External 3D Secure Flows
When you integrate with a Merchant Plug-In (MPI), the MPI communicates with the card issuer’s Access Control Server (ACS) to authenticate the transaction, while also taking care of redirecting your shopper to provide additional authentication information, such as a password or a one-time code, to verify their identity.
In this scenario, you simply need to pass the 3D Secure data returned from the external MPI in the
three_d_secure_attributes.external object of the Create Authorization or Create Charge request.
Note that not all the providers you transact against will be able to receive this data. You should therefore configure a route rule to direct the request to a provider that can process data received from an external 3D Secure service. For more information, see Routing Transactions to a Provider Supporting External 3D Secure.