Implementing 3DSecure via the Gateway

Technical questions relating to the iVeri WebService integration

Implementing 3DSecure via the Gateway

by samora Wed Feb 24, 2016 10:05 am
Please use the below in conjunction with Section 12.5 and Appendix B on the attached document.
Before you can be able to start your implementation, please send an email to your support team and advise them to enable 3DSecure on your Test Application ID.


ThreeDSecureCheckEnrollment

Request
<V_XML Version="2.0" CertificateID="{AAAAAAAA-PPPP-PPPP-1111-DDDDDDDDDDDD}" Direction="Request">
<Enquiry Command="ThreeDSecureCheckEnrollment" Mode="Test" ApplicationID="AAAA1111-BBBB-DDDD-0000-22222AAAAAA">
<ExpiryDate>082018</ExpiryDate>
<Currency>ZAR</Currency>
<MerchantReference>2016_02_17 10:56:56</MerchantReference>
<Amount>7000</Amount>
<PAN>4000000000000002</PAN>

</Enquiry>

</V_XML>


Response:

<V_XML Version="2.0" Direction="Response">
<Enquiry ApplicationID="{AAAA1111-BBBB-DDDD-0000-22222AAAAAA}" Command="ThreeDSecureCheckEnrollment" Mode="Test" RequestID="{F2C71FEE-4394-42F3-B13A-22222AAAAAA}">
<Result Status="0" AppServer="105IVERIAPPPR02" DBServer="105iveridbpr01" Gateway="MyBank" />
<ThreeDSecure_PAReq>eNpVUl1TwjAQfM+vYHxlpkkq0MocmSmiI+PIoIiCbzGcUJUU0pYWfr1Jbf14u7272exuDh43BnE0Q5UbFHCHaSrX2IpXgzO+Hu+OSXA1fdlHo9engJeTN20mYaHvB2cCptED7gUc0KRxogX3mOcDbSCxVEZtpM4ESLUfjiei1+2c+xxoDQls0YxHgvvnnW4vCIF+YwJablEMpf5I0RyiNxMr2WrYgFZTAirJdWaOIuAMaAMI5OZTbLJs16e0KArvtWbxVOKdJFA3JkB/tU1zV6XWehmvRDDCRYmbbfuaLQ+9bvuAs9PxvUy7i3AA1G0QWMkMhc94j/k8aHHW9y/6fgdo1Scgt06LeAiYx6yyGhLYuYeibxQwN/rbsX5yY1CrxlCDCGC5SzTaHZvuT209/Cq/vHEZq8yGNy9m4zSNlur5ajrnw/XtIp93itu9crFXGxVhbLPiIQsrxrgKjjoWWn8qre/AVv/u4wvv7bcs</ThreeDSecure_PAReq>
<ThreeDSecure_ACS_URL>https://acstest.bankserv.co.za/V3DSStart?osb=visa-3&amp;VAA=B</ThreeDSecure_ACS_URL>
<ThreeDSecure_RequestID>{F2C71FEE-4394-42F3-B13A-22222AAAAAA}</ThreeDSecure_RequestID>
<CardHolderAuthenticationID />
<CardHolderAuthenticationData />
<ElectronicCommerceIndicator>SecureChannel</ElectronicCommerceIndicator>

</Enquiry>

</V_XML>


  • Check whether the result status = 0: if yes (result status = 0) then continue to the Next point.
    if not then then you do NOT continue with the transaction. This must be logged and your support team notified as there might be a technical error.
  • Check whether both ThreeDSecure_ACS_URL & ThreeDSecure_PAReq contain valid values or blank. If it contains values then continue to the next step.
    if blank, then check the ElectronicCommerceIndicator value and only if it contains ThreeDSecureAttempted do you send an Auth / Debit message with ElectronicCommerceIndicator = ThreeDSecureAttempted .If the card is not enrolled, [i]skip the Validate Authentication, and proceed with the authorisation.[/i]
  • Also note that at this point if there is values for both or either of CardHolderAuthenticationID and CardHolderAuthenticationData. you include these in the Auth / Debit message.



If the card is enrolled. The merchants website will have to redirect to the Access Control Server (ACS) URL(ThreeDSecure_ACS_URL value),
  • with the ThreeDSecure_RequestID value (on the form variable MD ) and the
  • ThreeDSecure_PAReq value (on the form variable PAReq) must be posted to it together with the
  • Form variable TermUrl value will be a page from your website that will accept PARes form variable’s value returned once the card holder has authenticated the transaction and will be required in the Validate Authentication message.

