External 3D Secure Flows

You should implement an external 3D Secure flow if you use an MPI (merchant plug-in) that handles the 3DS authentication for you.

When you integrate with a Merchant Plug-In (MPI), the MPI communicates with the card issuer’s Access Control Server (ACS) to authenticate the transaction, while also taking care of redirecting your shopper to provide additional authentication information, such as a password or a one-time code, to verify their identity. In this scenario, you simply need to pass the 3D Secure data returned from the external MPI in the three_d_secure_attributes.external object of the Create Authorization or Create Charge request. Note that not all the providers you transact against will be able to receive this data. You should therefore configure a route rule to direct the request to a provider that can process data received from an external 3D Secure service. For more information, see Routing Transactions to a Provider Supporting External 3D Secure.

Last modified February 26, 2023