Dynamic 3-D Secure
Dynamic 3-D Secure (3DS) allows you to bypass 3-D Secure authentication for payers where payments are deemed low risk by your external risk provider. It gives you the flexibility to selectively perform 3DS authentication on transactions while maintaining appropriate risk management. It also allows increased conversion rates through frictionless checkout for low risk payments as payers are less likely to abandon the payment process when not redirected from the merchant's website to enter their 3DS password.
When Dynamic 3DS is enabled, you can choose to:
- Submit a transaction to the gateway without performing 3DS
The transaction will be sent to your configured external risk provider for risk assessment, and the gateway will provide a recommendation to you based on this risk assessment. Transactions deemed low risk will not require 3DS authentication of the payer and will be successfully processed by the gateway. Medium risk transactions might have a chance to succeed if resubmitted with 3DS authentication details whereas high risk transactions will be rejected by the gateway. - Submit a transaction with 3DS authentication details
You may choose to do this, for example, if the transaction originated from a high risk country or the order amount is very high. The transaction will not be sent to the external risk provider for risk assessment. If the transaction passes all Transaction Filtering rules (including 3DS rules), it will be successfully processed by the gateway.
Prerequisites
- You must be enabled for Dynamic 3DS on your merchant profile with the gateway by ANZ Worldline Payment Solutions.
- You must not bypass risk assessment on transactions when Dynamic 3DS is enabled. If you bypass risk assessment (
risk.bypassMerchantRiskRules
=ALL
) and submit the transaction without 3DS authentication data:- Transaction Filtering rules defined by you will be bypassed.
- Risk assessment by your external risk provider will be bypassed.
- Transaction Filtering rules defined by ANZ Worldline Payment Solutions, if any, will be applied. If the transaction passes all the rules it will be accepted. If it fails any rules, it will be simply rejected by the gateway without further risk asssessment (as you've chosen to bypass risk).
- You must not be enabled for PSD2 SCA Exemptions.
Integrating to use Dynamic 3DS
The gateway supports Dynamic 3DS on transactions using the following integration methods:
When Dynamic 3DS is enabled, you have two options to submit an initial transaction to the gateway:
- Option 1: Do not perform 3DS authentication and submit the transaction without 3DS authentication data
With this option, the gateway will send the transaction to the external risk provider for risk assessment.
The transaction response will contain the gateway's recommendation for the transaction (in the
response.gatewayRecommendation
field) based on the risk assessment provided by the risk provider. You can use this to determine the next step as summarized in the table below.response.gatewayRecommendation
Next step PROCEED
You can display a message to the payer that the payment was successful. DO_NOT_PROCEED_ABANDON_ORDER
Do not submit the same request again. The payment service provider, scheme or issuer require you to abandon the order. RESUBMIT_WITH_PAYER_AUTHENTICATION
The transaction will be blocked by the gateway; however, you might be able to change the outcome by submitting 3DS authentication data.
Perform 3DS authentication of the payer and resubmit the transaction (same card number) with 3-D Secure authentication details. If this transaction passes all 3DS Transaction Filtering rules, the gateway will process the payment. - Option 2: Perform 3DS authentication and submit the transaction with 3DS authentication data
With this option, the transaction will not be submitted to the external risk provider for risk assessment. If the transaction passes all Transaction Filtering rules (including 3DS rules) it will be successfully processed by the gateway.
If you want to conditionally offer 3DS authentication in a Hosted Checkout interaction, set the field interaction.action.3DSecure
to USE_GATEWAY_RECOMMENDATION
in the Create Checkout Session
request.
Hosted Checkout determines if 3DS authentication is required based on the risk assessment provided by the risk provider. This is summarized in the table below.
risk.response.gatewayCode |
response.gatewayRecommendation |
Next step |
---|---|---|
ACCEPT |
PROCEED |
Hosted Checkout displays a message to the payer that the payment was successful. |
REVIEW_REQUIRED |
ATTEMPT_WITH_AUTHENTICATION |
Hosted Checkout offers 3DS authentication to the payer and resubmits the transaction (same card number) with 3-D Secure authentication details. If this transaction passes all 3DS Transaction Filtering rules, Hosted Checkout processes the transaction. |
REJECT |
DO_NOT_PROCEED |
Hosted Checkout displays a message to the payer that the payment was not successful and that they can retry with another card or payment method. |
FAQs
Without Dynamic 3DS, a transaction with a Trusted Card overrides all other Transaction Filtering rules defined by you, and will be sent to the external risk provider for risk assessment. Note that a Trusted Card rule cannot override Transaction Filtering rules defined by ANZ Worldline Payment Solutions.
However, when Dynamic 3DS is enabled, if a transaction with a Trusted Card is submitted with 3DS authentication data and passes all 3DS Transaction Filtering rules (defined by you and ANZ Worldline Payment Solutions) then it will not be sent to the risk provider for risk assessment. Only transactions without 3DS authentication data and/or which fail any 3DS Transaction Filtering rules will be sent to the risk provider.