Validate Authentication
Note



Request
<V_XML Version="2.0" CertificateID="{AAAAAAAA-PPPP-PPPP-1111-DDDDDDDDDDDD}" Direction="Request">
<Enquiry Command="ThreeDSecureValidateAuthentication" Mode="Test" ApplicationID="AAAA1111-BBBB-DDDD-0000-22222AAAAAA">
<ExpiryDate>082018</ExpiryDate>
<Currency>ZAR</Currency>
<MerchantReference>2016_02_17 10:56:56</MerchantReference>
<Amount>7000</Amount>
<ThreeDSecure_RequestID>8EF324FA-D204-4645-A2EE-645774394687</ThreeDSecure_RequestID>
<ThreeDSecure_SignedPARes>eJzVWNmSo8iSfZeZ/qGs7qOsm1VIalPltWARAgkQq4A39lWAAInl628os7s6u6Z7pu+MjY2NXhJ5
Oi73cI9zTsT+n+Ot/PKM2i6rq29fsZ/Rr1+iKqjDrEq+fTWNw0/br1+63qtCr6yr6NvXqv76z7e9
kbZRxOpR8Gijt70UdZ2XRF+y8NvXsRsHld2G52ilmKvDYDoKh+bb3TpWv31921+AFnXvjj76/YPj
fhygoeeHHoZt1hGFhps4jMntJsZwEt2tKdzDqC0V+yG2iSJqja0xgtjGm020gw67cBejJAqj/1rH
GyzjZ3yP/PYVJtgGqVf1b3svuNOC/LYmMXxL7JFfv+5vUSuwb9h6t8GIzR75+LpHfn/v8ng9dbDY
MQvfVrcTx1J393LXNVGn21S/jH1nOfI5+LZHXh770OujNxzFKBTHNl8w/BcM+wWDod/t++YVDtzq
B4y9fi3BHvls2sN1bWEbprcNBv/1/ds+GhvYBegBq/v+vEd+z67xqjf002dD4LDMl3Vv2G/7Prt9
zgr9BcV/QaHDu30P+9w/ujdnj/z6tA+85/Mt5y3Hth9zOmwmoHFAaBEw04ArNg6s9t1lHwXZG/pK
Cv59fwuUSd1mfXp7Iz58fjfskVcqyPsovO31LKngj7XRFziJVffta9r3zS8IMgzDzwPxc90mCA4L
QdAdAh3CLkv+8fXjrSgUqrh+2zNeVVdZ4JXZ7PWw31LUp3X45fsP/llIQ3tFxRCNY36CYX8KMLL6
6WVBCWz9FfmU1t+J9mOCbef91KUe9gqkRXH06l70xdSEb1//8b8x92yWRF3/38n0tyw/Ilhe+Yje
CDj23mX1yExfu+T1tT5cRIIVtq0+wH5/9twj36uDz5978n35Phxv6IDceyeQT6BRlOGCrVv0fkRX
+MMYmofTm5FTeaGLzNFZE7j6GmuaGxnmcJ3lqWHQqrDkxA7LCyGX+XIhMf3hkTsHFskNz+OPxGPk
uOOV0+V8TUYyhj9XF+SC1SJIT4RTrIad9LyA+VLOW7so/Uy/B6dMywRpHqvlotT4OgjKZEZydXUQ
5lg/RGxAI8VRWkfivNpJQtuIilwyK3r7IGeO8a1pFtW4xMZtNvVlkJoUcmiRBt0tF5zABnah4D3R
Z1csiVLsWuWn8TLq7SOxtZHByvzo78Z1QGDPwSlxm7PX16YnZ4YSV725G3lzW6WKYQFhuegRBOJM
TakhFTOP2sIcliL9ZwxuxYMyHsOJkmwh+fbtY/E/Lfj+FE0fnbDX6I71eu/jiYnaPovhZoEoJAkC
