Implementing Direct API for Payer Authentication
The Direct API integrates EMV 3-D Secure 2.x into your business's website. This
integration uses an iframe to complete the device profiling and EMV 3-D Secure
authentication requirements without including third-party JavaScript directly on your
site.
This implementation requires the use of JavaScript to leverage the authentication. The
JavaScript is hosted and contained inside the iframe and does not directly access your
web page.
IMPORTANT
Payer Authentication uses Cardinal (a Visa owned company)
Centinel as the technology platform to manage all EMV 3-D Secure authentication
processes. Any references to Cardinal in this document refer to the underlying services
that are provided by Cardinal technology.
A website is available at index.html that provides a demo tool to help users understand
how payer authentication works. Users can complete the sequence of steps required to
implement payer authentication on their website and examine the code underlying the
process. Use test card numbers to walk through the process and enter 123 as the security
code.
Prerequisites
Notify your account representative that you want to implement payer authentication (3-D Secure) using the Direct API. Provide the merchant ID that you will use for testing. For more information, see Required Merchant Information.
Before you can implement payer authentication services, your business team must contact your acquirer and
Cybersource to establish the service. Your software development team should become familiar with the API fields and technical details of this service.
After Implementation and Before Go Live
Use the test cases to test your preliminary code and make appropriate changes. See Testing Payer Authentication. Testing ensures that your account is configured for production and that your transactions are processed quickly and correctly.