Authenticating Cards Using Redirection
After verifying that a customer’s card is enrolled in a card authentication program, you
must redirect the customer to the URL of the card-issuing bank’s Access Control Server
(ACS URL).
The HTTP POST request web form must contain the following:
- PAReq data
- Termination URL (TermURL)
- merchant data (MD)
The MD value must be posted for RuPay. If necessary, you can include it for other card
brands as well.