How it works
3D Secure Authentication Process
The Risk Payer Authentication follows the 3D Secure 2.0 protocol, providing secure cardholder authentication for online transactions. This service focuses specifically on verifying the cardholder's identity through the 3D Secure standard, independent of any fraud scoring system.
Authentication Flow Steps
1. Setup
Initialize the authentication process and obtain secure communication tokens. The response includes:
JSON Web Token (JWT) for secure merchant communication
Reference ID for tracking the authentication session
Device data collection URL for the next step
2. Device Data Capture
Collect comprehensive device fingerprinting data through the Cardinal Songbird SDK integration:
Browser characteristics and capabilities
Screen resolution and color depth
Device timezone and language settings
JavaScript and cookie support
IP geolocation data
3. Enroll (3D Secure Verification)
The enrollment process checks if the card is enrolled in 3D Secure and the card issuer's Access Control Server (ACS) determines the authentication path based on:
Card enrollment status in 3D Secure
Issuer's authentication policies
Transaction characteristics
Device and browser information
Cardholder authentication history
4. Authentication Decision
Based on the issuer's 3D Secure policies and enrollment status, one of three outcomes occurs:
Frictionless Approval
Card is enrolled and issuer allows frictionless authentication
No user interaction required
Authentication completes automatically
Challenge Required
Card is enrolled and issuer requires additional verification
User must complete authentication challenge
Requires validation step after completion
Authentication Not Available/Failed
Card not enrolled in 3D Secure, or
Issuer declines authentication, or
Technical error in authentication process
5. Validation (Conditional)
When a challenge is required:
User completes the authentication challenge
Validation confirms successful completion
Results are verified before proceeding
6. Authorization
Process the payment using authentication results with:
Firstoken Payments API: Integrated payment processing
Third-party Processor: Any payment gateway (processor-agnostic)
Benefits
Higher Authentication Success Rates
Proper 3D Secure implementation increases issuer confidence
Reduces false declines from authentication failures
Supports both frictionless and challenge-based flows
Enhanced Security
Cardholder identity verification
Secure authentication protocols
Liability shift protection for qualifying transactions
Improved User Experience
Seamless authentication for enrolled cards
Mobile-optimized challenge interfaces
Reduced cart abandonment through proper implementation
Technical Advantages
3D Secure 2.0 compliance
Rich data exchange with issuers
Backward compatibility with 3D Secure 1.0
Real-time transaction processing
ECI (Electronic Commerce Indicator) Results
Authentication results are communicated through ECI codes:
Mastercard
01
,02
: Authentication successful00
: Authentication failed
VISA/AMEX
05
,06
: Authentication successful07
: Authentication failed
Integration Requirements
Frontend Integration
Cardinal Songbird SDK implementation
Device data collection handling
Challenge modal display capability
Backend Integration
Three API endpoint implementations
Token and session management
Error handling and retry logic
Payment Processing
Authentication result handling
ECI code interpretation
Liability shift optimization
Cardinal Commerce Integration
When authentication is pending, you need to integrate with Cardinal Commerce for the challenge flow. Our team will provide you with the necessary Cardinal credentials and integration guidelines.
Last updated
Was this helpful?