSEC
      • Inbound Routes
        • Create an Inbound - POST
      • Payments
        • Attributes of the Request
        • Common response
        • Endpoints
          • Authorizations
          • Reversals
          • Capture
            • Capture Refunds
            • Capture Void
          • Payments
            • Payment Refunds
            • Payment Void
          • Refunds void
          • Credit
            • Credit Void
          • Get Transaction Details
        • Decision Manager
          • How it works
          • Create decision
          • Update Decision
        • Risk Payer Authentication
          • How to use it
          • 3-D Secure Flows
            • Successful Frictionless Authentication
            • Unsuccessful Frictionless Authentication
            • Attempts Processing Frictionless Authentication
            • Unavailable Frictionless Authentication
            • Rejected Frictionless Authentication
            • Authentication not available on Lookup
            • Enrollment check error
            • Time-out
            • Bypassed Authentication
            • Successful Step-Up Authentication
            • Unsuccessful Step-Up Authentication
            • Unavailable Step-Up Authentication
            • Require Method URL
        • Point of Sale Payments
          • Authorization
          • Capture
          • Payment
          • Credit
  • 📖Guides
    • Firstoken Captures Hosted Iframe
      • How Firstoken Captures works
      • Generating a JSON Web Token
      • JSON form Schema
      • Iframe Communication
    • De-scoping Components
      • How Firstoken De-scoping Components works
      • Inbound Routes Module
        • Create an Inbound Route
        • Edit an Inbound Route
        • Delete an Inbound Route
      • Webhook Module
        • Create a Webhook
        • Edit a Webhook
        • Delete a Webhook
        • Webhook events
        • How to sign Webhooks data
      • Proxy Module
        • Create a Proxy
        • Edit a Proxy
        • Delete a Proxy
    • Firstoken Captures SDK JS
      • Getting Started
      • Functions
      • Type of Elements
      • Elements Options
      • CSS Object
      • Full Example of Usage
      • SDK versions
Powered by GitBook
On this page

Was this helpful?

  1. API Reference
  2. Firstoken API
  3. Payments
  4. Risk Payer Authentication

How to use it

In most of the payments, the authentication happens behind the scenes, and customers won't even notice it's taking place. However, for transactions that seem a bit riskier, there might be a need to use a one-time password (OTP) to confirm everything's on the up and up.

  1. Initiation: When a customer make a payment online, the merchant sends a request to Firstoken Risk payer authentication to initiate the 3-D Secure process

  2. Authentication: Firstoken then gets in touch with your bank to make sure it's really you trying to make the purchase. This could involve getting a temporary password on your phone or using your fingerprint or face if your phone has that tech.

  3. Verification: If the authentication is successful, it confirms that the transaction is being made by the rightful cardholder. Otherwise, if the online transaction is not authorized, the user receives a message indicating that the verification has failed.

  4. Authorization: Once verified, the transaction is sent back to the merchant for completion, and the payment process continues as usual.

For merchants, this means reduced risk of chargebacks due to fraud, and for customers, it provides peace of mind that their card details are being used securely.

PreviousRisk Payer AuthenticationNext3-D Secure Flows

Last updated 11 months ago

Was this helpful?

⚙️