3D Secure Configuration
Learn how to configure the behaviour of 3D Secure purchase transactions for your customers.
You can enable your customers to choose their preferred method of securing online card transactions from a list of supported Strong Customer Authentication (SCASCA Strong Customer Authentication - a two-factor authentication solution required by PSD2 regulations for when end-users are accessing their payment account sensitive information or initiating transactions. SCA requires at least two of the following: something you know (password), something you have (device), or something you are (biometrics).) channels.
One-time-passwords via SMS will be used as a fallback method, in case end-customers encounter issues with their preferred method.
Setup 3DS3DS 3-D Secure - an additional security layer for online credit and debit card transactions. It adds an authentication step where the cardholder verifies their identity with the card issuer during the purchase, reducing fraud and providing liability protection for merchants. Authentication Methods
- To configure the 3DS3DS 3-D Secure - an additional security layer for online credit and debit card transactions. It adds an authentication step where the cardholder verifies their identity with the card issuer during the purchase, reducing fraud and providing liability protection for merchants. authentication methods, first you will need to enable your supported authentication methods via your Innovator portal > Application Configs.
Currently, we support SMS, AUTHY and BIOMETRICSas possible authentication channels.
- Enable the allowed Authentication Methods for 3D Secure purchase transactions via the Innovator Portal > Identity Profile(s).
One-time-passwords via SMS is switched on by default and does not require further configuration.
Configure cards for 3D Secure
When creating a card, you can choose the primary authentication method to be used for 3D Secure purchases when using the card. This can be done by specifying the threeDSecureAuthConfig.primaryChannel field. If the field is not specified, whenever a 3D Secure is required, the end-customer will receive an OTP via SMS on the mobile number specified in the cardholderMobileNumber field.
To use authentication methods other than OTP via SMS, you will also need to specify the threeDSecureAuthConfig.linkedUserId which needs to link to a root or authorised user that is active and has a mobile number defined.
You can update the 3D Secure Authentication Method of a card via the Update managed cardManaged Card A payment card (virtual or physical) that can be created and managed through the Weavr platform. Cards can operate in prepaid mode (with their own balance) or debit mode (linked to a managed account). All cards must be assigned to a card assignee who is an Authorised User. API endpoint.
When you setup the threeDSecureAuthConfig object, the cardHolderMobileNumber property will be removed and it will no longer be used. Instead, the linkedUserId mobile number will be used to sendSend A transaction type that allows sending funds to another identity's instrument or to a beneficiary. Send transactions may require Strong Customer Authentication depending on the destination and whether it's a trusted beneficiary. OTPs via SMS.