Standalone 3D Secure with OmniToken

The standalone 3D Secure request can reference previously created OmniTokens. This way handling and sending sensitive card data in the 3D Secure request can be avoided.

How it works

Create an OmniToken

Tokenize the card information by creating an OmniToken.

Send a 3D request

Send a Server-to-Server request to the 3D Secure endpoint referencing the previously created OmniToken.

Redirect the browser

Perform the redirect using the parameters returned in the first step. Display the 3D Secure request form so that the shopper can authorize the payment.

Get the 3D request status

Based on the details returned make a decision on whether to proceed with the payment.

1. Create an OmniToken

Use the /v1/omnitokens endpoint to tokenize the card information and create the OmniToken.

2. Send a 3D request

Use the /v1/omnitokens/{token}/threeDSecure endpoint to initiate a standalone 3D Secure authentication flow.

3. Redirect the browser

If the card enrollment verification passes, the server will return a redirect element containing a url and some parameters in the response. Use this data to create a HTML/JavaScript page that will redirect the shopper's browser to the Access Control Server (ACS).

After the authentication phase, the shopper is redirected back to the platform for continuing with the asynchronous part of the payment transaction and at the end the platform will redirect the shopper using a GET request to the URL provided in the shopperResultUrl along with a resourcePath parameter pointing to status endpoint presented in the next step.

4. Get the 3D request status

Use the /v1/threeDSecure/{id} endpoint to get detailed information about the 3D Secure request.