Summary

This represents the 3D Secure Service.
The functions that are available for this service are:

● InitializeCreates a JWT for 3D Secure Card Authentication
● Lookup3D Secure Lookup
● Authenticate3D Secure Authenticate

API Call 1. Create Initialization/Transactional JWT

Initializes a 3D Secure Card Authentication Request
If you are an ISO (Independent Sales Organization), you will need to specify a SubClientID.

URL
https:///v2/clients//3ds/init

Merchant must connect with TabaPay’s create transaction API. Requirements can be found
https://developers.tabapay.com/default.html?v=22.0321

Notes
For Clients who are ISOs (Independent Sales Organizations), to specify your ClientID and a SubClientID, use the underscore character ("") to separate the two values:      where:
• ClientID is your unique 22-character string and
• SubClientID is an assigned 4, 6 or 8-digit value.

Request

Request Data:

JSON Name

Value

Required

Default

Description

account

object

R

Account

accountID

String
22 characters

R

AccountID

owner

object

O

Owner

phone

object

O

Phone Number (E.164 Numbering)

countryCode

String
1-3 digits

O

1

Country Calling Code

number

String
Min: 4 digits
Max: 12-14 digits

R

Phone Number

order

object

R

Order

orderID

String
1-50 characters

R

Order Number

currency

String
3 digits

O

840

ISO 4217 Currency Number

amount

String
Amount

R

Transaction Amount

Response

Status Codes:

Status

Code

Description

200

OK

A JWT is created.

207

A JWT is created.
207 Multi-Status

Multi-Status One or more Failures occurred while processing the Request.

404

Not Found

The AccountID does not point to a valid Account.

Response Data:

JSON Name

Value

Description

Status Code (200)

Status Code (207)

Status Code (Other)

SC

Integer
3-digit code

HTTP Status Code

O

EC

String
1 or 8 characters

Internal Error Code

O

EM

String

Error Message

O

O

3dsID

String

An identifier representing this Request

jwt

String

JWT (JSON Web Token)

deviceCollectionURL

String
URL

URL for Device Data Collection

API Call 2: Lookup

3D Secure Card Lookup.
If you are an ISO (Independent Sales Organization), you will need to specify a SubClientID.

URL
https:///v2/clients//3ds/lookup

Notes:

For Clients who are an ISO (Independent Sales Organization), to specify your ClientID and a SubClientID, use the underscore character ("") to separate the two values: where:
- ClientID is your unique 22-character string and
- SubClientID is an assigned 4, 6 or 8-digit value.

Request

JSON Name

Value

Required

Default

Description

3dsID

String

R

3dsID from 3D Secure Initialize

authenticationIndicator

String
2 digits

R

transactionMode

String
1 character

O

transactionType

String
1 character

R

productCode

String
3 characters

R

account

object

R

Account

accountID

String
22 characters

R

AccountID

owner

object

R

Owner

email

String

R

Email Address

phone

object

O

Phone Number (E.164 Numbering)

countryCode

String
1-3 digits

O

1

Country Calling Code

number

String
Min: 4 digits
Max: 12-14 digits

R

Phone Number

order

Object

R

Order

orderID

String
1-50 characters

R

Order Number

currency

String
3 digits

O

840

ISO 4217 Currency Number

amount

String
Amount

R

Transaction Amount

browser

Object

R

Browser Info

javascriptEnabled

Boolean

O

userAgent

String

O

header

String

O

javaEnabled

Boolean

O

language

String

O

colorDepth

String

O

screenHeight

String

O

screenWidth

String

O

ipAddress

String

O

deviceChannel

String

R

Either:

  • Browser
  • SDK

Response

Status Codes:

Status

Code

Description

200

OK

A Lookup Response is returned.

207

Multi-Status

One or more Failures occurred while processing the Request.

404

Not Found

The AccountID does not point to a valid Account.

Response Data:

JSON Name

Value

Description

Status Code (200)

Status Code (200 Challenge)

Status Code (207)

Status Code (Other)

SC

Integer
3-digit code

HTTP Status Code

O

EC

String
1 or 8 characters

Internal Error Code

O

EM

String

Error Message

O

O

3dsVersion

String

The 3D Secure Version that was used to process this request

enrolled

String

Authentication Eligibility Status

processorTransactionID

String

Processor Transaction Identifier

dsTransactionID

String

Directory Server Transaction Identifier

O

O

status

String

Status

ECI

String

ECI (Electronic Commerce Indicator)

UCAF

String

UCAF (Universal Cardholder Authentication Field)

  • Visa uses CAVV (Cardholder Authentication Verification Value)
  • MasterCard uses AAV (Accountholder Authentication Value)

XID

String

XID (Transaction ID)

O

challengeURL

String

Consumer Authentication URL

payload

String

Encoded Payment Request

API Call 3: Authenticate

3D Secure Card Challenge Authentication.
If you are an ISO (Independent Sales Organization), you will need to specify a SubClientID.

URL
https:///v2/clients//3ds/authenticate

For Clients who are an ISO (Independent Sales Organization), to specify your ClientID and a SubClientID, use the underscore character ("") to separate the two values: where:
- ClientID is your unique 22-character string and
- SubClientID is an assigned 4, 6 or 8-digit value.

Request

JSON Name

Value

Required

Default

Description

3dsID

String

R

3dsID from 3D Secure Initialize

jwt

String

R

JWT (JSON Web Token) from Challenge

Response

Status Codes:

Status

Code

Description

200

OK

A Lookup Response is returned.

Response Data:

JSON Name

Value

Description

Status Code (200)

Status Code (Other)

SC

Integer
3-digit code

HTTP Status Code

O

EC

String
1 or 8 characters

Internal Error Code

O

EM

String

Error Message

O

actionCode

String

Result: Action Code

errorNumber

String

Result: Error Number

errorDescription

String

Result: Error Description

O

3dsVersion

String

The 3D Secure Version that was used to process this request

processorTransactionID

String

Processor Transaction Identifier

status

String

Status

ECI

String

ECI (Electronic Commerce Indicator)

UCAF

String

UCAF (Universal Cardholder Authentication Field)

  • Visa uses CAVV (Cardholder Authentication Verification Value)
  • MasterCard uses AAV (Accountholder Authentication Value)

XID

String

XID (Transaction ID)

O


Did this page help you?