O88MA9ooAYNAg0TQgEKlxZ2yQXh6grUggZzgdmtpYFVHPNWukD4DGajcgVbBkDhgZGYg0olsLRc0
cAxQWoakoQM/OKylqidu1GTHllHXFlnHFgvhED6D21iEeFm4BveQmIEHmMkxo1Qa18Mc8tak4odp
uXAZ2vYJsXOPYePyZmLiVh7aYqniu8LV6aN7JRMp5zKJAe8RwCi55kHkBA5jhYNcOoQ1uab8fL27
XJi33TNkaFY1QHQY0FHKAS7lwqAYgJRm2oO2STY+2w6eJPBAUruBUd9r4blBtMyZC+H40d1H1qlk
fs76h5zHcw6619rQoDNEE0sDQiuDQk6Dm5pY+G7yeY1YLryrVv6YsYZbD4EVRiEHyUcEyeAtWtcY
WlYn2nCvMhbcLNbHX++KT59QExXlhuUiSeCaAJRn9DuvCz7BqhwNVBMAUqDZAfYs4U6ghr1W2aZn
bh3lCThu7HSDQguIO7p7QSnj5Jt0U9+Wi42L0fU2UFXAIb20NpWeMI5S2KbGCveEIt8ZaAOItTDJ
EiPzbL+K8nTa9MdwwFoqYm3kZDtHnzyU0c1ZLlCCHbS2UPUjcl65j0hfh0x8logb7s0jbfetZbOh
HPlx2m/74KqdT7jyoJ45O4fC/KgeV82lCo1VqTrAlouzbik4PWYHBTVO9SBeEGlzv2oGInY3nzL4
BH3ebiq/U7nmZt0UV4hGa3w4E9FWm4TzLax/EgXp8aipS8tFg9t3xI7Ie7QS2k13uGtriienUzTr
1tmcVU+gkTCKmGJ3NXEDtW9ZADiHpdU6CmqdwjSyytcKe5uHG79cTGNbgkSiAeBzNYfdA9vXxITc
oMIt5dAg3jJwFw1sAmdLQy9APSKvloCE4yUaffdlE/VK0+p9uTgYwWixCvIYBSxtDgfC0nXjIPGP
HMh0UtzTIuN3A/rq8wEA5RUZpKyirmfTxgd6sp4ocy88IvIr2FOEGrVZVf1rVM5VxJqyFQZ9hVWp
2OOXE/bgrY1G84B/FEkIHv4wVHTK4ofQT+mjYfnN+eKMtB9KYIqY5WIbzZ7NZ62tAPBEHZ9PLyUm
mYeMvd31MvOe9MHsyIB70ILXkbRZu+vDjJJ4yOrgGkNii4mSnFtzfZ5rCMU7YrJHOPb3ROgMQhVW
nSYRSYLw4VBvUdZU8ViL444PgXnEGWR73iLDccXtjl2TS2xhl26dXgQBHfvTcpGGwuU6+wpNsYp5
LvFLEfLHmxiQlj3GysDhsgjU8VZ7F411+EQ5WM9idvpptIrRjmxwkfutqWlEHl+fy4XT0vwRZ9eA
JEH/Drk/4umfASyXsBBg8ew3gFVVgqNjtp6P6akhmtscHFvKnf+kkSxDJyx3lkDxDjYQYFOJsSxp
PBrA/wCF2jhwfw4rL1CRdHI4g3fwOnOT9QcgXi7+AMX6D5DChZAlwSTpwiB8RGC5sVTNQk0MU/oR
jPXlwsd3qMDJtESTNmtwk8Q6EwTZNQTUUT7U0CZg7zbjV5tVQ/pwvtPHZ/JYLv6n9PEZiCGV/DV9
1BLj/EYf8V/Rh27Lc3i1JmiHsONkLxqBPYVr8wMpwt0KWAiwF/DquVoz8JkGshfRSZwbJ+FQdptH
JBmzgFfOAHw48MFxKNR7uKU7YRJ9NyxwjFs9p/uOS21MFuoMpJdNXK4mJK07m6LCNo9bf+oa9+yV
rcVTieOHNJ7jertdLmZaUyvJPZ3KBzs4TwSnqKrS6GjinStxGCbrsT1jgHHUACUBU0QrdCMLCHC3
iq3qdeTXHMebyhpHkQ21XNRYwGlrpdgdtQzNRXbLUWS+DbmeoKQgQUXvpGZsrqflZAwkoJ1pdjFr
