Retrieve 3DS Result
Retrieves the 3DS Operation identified by the Merchant and the 3DSecureID listed in the URL.
Authentication
This operation requires authentication via one of the following methods:
- Certificate authentication.
-
Basic HTTP authentication as described at
w3.org.
Provide 'merchant.
<your gateway merchant ID>' in the userid portion and your API password in the password portion.
Request
URL Parameters
Alphanumeric + additional characters
REQUIRED
The unique identifier issued to you by your payment provider.
This identifier can be up to 12 characters in length.
Data may consist of the characters 0-9, a-z, A-Z, '-', '_'
Min length: 1 Max length: 40ASCII Text
REQUIRED
A unique identifier supplied by the merchant for the authentication.
It is first defined in the check3DSEnrollment operation, and then included in subsequent operations.It is not used when the authentication is performed externally.
Data consists of ASCII characters
Min length: 1 Max length: 64Fields
To view the optional fields, please toggle on the "Show optional fields" setting.
String
OPTIONAL
A transient identifier for the request, that can be used to match the response to the request.
The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.
Data can consist of any characters
Response
Fields
Information about the results of payer authentication using 3-D Secure authentication.
You only need to provide these fields if you authenticated the payer using a different service provider.
Alphanumeric
CONDITIONAL
Indicates the security level of the transaction.
This is the value returned in the Electronic Commerce Indicator (ECI) field of the Payer Authentication Response (PARes) message from the card Issuer's Access Control Server (ACS). For example, 0,1, or 2. Refer to the relevant documentation for Mastercard SecureCode™, Verified by Visa™, JCB J/Secure™, American Express SafeKey™, or Diners Club ProtectBuy™.
Data may consist of the characters 0-9, a-z, A-Z
A collection of parameters required to build the HTML form that is redirected to the ACS.
There are two options to generate the redirect page used to transfer the cardholder to the card Issuer's Access Control Server (ACS) for authentication:
1. Simple: submit the form generated by the gateway. In this case, only the htmlBodyContent parameter is required.
2. Customized: for those merchants who wish to customise the submission. In this case, the acsURL and paReq parameters will be required to formulate the submission.
Note: This field will only be returned in the event of a successful directory server lookup.
The customized field is the response returned for those merchants who wish to customise the submission.
In this case, the acsURL and paReq parameters will be required to formulate the submission.
Url
ALWAYS PROVIDED
The URL of the card Issuer's Access Control Server (ACS) where the cardholder can be authenticated.
Ensure that the URL begins with 'https' and is longer than 11 characters.
ASCII Text
ALWAYS PROVIDED
The Payer Authentication Request (PAReq) message that is sent to the card Issuer's Access Control Server (ACS) to initiate authentication of the cardholder.
It contains all of the information required by the ACS to perform the authentication. PAReq should be sent to the ACS URL unaltered.
Data consists of ASCII characters
The simple field is the response returned to those merchants who have chosen the simple option for form submission.
In this case, only the htmlBodyContent parameter is required to formulate the submission.
String
ALWAYS PROVIDED
The generated form to post to the cardholder's browser.
The form will redirect the browser to card Issuer's Access Control Server (ACS) where the cardholder can be authenticated. The form contains all of the information required by the ACS for authentication.
Data can consist of any characters
Base64
CONDITIONAL
Used to verify that the 3D-Secure authentication occurred and the 3-D Secure data provided is valid.
The authentication token is generated and returned by the card issuer's Access Control Server (ACS) or the scheme's Attempts Server. It is a Base64 encoded value and must be submitted unaltered on a transaction. This field is referred to as Accountholder Authentication Value (AAV) for Mastercard SecureCode™ and JCB J/Secure™, Cardholder Authentication Verification Value (CAVV) for Verified by Visa™, American Express Verification Value (AEVV) for American Express SafeKey™, or Cardmember Authentication Verification Value (CAVV) for Diners Club ProtectBuy™.
