Process of the 3DS 2.0

Following, some explanations about the process which differ with the 3DS 1.0 :

Before, to create a 3DS sales, you used the checkEnrollement and obtained the response about if the card was 3DS or not. In the case the card was indeed 3DS, you received the informations required to help the consumers to authentificate at they bank.
You can see this subject is more complex with the 3DS 2.0.

We will show the more important steps of the process :


The great steps of 3D Secure 2.0 :


  • This step consist to submit the PAN of the card to the Centralpay API.
  • In response : 
    • If the card is not 3DS 2.0, the transaction rejected. You need to redo the transaction with checkEnrollment (3DS 1.0).
    • If the card is 3DS 2.0, you will receive an UUID identifier of the operation from the start till the final result and the datas required to achieve the "3DS Method" (URL + base64)


  •  You need to generate a request to the browser of the client ( 1 formular integrated by a hidden iframe create the request, as we insert into it the base64 data)
  •   This function allow you to insert the base64 data retrieved from the versioning of the ACS.


  •   This request allow the sending of the contextual data of the consumer
  •    Possible responses :
    •   if OK : retrieval of the datas that need to be send in the transaction request (identical to the 3DS 1.0).
    •   if NOK : refusal
    •   if challenge : receive the equivalent of the result of the checkEnrolement with URL and base64


  • You need to prepare the iframe used to display the strong authentification formular
  • Then, post the result to the ACS


  • You will receive a end notification of the challenge with Ok or KO
  • If the result of the challenge is OK, as it integrate the 3DS datas, it will be received by Centralpay.


  •    To know the resulte of the challenge response, you need to pass the UUID of the request 3DS 2.0.
    •   if OK : retrieval of the datas required to the transaction to occurs.
    •   if NOK : refusal

All this process must take place on the same web page.

For a better understanding of the process, upward is a global schema. For the technical documentation please consult here.