Provider-handled Flow

The Provider-handled Flow is where the 3D Secure authentication process is handled by the provider you transact against after invoking the API request.

3D Secure Provider-handled Flow

A 3D Secure Provider-handled Flow is a flow handled by the provider that you transact against. All you need to do is to provide sufficient information within your your Create an Authorization or Create a Charge request to help the card issuer assess the fraud risk level of the transaction. The provider will then handle all the remaining 3D Secure steps, such as collecting device information for constructing a fingerprint or redirecting the user to a challenge step (if needed). While both the Provider-handled flow and the PaymentsOS-handled flow allow you to invoke 3D Secure authentication as part of your authorization or charge request, the PaymentsOS-handled flow differs by automating the authentication process thanks to rules you pre-configure in advance via your control center— giving you an almost hands-free approach once the rules are set.

The following image illustrates the 3D Secure 2 Provider-handled Flow:

3D Secure Proxy Flow

The steps in the flow are as follows:

  1. Create a new authorization or charge request. In the three_d_secure_attributes.internal object, pass in additional information that will help the card issuer assess the fraud risk level of the transaction. Also pass in a merchant_site_url, to which the user will be redirected when authentication is completed.

    The response will indicate that a redirect is required and will include a redirection URL. The authorization will have a status of pending.

  2. Open the redirection URL to allow the provider to handle the 3D Secure flow.

After the provider completed the 3D Secure flow, we will redirect the user to the merchant_site_url.

Last modified March 2, 2023