Data is Base64 encoded
Alpha
CONDITIONAL
Indicates the result of payer authentication with the issuer.
This is the value returned in the transaction status field of the Payer Authentication Response (PARes) message from the card Issuer's Access Control Server (ACS). For example, Y, N, A, or U. Refer to the relevant documentation for Mastercard SecureCode™, Verified by Visa™, JCB J/Secure™, American Express SafeKey™, or Diners Club ProtectBuy™.
Data may consist of the characters a-z, A-Z
Alpha
CONDITIONAL
Indicates whether or not payer authentication is available for the card number you provided.
This is the value returned in the 'enrolled' field of the Verify Enrollment Response (VERes) message from the card scheme's Directory Server. For example, Y, N, or U. Refer to the relevant documentation for Mastercard SecureCode™, Verified by Visa™, JCB J/Secure™, American Express SafeKey™, or Diners Club ProtectBuy™.
Data may consist of the characters a-z, A-Z
Base64
CONDITIONAL
A unique transaction identifier generated by the Payment Gateway on behalf of the merchant to identify the 3DS transaction.
This field is mandatory for Verified By Visa transactions if authentication was available. The XID should be used in operation requests unaltered.
Data is Base64 encoded
ASCII Text
ALWAYS PROVIDED
A unique identifier supplied by the merchant for the authentication.
It is first defined in the check3DSEnrollment operation, and then included in subsequent operations.
It is not used when the authentication is performed externally.
Data consists of ASCII characters
String
CONDITIONAL
A transient identifier for the request, that can be used to match the response to the request.
The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.
Data can consist of any characters
Alphanumeric + additional characters
ALWAYS PROVIDED
The unique identifier issued to you by your payment provider.
This identifier can be up to 12 characters in length.
Data may consist of the characters 0-9, a-z, A-Z, '-', '_'
A collection of information that is specific to responses from the API.
Enumeration
ALWAYS PROVIDED
Indicates if this order will be blocked by the gateway based on rules configured by you or your payment service provider when you request that a payment is processed.
This assessment is based on what the gateway currently knows about this order. Use this value to determine whether or not you should proceed with performing further operations on the order. For example, requesting an Authorize, Capture, or Pay operation.
Value must be a member of the following list. The values are case sensitive.
DO_NOT_PROCEED
Do not proceed using this card.
PROCEED
Proceed using this card.
Errors
Information on possible error conditions that may occur while processing an operation using the API.
Enumeration
Broadly categorizes the cause of the error.
For example, errors may occur due to invalid requests or internal system failures.
Value must be a member of the following list. The values are case sensitive.
INVALID_REQUEST
The request was rejected because it did not conform to the API protocol.
REQUEST_REJECTED
The request was rejected due to security reasons such as firewall rules, expired certificate, etc.
SERVER_BUSY
The server did not have enough resources to process the request at the moment.
SERVER_FAILED
There was an internal system failure.
String
Textual description of the error based on the cause.
This field is returned only if the cause is INVALID_REQUEST or SERVER_BUSY.
Data can consist of any characters
String
Indicates the name of the field that failed validation.
This field is returned only if the cause is INVALID_REQUEST and a field level validation error was encountered.
Data can consist of any characters
String
Indicates the code that helps the support team to quickly identify the exact cause of the error.
This field is returned only if the cause is SERVER_FAILED or REQUEST_REJECTED.
Data can consist of any characters
Enumeration
Indicates the type of field validation error.
This field is returned only if the cause is INVALID_REQUEST and a field level validation error was encountered.
Value must be a member of the following list. The values are case sensitive.
INVALID
The request contained a field with a value that did not pass validation.
MISSING
The request was missing a mandatory field.
UNSUPPORTED
The request contained a field that is unsupported.
Enumeration
A system-generated high level overall result of the operation.
Value must be a member of the following list. The values are case sensitive.
ERROR
The operation resulted in an error and hence cannot be processed.