Table of Contents
- Overview
- Understanding 3D Secure
- Challenge Indicators
- Passing a Challenge Indicator within the Hosted Payment Page
- Key Considerations
Overview
In the domain of online transactions, prioritizing security is crucial, leading merchants to frequently adopt 3D Secure (3DS) in their implementation of the Hosted Payment Page. This standardized security protocol introduces an additional layer of protection to credit and debit card transactions by utilizing transaction data for customer authentication. This article explores the nuances of 3DS, with a specific emphasis on the deployment of challenge indicators within the Hosted Payment Page, contributing to an enhanced level of security throughout the transaction process.
Understanding 3D Secure
3D Secure authenticates customers during online transactions by using data provided within the transaction. If additional data is required for authentication, the customer's issuing bank initiates a challenge, prompting the customer to provide a passcode.
These challenges are requested by the customer's issuing bank in most cases, however with the use of the Hosted Payment Page, merchants may pass different challenge indicators in order to force a challenge to occur during the 3D Secure authentication process.
Challenge Indicators
Challenge indicators empower merchants to influence the 3D Secure authentication process by requesting or omitting challenges. These indicators communicate preferences to the issuing bank. Here is a list of all available challenge indicators which may be utilized within the Gateway:
Challenge Indicator | Description |
01 | No preference |
02 | No challenge requested |
03 | Challenge requested (3DS Requestor preference) |
04 | Challenge requested (Mandate) |
Passing a Challenge Indicator within the Hosted Payment Page
Integrators using the Hosted Payment Page can incorporate challenge indicators through the ekashu_3d_secure_v2_challenge_indicator
parameter. This parameter, included in the Hosted Payment Page request, dictates the challenge preference. Choose a value from the table above.
Example Integration
<input type="hidden" name="ekashu_3d_secure_v2_challenge_indicator" value="01">
In this example, the challenge indicator is set to 01, indicating no specific preference. The decision for a challenge is left to the issuing bank.
Key Considerations
- Customizing Authentication: Challenge indicators offer a tailored approach to 3D Secure authentication, allowing merchants to align the process with their preferences.
- Issuing Bank's Role: While merchants can request or omit challenges, the issuing bank ultimately determines whether a challenge is necessary.
By leveraging challenge indicators in the Hosted Payment Page, integrators enhance the security of online transactions, fostering a more seamless and protected payment experience for both merchants and customers.