This document explains how to integrate with the Cardknox 3D Secure 2 (3DS2) card authentication, which is an additional layer of security for debit and credit card transactions.
3D Secure 2 vs. 3D Secure 1
3DS 2 is an improvement of 3DS 1 because it:
Collects more data elements than 3DS 1. This helps issuing banks assess risk more efficiently by reducing the need to ask for more authentication from the cardholder. It also helps to increase the rate of frictionless transactions and decrease the number of authentication challenges during a transaction.
Supports mobile clients. By adding support for native iOS and Android SDKs, cardholders have a smoother mobile authentication experience, without requiring redirects or webviews.
Add a JS reference to your web page.
When the Page Loads…
Add an event handler for the
payments.validatedevent. This event will be raised when a payment that requires a popup has completed validation.
2. Generate a JWT secure token.
3. Initialize the
Cardinal object (
init) using the newly generated JWT.
When the submit button is clicked…
Wait for initialization to complete before submitting the payment.
Begin the bin profiling process. Wait for completion using .then() syntax as below example.
Additional fields (recommended)
Possible responses are
Declined– The transaction is complete and no further action is necessary.
Contact email@example.com to configure behavior on non-authenticated 3DS responses.
Verify– The transaction response contains the 3DS fields necessary for the website to complete the authentication.
4. Feed Gateway response fields
When complete, the
validated event is triggered with a response containing the
data.ActionCode is a successful action code, the event in Step #1 should be configured to send the final
cc:authonly transaction to Cardknox referencing the original transaction and including the 3DS verification data.
The transaction response
xStatus will be
Declined, and the payment is now complete.
External documentation: https://kb.cardknox.com/3d-secure/