3D Secure Configuration
Learn how to configure the behaviour of 3D Secure purchase transactions for your customers.
You can enable your customers to choose their preferred method of securing online card transactions from a list of supported Strong Customer Authentication (SCA) channels.
One-time-passwords via SMS will be used as a fallback method, in case end-customers encounter issues with their preferred method.
Setup 3DS Authentication Methods
- To configure the 3DS authentication methods, first you will need to enable your supported authentication methods via your Innovator portal > Application Configs.
Currently, we support SMS, AUTHY and BIOMETRICSas possible authentication channels.
- Enable the allowed Authentication Methods for 3D Secure purchase transactions via the Innovator Portal > Identity Profile(s).
One-time-passwords via SMS is switched on by default and does not require further configuration.
Configure cards for 3D Secure
When creating a card, you can choose the primary authentication method to be used for 3D Secure purchases when using the card. This can be done by specifying the threeDSecureAuthConfig.primaryChannel field. If the field is not specified, whenever a 3D Secure is required, the end-customer will receive an OTP via SMS on the mobile number specified in the cardholderMobileNumber field.
To use authentication methods other than OTP via SMS, you will also need to specify the threeDSecureAuthConfig.linkedUserId which needs to link to a root or authorised user that is active and has a mobile number defined.
You can update the 3D Secure Authentication Method of a card via the Update managed card API endpoint.
When you setup the threeDSecureAuthConfig object, the cardHolderMobileNumber property will be removed and it will no longer be used. Instead, the linkedUserId mobile number will be used to send OTPs via SMS.