Community
Status: Unable to Complete Authentication
The 3ds/lookup and 3ds/authenticate API calls both return a Status. One of the possible status values is U , Unable to Complete Authentication. Should this be interpreted as a "system not available" response, or should it be interpreted as a "failed authentication" response?
Source of version in PullOptions/3DSecure object for Create Transaction
There is a single-digit version string in the PullOption 3DSecure object for [Create Transaction](https://developers.tabapay.com/reference/transactioncreate). Where is the value for that supposed to come from?
XID in Create Transaction
When using 3-D Secure we need to include an XID in the pullOptions 3DSecure object. The documentation for the 3ds/lookup and for 3ds/authenticate say that an XID is returned, but neither JSON sample shows that, and the calls in the Sandbox Environment don't appear to be returning an XID. Are we supposed to be getting this value from somewhere else, such as the processorTransactionID?
3ds/authenticate enrolled and actionCode fields
The 3ds/authenticate call documentation shows an enrolled field if you click on the response documentation in the middle column of the page, under the request field descriptions. The response JSON that is shown on the right side of the page when you click on the 200 response does not include the enrolled field, and neither does the response in the Sandbox Environment. Should that field be removed from the documentation?
Source for sdkVersion in 3ds/init
The documentation for the sdkVersion field in the 3ds/init call does not state where the value should come from. Is there a call within the SDK that we should make to get this value or do we need to construct it based on the version number from the SDK file name? If we need to construct it, what is the pattern for constructing the name?
Android and iOS app permissions for 3-D Secure Mobile SDK
I've checked the TabaPay documentation and the documentation for the SDK components but cannot find a list of permissions that are required by the 3-D Secure SDK for mobile apps. The SDK documentation mentions getting location information for Android, and the EMV documentation mentions getting Bluetooth information for Android. Are there specific app permissions that are required in order to integrate the 3-D Secure mobile app SDK?
Is enhancedResponse needed for production?
The [3D Secure Lookup API call](https://developers.tabapay.com/reference/3dslookup lists the enhancedResponse query parameter as required, and says that in the Sandbox Environment it provides more details. The query parameter is required in the Sandbox Environment. Is it acceptable to use the parameter for the Production Environment, or is it only intended for the Sandbox?
3-D Secure browser info from mobile app
The 3-D Secure lookup API requires a browser object. We're processing in a mobile app and not within a browser. We're using the Cardinal Mobile SDK to perform the device data collection, but it does not appear to return data that can be used to populate the browser object. Is the expectation that we should create a browser object with only the deviceChannel field (set to SDK)?
3-D Secure Session ID: 3ds/init 3dsID vs. Cardinal Mobile SDK consumerSessionId
We're using the Cardinal Mobile SDK for our mobile app for 3-D Secure processing. The steps from the sequence diagram in the documentation are: