This page contains the necessary information to implement and test the 3D secure flow using Finaro as a TSP.
|Device fingerprint information retrieval flow|
|When device fingerprint assessment is required by the issuer, Source responds with the 3ds_method and 3ds_trxid parameters in the Payment Key Creation call.|
3ds_method - URL - The issuer’s URL that should be used to trigger the collection of the device fingerprint by the issuer
3ds_trxid - [a-zA-Z0-9, -] - Universally unique transaction identifier to identify a single 3D Secure transaction.
Perform the following:
1. Upon receiving the 3ds_method and 3ds_trxid parameters, create a JSON object with the 3DS Method Data elements, as follows:
threeDSMethodNotificationURL = the URL to which the issuer will send his approval
threeDSServerTransID = 3ds_trxid
2. Encode the JSON object in Base64.
3. Render a hidden HTML iframe in the cardholder’s browser and send a form with a field named threeDSMethodData, containing the Base64url JSON Object, via HTTP POST to the 3ds_method URL you received from Source.
4. At this stage you should get a response about the completion of the fingerprint collection process. The information should arrive at the notification URL you provided in the JSON in the threeDSMethodNotificationURL parameter.
After the device fingerprint retrieval flow is complete you need to use the following values for the attribute fingerPrintStatus:
NOT_REQUIRED: if the device fingerprint retrieval was not requested by the issuer (3ds_method is null).
REQUIRED_ASKED: if the device fingerprint retrieval was requested and you manage to complete the flow successfully.
REQUIRED_NOT_ASKED: if the device fingerprint retrieval was requested but you did not manage to complete the flow successfully or you decided to skip it.
|Card Scheme||Card Number||Challenge||Success OTP||Fail OTP|