Using the JavaScript client (embedded form)

Affected use cases

Payment process

Initialization of the payment session

This use case requires the creation of a formToken via a call to the Charge/CreatePayment Web Service.

No specific fields are necessary in order to benefit from the 3D Secure protection.

Depending on the use case (i.e. the value of the formAction field), strong authentication may be required. In this case, the strongAuthentication field is ignored.

Use case formAction Strong authentication required?
Single payment PAYMENT

The authentication type depends on the issuer’s decision.

For payments in euro, the merchant can request an exemption from strong authentication if the amount is less than €30 and if the store has the “Frictionless 3DS2” option.

For payments made in another currency, the merchant can request authentication without interaction with the cardholder if the store has the “Frictionless 3DS2” option.

Payment by token PAYMENT Strong authentication and CVV entry required.
Card registration upon payment REGISTER_PAY Strong authentication required.
Suggestion to register the card upon payment ASK_REGISTER_PAY Strong authentication required only if the buyer accepts to register their payment method.

Otherwise, the behavior is identical to the PAYMENT value.

Payment using the buyer’s wallet CUSTOMERWALLET Strong authentication required only if the buyer accepts to register their payment method or if they are using an already registered card.

In all other cases, the behavior is identical to the PAYMENT value.

Response analysis

At the end of the operation, the gateway returns a Payment object to the notification URL of the merchant website and to the JavaScript client.

Here is a list of attributes describing the cardholder authentication result according to the use case:

Use case Returned fields
Transaction with successful strong authentication
  • authenticationResponse.value.status = SUCCESS: Successful authentication.
  • authenticationResponse.value.authenticationType = CHALLENGE (Value returned in 3DS1 and 3DS2).
  • authenticationResponse.value.commerceIndicator = 5 (Visa or AMEX) or 02 (Mastercard).
  • authenticationResponse.value.extension.authenticationType = THREEDS_V1 or THREEDS_V2.
  • transactionDetails.liabilityShift = YES: The payment is guaranteed.
  • transactions.effectiveStrongAuthentication = ENABLED: The cardholder has successfully authenticated.
Transaction with frictionless authentication successfully completed, the merchant has the “Frictionless 3DS2” option and has requested authentication without cardholder interaction.
  • authenticationResponse.value.status = SUCCESS: Successful authentication.

  • authenticationResponse.value.authenticationType = FRICTIONLESS.

  • authenticationResponse.value.commerceIndicator = 5 (Visa or AMEX) or 02 (Mastercard).
  • authenticationResponse.value.extension.authenticationType = THREEDS_V2.
  • transactionDetails.liabilityShift = NO: The payment is not guaranteed.

  • transactions.effectiveStrongAuthentication = ENABLED: The cardholder has successfully authenticated.

Transaction with frictionless authentication successfully completed, the merchant has not requested authentication without cardholder interaction.
  • authenticationResponse.value.status = SUCCESS: Successful authentication.

  • authenticationResponse.value.authenticationType = FRICTIONLESS.

  • authenticationResponse.value.commerceIndicator = 5 (Visa or AMEX) or 02 (Mastercard).
  • authenticationResponse.value.extension.authenticationType = THREEDS_V2.
  • transactionDetails.liabilityShift = YES: The payment is guaranteed.

  • transactions.effectiveStrongAuthentication = ENABLED: The cardholder has successfully authenticated.
Transaction with failed 3D Secure authentication
  • authenticationResponse.value.status = FAILED: Authentication error

  • authenticationResponse.value.authenticationType = CHALLENGE.

  • authenticationResponse.value.commerceIndicator = null
  • authenticationResponse.value.extension.authenticationType = THREEDS_V1 or THREEDS_V2.
  • authenticationResponse.value.reason.code = CARD_AUTHENTICATION_FAILED: Refusal of the authentication by the issuer.
  • transactionDetails.liabilityShift = null : The payment is not guaranteed.

  • transactions.effectiveStrongAuthentication = DISABLED: cardholder authentication failed.

Card not enrolled
  • authenticationResponse.value.status = NOT_ENROLLED: Cardholder not enrolled.

  • authenticationResponse.value.authenticationType = null

  • authenticationResponse.value.commerceIndicator = null
  • authenticationResponse.value.extension.authenticationType = THREEDS_V1.
  • transactionDetails.liabilityShift = NO: The payment is not guaranteed.

  • transactions.effectiveStrongAuthentication = DISABLED: cardholder authentication failed.