REST API

Recommended Integration

Two types of integration are available for EMV 3-D Secure 2.x:
  • Direct API
  • SDK integration for your mobile application
If you are currently using Payer Authentication services in your business processes and need to upgrade to EMV 3-D Secure 2.x, we recommend using the Direct API integration. The Direct API integration most closely resembles the current process in which you request the Enrollment Check service to verify that the customer is enrolled in one of the card authentication programs and receive a response. With EMV 3-D Secure 2.x, that response includes a new value, the processor transaction ID.
For enrolled cards, include the Access Control Server (ACS) URL, payload, and processor transaction ID to proceed with the authentication session. Then, request the validation service, sending the processor transaction ID with your request, and receive a response with the e-commerce indicator and Cardholder Authentication Verification Value (CAVV) or Account Authentication Value (AAV).
For more information about the Direct API, see Implementing Direct API for Payer Authentication.
For details about the other integrations, see Implementing SDK Payer Authentication.
IMPORTANT
If you are using tokenization, use the Direct API integration method for Payer Authentication.