Payment process
Initialization of the payment session
This use case requires the creation of a formToken via a call to the Charge/CreateToken Web Service.
No specific fields are necessary in order to benefit from the 3D Secure protection.
Under PSD2, strong authentication is required when registering a card.
The strongAuthentication field is ignored and a strong authentication request is automatically made.
Response analysis
At the end of the operation, the gateway returns a Payment object to the notification URL of the merchant website and to the JavaScript client.
Here is a list of attributes describing the cardholder authentication result according to the use case:
| Use case |
Returned fields |
| Transaction with successful strong authentication |
- authenticationResponse.value.status = SUCCESS: Successful authentication.
- authenticationResponse.value.authenticationType = CHALLENGE (Value returned in 3DS1 and 3DS2).
- authenticationResponse.value.commerceIndicator = 5 (Visa or AMEX) or 02 (Mastercard).
- authenticationResponse.value.extension.authenticationType = THREEDS_V1 or THREEDS_V2.
- transactionDetails.liabilityShift = YES: The payment is guaranteed.
- transactions.effectiveStrongAuthentication = ENABLED: The cardholder has successfully authenticated.
|
| Transaction with frictionless authentication successfully completed, the merchant has the “Frictionless 3DS2” option and has requested authentication without cardholder interaction. |
-
authenticationResponse.value.status = SUCCESS: Successful authentication.
-
authenticationResponse.value.authenticationType = FRICTIONLESS.
- authenticationResponse.value.commerceIndicator = 5 (Visa or AMEX) or 02 (Mastercard).
- authenticationResponse.value.extension.authenticationType = THREEDS_V2.
-
transactionDetails.liabilityShift = NO: The payment is not guaranteed.
-
transactions.effectiveStrongAuthentication = ENABLED: The cardholder has successfully authenticated.
|
| Transaction with frictionless authentication successfully completed, the merchant has not requested authentication without cardholder interaction. |
-
authenticationResponse.value.status = SUCCESS: Successful authentication.
-
authenticationResponse.value.authenticationType = FRICTIONLESS.
- authenticationResponse.value.commerceIndicator = 5 (Visa or AMEX) or 02 (Mastercard).
- authenticationResponse.value.extension.authenticationType = THREEDS_V2.
-
transactionDetails.liabilityShift = YES: The payment is guaranteed.
- transactions.effectiveStrongAuthentication = ENABLED: The cardholder has successfully authenticated.
|
| Transaction with failed 3D Secure authentication |
-
authenticationResponse.value.status = FAILED: Authentication error
-
authenticationResponse.value.authenticationType = CHALLENGE.
- authenticationResponse.value.commerceIndicator = null
- authenticationResponse.value.extension.authenticationType = THREEDS_V1 or THREEDS_V2.
- authenticationResponse.value.reason.code = CARD_AUTHENTICATION_FAILED: Refusal of the authentication by the issuer.
-
transactionDetails.liabilityShift = null : The payment is not guaranteed.
-
transactions.effectiveStrongAuthentication = DISABLED: cardholder authentication failed.
|
| Card not enrolled |
-
authenticationResponse.value.status = NOT_ENROLLED: Cardholder not enrolled.
-
authenticationResponse.value.authenticationType = null
- authenticationResponse.value.commerceIndicator = null
- authenticationResponse.value.extension.authenticationType = THREEDS_V1.
-
transactionDetails.liabilityShift = NO: The payment is not guaranteed.
- transactions.effectiveStrongAuthentication = DISABLED: cardholder authentication failed.
|