cancel
Showing results for 
Search instead for 
Did you mean: 

3-D Secure support among APIs?

Is 3-D Secure supported by any of the APIs?  I'm specifically interested in CIM.

 

Also, are gateway-hosted forms available for CIM?

eternicode
Member
1 ACCEPTED SOLUTION

Accepted Solutions

Ahah! Found the setting in the interface. It's under Account -> Security Settings -> Cardholder Authentication. Once I check the "I am enrolled in Verified by Visa" and "I am enrolled in Mastercard SecureCode", then the transaction was approved. 

 

Thanks for your help!

View solution in original post

12 REPLIES 12

The only reference I can currently find to 3D Secure is:

 

http://developer.authorize.net/guides/AIM/Transaction_Data_Requirements/Cardholder_Authentication_.h... and p27 of http://www.authorize.net/support/AIM_guide.pdf

 

This is only in AIM, and seems to imply that we would need to use a third-party service to do the 3D Secure check, and just feed the check results into AIM.

 

Is this really the case that only AIM supports 3D Secure, and in that case you have to use a third-party service?

 

Where would I find such a third-party 3D Secure service?

 

I'm hoping the answer is rather simpler and that CIM and SIM can both use 3D secure somehow?

richarddavies
Member

You can use Verified by Visa with both AIM and CIM. To use Verified by Visa with CIM transactions please include the x_authentication_indicator and x_cardholder_authentication_value in <extraOptions> of the createCustomerProfileTransactionRequest.

 

You will need to obtain a 3rd party provider in order to provide the means in which the cardholder can authenticate themselves, which will provide you with the x_authentication_indicator and x_cardholder_authentication_value values to include.

 

Verified by Visa and MasterCard SecureCode are not available features in the SIM API.

 

 

Thank you,

 

Elaine

Elaine
Trusted Contributor
Trusted Contributor

I know this post is quite old, but I'm having trouble getting the gateway to accept transactions in CIM that contain the x_authentication_indicator and x_cardholder_authentication_value values in extra options. The gateway simply responds with:

 

 <resultCode>Error</resultCode>
    <message>
      <code>E00027</code>
      <text>This transaction cannot be accepted.</text>
    </message>

If I pass all the exact same data, but don't put the x_authentication_indicator and x_cardholder_authentication_value, Authorize.net accepts the transaction without a problem. 

 

Is there some option that I'm supposed to turn on to enable 3DS payments in CIM?

 

Edit: I forgot to mention, I'm doing all of this in the authorize.net sandbox. 

how did you pass the extrasOption?

<extraOptions>x_authentication_indicator=xxxx&x_cardholder_authentication_value=xxx</extraOptions>


<createCustomerProfileTransactionRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd"> <merchantAuthentication> <name>****</name> <transactionKey>****</transactionKey> </merchantAuthentication> <transaction> <profileTransAuthCapture> <amount>82.45</amount> <shipping> <amount>11.50</amount> <name>Overnight</name> </shipping> <customerProfileId>****</customerProfileId> <customerPaymentProfileId>****</customerPaymentProfileId> <customerShippingAddressId>****</customerShippingAddressId> <order> <description>Some description</description> </order> </profileTransAuthCapture> </transaction> <extraOptions> <![CDATA[x_authentication_indicator=5&x_cardholder_authentication_value=****]]> </extraOptions> </createCustomerProfileTransactionRequest>

 This is what a message looks like that gives the "Transaction cannot be accepted" response. I'm URL encoding the x_cardholder_authentication_value also, because when I don't do that, I get an "Invalid extra options" error message.

 

Any ideas?

It your directResponse look like  <directResponse>3,1,288,This transaction cannot be accepted.,...... ?

Correct, here is the full direct response:

  <directResponse>3,1,288,This transaction cannot be accepted.,,P,0,,description,82.45,CC,auth_capture,,****,,,,,,****,,,,*****,,,,****,****,****,****,US,,,11.50,,,404E3A175A5F029B9078D246843B32A8,,,,,,,,,,,,,XXXX0002,Visa,,,,,,,,,,,,,,,,,****</directResponse>

 

are you using a test account?

 

3
288
Merchant is not registered as a Cardholder Authentication participant. This transaction cannot be accepted.
The merchant has not indicated participation in any Cardholder Authentication Programs in the Merchant Interface.

Yes, test account. Where do I register as a cardholder authentication participant