LFEkY9t48OtR5hSlrhm0DSAkyhXTCLotXStcvrlHTIXI3eO54G7V+UAg80oiMqf1wnT3cL1HGcl3
cXe+nFrEOxxYP0LpJ3o5+09bqQ6wp4MyPkWFvZo5BNKBA8BT6I3B0FQOLq95OmoSx7BQGkBghaAK
AZj8ANWBo5EB4iPcjXQOwg/pclRJ7pCo5mCAttKIVMNWQo49Rqm/1xf6huebbki84D2CMOh0NTN0
deLp9K7Tyfz/cZ8mKQc2UCG0TUCj9y1bJANzCQyi+DMk+pVSiFJ8OFaYTRjGnc2YXi7i8yPzyeRi
+AUbWmeaO9XdiE4mG8yRXRumktNcsEPj9UnL/SYim6xUYEuqi2zyTUa4TKmv0Kkz6IbSlovQmbEo
ls/6wzPEvhGbmlEKDKkG6rqqRO46sbYZMMhk3bvezcJA4SkgxSeT5Jj1TMvc2WX4GJsqCS9XUAgN
zyJgzSfp4FGPVIh8F070PA28rhR9nRs3Dy2OfgEiqsmpjFobzcAlXDMNVrlGa+kmn542K0tz1QI4
vZS+e3Qr5cjmdaWUt9t0vamjHZqYNA/hab7kx3goV1Ce0DDL9nHMuUDuxs0Fb03jhtA9oV+v2Inc
WrEsQ2KyPOQa9IbLi0xrEW5eUmD39ynFzSG8oNQnzZ7I59ZKiup5NuR8Z68zDcuCv9Dszv+1Zv9b
oLtcfIbdD9D90O4y+9LpziDP6izN4ku7j8oPNumw/QO1LBegbGhJS4ZD8muVw05xr1rmXNetwI2N
fy1R96qOBwMYv2l2lluXsEWpf+uSd1phufilzmC0j+yv1s2avKvbwDcTpyqSP5AQ+/dI4l2z00Ak
ojIbA4XGopEngt1RmZCw6nYhKpUnECsV1KN3IgqezjDaOJs2T6Q5SC5T9ScFJ24PXRI7SjKXC9ur
y5ObovdLPTAERTxMrbKFB1YX1nlNllexropnqhLlqJiSdsLu80AJ+YbW8s31EuYKkihBdfNmRUE6
WOkG8zf5+kDMcVqcxzkhOo1IqtPjYBWDWzOrqDrpyRWlnAgwY0A+yQDwl9V6RWX0imvGNbIe43Oi
QCiFuQGS0nW9UZ9NypssIZ0Uk5QmikejI/Q27FV5Lsc8Ibe+Xd3HVRWTl4PbaPnAibCi1BhSmw4x
VynkCc6baKEY0T00Bb9R4mXd4Ek8HE/Bo6lPa8wNBqQR4/npOhXzO0nsoKzaQqJoPpR3Tgt8BE96
PqQ7h+cbgWf/6tz375z64M76L859/86pb7n4z899PMNx8gjsgZJGUr+HlNsRNLW6BR81aKhBA2EA
LFB+o7vt6wQCh05iaBIMp+HdS6UZdRBqcIHC7T/sskTdQlHHES8RB0/KhMxKs1TWUKz9Ccqw7xPN
lJEZaRfp/IRyvd3QnXG4jFuCE59XPnU9Uq8bLrmNftniNNuKa0JPIaXUHHlT1ZTtPPvsHuNtyz1F
+kTa3i5npswpNx6USBahsKeLdQshude688xahbhkoOgkhEI9D8m3tJdCgsLmvGTo1sfYRmNW81ig
xGY421sDnKtI5ryWRVBf4o9nq3IE7jz0QVTZ7gEkm1WpUZijn8TjUHtHu9nA8yveFC1iIkRcHZlz
iCCMoMQ10exOQPazLJVEQ3pKZsduK65TH0fM6Y+nntE7kWcr06Ac5iozacve/KyLIN1ZYS1X66Bc
z+X2JomXO7G5HbnxWhlKfbkKFuDvhqOV6pQDzNmJCNl1q6oQeR3vqEfyZ2SB/H7Xg3y///n9Zuj9
Qvv9pv51Bfv5Bv9f9ZK+jA==</ThreeDSecure_SignedPARes>
<PAN>4000000000000002</PAN>

