In order to support the 3‑D Secure 2 protocol, we have added several important features and support two authentication workflows. The basic one is based on the 3‑D Secure 1 authentication workfow and includes multiple customer redirections. The new extended one does not include multiple customer redirections but requires to update merchant web service to support the new features added in the payment platform. This section covers the key new features and provides instructions to merchants how to support these new features. For more detailed information about the new features, see Authentication workflows and Communication formats.
Restriction: For the details about the changes described in this section, contact
ECommPay technical support service at
support@ecommpay.com.
Gate
| Workflow |
Updates |
Merchant TODO list |
| Basic |
- Added new request objects and parameters to the following endpoints:
The new objects and parameters are optional, but it is strongly advised to use them to increase the probability of selection of frictionless flow.
- Extended the structure of callback with payment processing result. Though, the new parameters are added in callbacks only for those payments in which the customer was authenticated by using 3‑D Secure 2.
- Updated the customer redirection algorithm used during authentication procedure. You need to generate the HTML page for the customer redirection and redirect the customer to the preload page hosted on the payment platform.
|
- Merchants are required to replace the logos of the global payment systems in their payment pages: replace Mastercard Secure Code with Mastercard Identity Check and replace Verified by Visa with Visa Secure.
- If merchants support the 3‑D Secure 1 protocol, they are not required to update their code to support the new features added in the payment platform, but it is strongly advised to use them to increase the probability of selection of frictionless flow.
|
| Extended |
- Added new request objects and parameters to the following endpoints:
The new objects and parameters are optional, but it is strongly advised to use them to increase the probability of selection of frictionless flow.
- Extended the structure of callback with payment processing result. Though, the new parameters are added in callbacks only for those payments in which the customer was authenticated by using 3‑D Secure 2.
- Updated the customer redirection algorithm used during authentication procedure. You need to open an iframe for collecting the data about customer and redirect the customer to the authentication page.
- Added the new /v2/payment/card/3ds_check_iframe endpoint that is optional. You need to send request to this endpoint, if you specify the
3ds_notification_url parameter in the initial payment request.
- Added the new
cres parameter to the /v2/payment/card/3ds_result endpoint. It contains the 3‑D Secure 2 authentication result.
- Extended the structure of callback with the customer redirection data.
|
- Merchants are required to replace the logos of the global payment systems in their payment pages: replace Mastercard Secure Code with Mastercard Identity Check and replace Verified by Visa with Visa Secure.
- Merchants are required to update their code to support the new features added in the payment platform.
|
Payment Page
| Workflow |
Updates |
Merchant TODO list |
| Extended |
- Added new objects and parameters that are optional, but it is strongly advised to use them to increase the probability of selection of frictionless flow.
- Updated the customer redirection algorithm used during authentication procedure.
- Extended the structure of callbacks with payment processing result. Though, the new parameters are added in callbacks only for those payments in which the customer was authenticated by using 3‑D Secure 2.
|
Merchants are not required to update their code to support the new features added in the payment platform, but it is strongly advised to use them to increase the probability of selection of frictionless flow. |
CMS plug-ins
| Workflow |
Updates |
Merchant TODO list |
| Extended |
The component will be updated to comply with the Payment Page updates. |
No code update required. |
SDKs for web services
| Workflow |
Updates |
Merchant TODO list |
| Extended |
The component will be updated to comply with the Payment Page updates. |
No code update required. |
SDKs for mobile apps
| Workflow |
Updates |
Merchant TODO list |
| Extended |
- Added new objects and parameters that are optional, but it is strongly advised to use them to increase the probability of selection of frictionless flow.
- Updated the customer redirection algorithm used during authentication procedure.
- Extended the structure of callbacks with payment processing result. Though, the new parameters are added in callbacks only for those payments in which the customer was authenticated by using 3‑D Secure 2.
|
3‑D Secure 2 authentication is supported by all versions of SDK for mobile applications (SDK for Android and SDK for iOS), but the option to use additional parameters in order to make selection of the frictionless flow authentication more likely is available only starting with SDK for Android 1.5 and SDK for iOS 1.5.1. Therefore, it is recommended to use SDK for Android 1.5 and higher and SDK for iOS 1.5.1 and higher. |
Dashboard
| Updates |
Merchant TODO list |
| In order to comply with the Payment Services Directive 2, we apply two-factor authentication with Google Authenticator codes to access the Dashboard interface and with one-time SMS codes for confirming financial operations. |
No code update required. |