www.belassist.by

Versions Compared

Old Version 179

changes.mady.by.user Oksana Chizhikova

Saved on

compared with

New Version 180

changes.mady.by.user Oksana Chizhikova

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Depending on the content of the received threedsdata block (units 3,7,8), the authentication proceeds differently.

Main work scenarios:

The main operating scenarios for version 2 are determined by whether a 3DSMethod call is required (generation of a hidden iFrame in the client browser), as well as whether additional client authentication is required and under what scenario it takes place:

  • If For 3D-Secure version 2 (unit 3), if there is the issuing bank URL threeDSMethodURL (unit 57), the enterprise merchant generates hidden HTML iFrame on the payment page (unit 89) and sends a POST request with one parameter threeDSMethodData to the received address threeDSMethodURL, and then calls the get3dsecver2 service (unit 910).
  • For 3D-Secure version 2 (unit 3), if there is the issuing bank URL threeDSMethodURL (units 5, 8, 9), without the additional interaction with the card holder (unit 4), - Frictionless Flow (F), IPS Assist immediately executes a transaction in processing or completes the operation with an error (unit 12).
  • For 3D-Secure version 2 (unit 3), if there is the issuing bank URL threeDSMethodURL (units 5, 8, 9), and the additional interaction with the card holder is necessary (unit 10), the enterprise generates hidden HTML iFrame on the payment page (unit 8) and sends an HTTP POST request for the card holder verification to the specified challengeurl URL (unit 11). This iFrame displays the issuer's bank ACS page and the customer enters a one-time password received from the bank.
  • For 3D-Secure version 2 (unit 3) with no issuing bank URL threeDSMethodURL and without the additional interaction with the card holder, - Frictionless Flow (F), the transaction will be processed immediately and the payment process will be completed (unit 12).
  • For 3D-Secure version 2 (unit 3), if the additional interaction with the card holder is necessary (unit 4), but with no issuing bank URL threeDSMethodURL, the enterprise should generate an HTML iFrame object on the payment page and send an HTTP POST request for the card holder verification to the specified challengeurl URL (unit 11). This iFrame displays the issuer's bank ACS page and the customer enters a one-time password received from the bank.

...