</Enquiry>

</V_XML>


Response:
<V_XML Version="2.0" Direction="Response">
<Enquiry ApplicationID="{AAAA1111-BBBB-DDDD-0000-22222AAAAAA}" Command="ThreeDSecureCheckEnrollment" Mode="Test" RequestID="{F2C71FEE-4394-42F3-B13A-22222AAAAAA}">
<Result Status="0" AppServer="105IVERIAPPPR02" DBServer="105iveridbpr01" Gateway="MyBank" />
<ThreeDSecure_RequestID>{F2C71FEE-4394-42F3-B13A-22222AAAAAA}</ThreeDSecure_RequestID>
<CardHolderAuthenticationID>a0N0aVZUTDl1U2g0elNacnBiMjA=</CardHolderAuthenticationID>
<CardHolderAuthenticationData>AAABB5gjAQMIZGQRkyMBEMXd8WU=</CardHolderAuthenticationData>
<ElectronicCommerceIndicator>ThreeDSecure</ElectronicCommerceIndicator>

</Enquiry>

</V_XML>


  • Check whether the result status = 0: if yes (result status = 0) then continue to the Next point.
    If result status not equal to 0 then something else went wrong with your request or the card holder failed to authenticate and you should not continue with the transaction.
  • Store the following values as they are required in your Auth / Debit Message:
    • <CardHolderAuthenticationID>a0N0aVZUTDl1U2g0elNacnBiMjA=</CardHolderAuthenticationID>
    • <CardHolderAuthenticationData>AAABB5gjAQMIZGQRkyMBEMXd8WU=</CardHolderAuthenticationData>
    • <ElectronicCommerceIndicator>ThreeDSecure</ElectronicCommerceIndicator> //Note that ThreeDSecureAttempted is also possible to get back with the other variables either blank or with values.

Auth / Debit message

<V_XML Version="2.0" CertificateID="{AAAAAAAA-PPPP-PPPP-1111-DDDDDDDDDDDD}" Direction="Request">
<Transaction Command="Debit" Mode="Test" ApplicationID="AAAA1111-BBBB-DDDD-0000-22222AAAAAA">
<CardHolderAuthenticationID>a0N0aVZUTDl1U2g0elNacnBiMjA=</CardHolderAuthenticationID>
<CardHolderAuthenticationData>AAABB5gjAQMIZGQRkyMBEMXd8WU=</CardHolderAuthenticationData>
<Amount>7000</Amount>
<Currency>ZAR</Currency>
<ElectronicCommerceIndicator>ThreeDSecureAttempted</ElectronicCommerceIndicator>
<ExpiryDate>082018</ExpiryDate>
<MerchantReference>2016_02_17 10:56:56</MerchantReference>
<CardSecurityCode>902</CardSecurityCode>
<PAN>4000000000000002</PAN>

</Transaction>

</V_XML>


Response
<V_XML Version="2.0" Direction="Response">
<Transaction ApplicationID="{AAAA1111-BBBB-DDDD-0000-22222AAAAAA}" Command="Debit" Mode="Test" RequestID="{CC79E732-EAA2-4E1B-ACC4-00748350000}">
<Result Status="0" AppServer="105IVERIAPPPR01" DBServer="105iveridbpr01" Gateway="MyBank" />
<MerchantTrace>5384.3080.2642</MerchantTrace>
<Amount>7000</Amount>
<AuthorisationCode>746358</AuthorisationCode>
<Currency>ZAR</Currency>
<ElectronicCommerceIndicator>ThreeDSecure</ElectronicCommerceIndicator>
<ExpiryDate>082018</ExpiryDate>
<MerchantReference>8a83948452eed6530152eedad4390865</MerchantReference>
<Terminal>Default</Terminal>
<TransactionIndex>{1D49AB32-4E71-48C6-BBC7-738417C9A438}</TransactionIndex>
<MerchantName>Cell C</MerchantName>
<MerchantUSN>00012345678</MerchantUSN>
<Acquirer>MyBankPostilion</Acquirer>
<AcquirerReference>60217:04051099</AcquirerReference>
<AcquirerDate>20160217</AcquirerDate>
<AcquirerTime>125239</AcquirerTime>
<DisplayAmount>R 70.00</DisplayAmount>
<BIN>400000</BIN>
<Association>Visa</Association>
<CardType>Credit Card</CardType>
<Issuer>MyBank</Issuer>
<Jurisdiction>Local</Jurisdiction>
<PANMode>Keyed,CVV</PANMode>
<ReconReference>04051099</ReconReference>
<CardHolderPresence>CardNotPresent,eCommerce,ThreeDSecure</CardHolderPresence>
<MerchantAddress>MERCHANT ADDRESS</MerchantAddress>
<MerchantCity>JHB</MerchantCity>
<MerchantCountryCode>ZA</MerchantCountryCode>
<MerchantCountry>South Africa</MerchantCountry>
<DistributorName>MyBank</DistributorName>
<CCNumber>4000……..0002</CCNumber>
<PAN>4000……..0002</PAN>

</Transaction>

</V_XML>
Posts
54
Joined
Thu Sep 17, 2015 3:29 pm

Jump To