Update April 2023
Initialize API
Old VS New
The TabaPay 3D Secure Initialize API is meant to generate a JWT for you to start the 3DS process. In our newest release we have modified the way this JWT is generated to provide a better experience for mobile integrations.
These changes do not apply to browser integrations
If you integrated 3DS using the browser flow, please do NOT use the new
sdkVersionfield. This field is ONLY for mobile SDK integrations. If you use the new field, you will cause issues with your integration.
If you are using a mobile SDK integration, you can choose between sending the 3D Secure Initialize API an accountID or the version of your SDK (sdkVersion) as part of your API request. If you choose to do the latter, then you can call the 3D Secure Initialize API, generate the JWT, and perform device data collection earlier in your check out flow (before the card is selected). Reducing the delay between when a merchant performs the pay action and when the transaction is performed (by performing these 3 steps beforehand).
Remember to pick up the sdkSessionID
If you use the
sdkVersionfield during your 3D Secure Initialize call. You will need to collect the thesdkSessionIDprovided after the mobile SDK has completed it's setup. For more information on how to do this, please use the following links:
Lookup API
Old VS New
The TabaPay 3D Secure Lookup is meant to perform the actual Authentication Request for the card. We have added a few changes to this API to make it easier to integrate, to better support mobile integrations, and to provide additional information in the response. There are three changes we will be covering below.
Enhanced Responses
By using the new required URL parameter, enhancedResponse, you will now be able to get more more information about the 3DS result.
Here are the additional fields:
Please note we will now return status: C
If you receive a challenge response, you will now receive a
statusofcin addition to the existing information. This should make it easier to write logic based on thestatusfield itself.
Starting with this new version you should be able to get a 200 on a downgraded authentication (3DS version 1.x), this should provide more context about the result of the authentication call.
Mobile SDK integration
These changes do not apply to browser integrations
If you integrated 3DS using the browser flow, please do NOT use the new
sdkSessionIDfield. This field is ONLY for mobile SDK integrations. If you use the new field, you will cause issues with your integration.
If you are using a mobile SDK integration, you can choose between sending the 3D Secure Initialize API an accountID or the version of your SDK (sdkVersion) as part of your API request. If you choose to do the latter, then you can call the 3D Secure Initialize API, generate the JWT, and perform device data collection earlier in your check out flow (before the card is selected). Reducing the delay between when a merchant performs the pay action and when the transaction is performed (by performing these 3 steps beforehand).
Remember to pick up the sdkSessionID
If you use the
sdkVersionfield during your 3D Secure Initialize call. You will need to collect the thesdkSessionIDprovided after the mobile SDK has completed it's setup. For more information on how to do this, please use the following links:
