3DS Challenge

Challenge Request Model

21
22
23
24
25
26
public class ThreeDSServerFinalCResRequest {
  /**
   * The final CRes is a base64-encoded string sent to the NotificationURL.
   */
  private String base64EncodedCRes;
}

Challenge Request JSON Samples

1
2
3
{
  "base64EncodedCRes": "MTIzNDU2Nzg5MDA5ODc2NTQzMjE="
}

Challenge Response Model

21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
public class ThreeDSServerChallengeResponse {
 
  /**
   * Universally unique transaction identifier assigned by the 3DS Server to identify a single transaction. It has
   * the same value as the corresponding received authentication request. This value has 36 characters in a format
   * defined in IETF RFC 4122.
   */
  private final String threeDSServerTransID;
  /**
   * The message sent to the 3DS Server. The final CRes is a base64-encoded string.
   */
  private String base64EncodedCRes;
  /**
   * The decoded Challenge Response. The final Challenge Response contains the following fields:
   *  - threeDSServerTransID: Universally unique transaction identifier assigned by the 3DS Server to identify
   *      a single transaction.
   *  - acsTransID: Universally unique transaction identifier assigned by the ACS to identify a single transaction.
   *  - acsCounterAtoS: Counter used as a security measure in the ACS to 3DS SDK secure channel.
   *  - challengeCompletionInd: Indicator of the state of the ACS challenge cycle.
   *      Indicates wheather the challenge is completed or requires additional messages.
   *  - transStatus: Indicates wheather a transaction qualifies as an authenticated transaction.
   *      The final CRes message can contain only a value of Y or N.
   *  - messageType: Identifies the message type.
   *  - messageVersion: Identifies the message version.
   *  - messageExtension: Data necessary to support requirements not otherwise defined in the 3D Secure message are
   *      carried in a Message Extension.
   */
  private ChallengeResponse challengeResponse;
  /**
   * Object containing error details if any errors occurred.
   */
  private ErrorDetails errorDetails;
}

Challenge Response JSON Samples

Valid Challenge Response
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
{
  "base64EncodedCRes": "MTIzNDU2Nzg5MDA5ODc2NTQzMjE=",
  "threeDSServerTransID": "8a880dc0-d2d2-4067-bcb1-b08d1690b26e",
  "challengeResponse": {
    "threeDSServerTransID": "6afa6072-9412-446b-9673-2f98b3ee98a2",
    "acsTransID": "375d90ad-3873-498b-9133-380cbbc8d99d",
    "sdkTransID": "0b470d4f-fdf8-429f-9147-505b1a589883",
    "acsCounterAtoS": "002",
    "challengeCompletionInd": "Y",
    "messageType": "CRes",
    "messageVersion": "2.1.0",
    "transStatus": "N"
  },
  "errorDetails": null
}
Challenge Response with Error (error sent from the ACS)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
{
  "base64EncodedCRes": "MTIzNDU2Nzg5MDA5ODc2NTQzMjE=",
  "threeDSServerTransID": null,
  "challengeResponse": null,
  "errorDetails": {
    "threeDSServerTransID": "8a880dc0-d2d2-4067-bcb1",
    "acsTransID": "d7c1ee99-9478-44a6-b1f2-391e29c6b340",
    "dsTransID": null,
    "sdkTransID": null,
    "errorCode": "201",
    "errorComponent": "A",
    "errorDescription": "Data element not in the required format. Not numeric or wrong length.",
    "errorDetail": "threeDSServerTransID"
  }
}