• France
status page
Merchant Back Office
assistance
FAQContact support
Search
Categories
Tags
English
French
English
Homepage
Use cases
Create a payment
Create an installment payment
Create a multi-card (split) payment
Create a payment by Alias (Token)
Create a payment link
Create a recurring payment
Manage subscriptions
Manage your transactions (refund, cancel...)
Analyze your reports
API docs
Embedded Form
REST API
Hosted payment
Mobile payment
File exchange
Logos
Push mail
Snippets
Payment methods
Plugins
Guides
Merchant Back Office
Functional guides

Payment with integrated authentication

The activation of these features is subject to prior approval by Systempay.

Presentation

The Web Service V4.1/PCI/Charge/CreatePayment allows PCI-DSS merchants to complete a payment by passing card information in the request.

If necessary, the service authenticates the cardholder and returns the authentication information at the end of the process.

As a reminder, under the PSD2, it is mandatory to authenticate the cardholder via the 3D Secure protocol during e-commerce payments.

General principle

1. Adding , the JavaScript library , to your site : kr-authenticate.umd.js

2. Call the V4.1/PCI/Charge/CreatePayment Web Service to create an authentication session

3. Initializing the JavaScript library by sending the URL : operationUrl

This url is generated when the authentication session is created.

4. Executing the JavaScript library

The JavaScript library performs all the actions required for authentication.

It interacts with the ACS authentication server of the cardholder's bank.

There are several authentication options, such as :

  • 3DS2 - Frictionless Authentication, without the 3DS Method
  • 3DS2 - Frictionless authentication, with the 3DS Method
  • 3DS2 - Challenge authentication, without the 3DS Method
  • 3DS2 - Challenge authentication, with the 3DS Method

5. Analyze the payment result from the notification: Instant Payment Notification (IPN).

The IPN is a server-to-server notification to get the payment result.

You must allow the IP address range 194.50.38.0/24 on your server to be notified.

More info: URL notification at end of payment.

Managing timeouts

The payment session duration is set to 10 minutes . After this time, if the IPN has not been configured by the merchant, it is recommended to make a call to the Web Service" Order/Get " to get the payment result.

Specific use cases:

In the following cases, if the merchant is not registered for the 3D Secure program or if the payment is not an e-commerce payment (e.g.: MOTO), the call to the PCI/Charge/CreatePayment Web Service, directly returns an object Payment.

Detailed flowchart

The following diagram details a generic payment scenario with authentication: initial call to the service, creation of a session identifier, interaction with the ACS, final authentication result and end of payment.

CLIENT

Browser

iFrame

Merchant server

Payment gateway server

Remote server (e.g.: ACS)

See the implementation guide

© 2025 {'|'} All rights reserved to Systempaylegal
25.25.0-1.11