On This Page
REST API
Building the Iframe Parameters
- Form POST Action: The POST is made to the URL within the iframe is from theconsumerAuthenticationInformation.stepUpUrlresponse field discussed in Step 3: Payer Authentication Check Enrollment Service.
- JWT POST Parameter: Use the value from theconsumerAuthenticationInformation.accessTokenfield discussed in Step 3: Payer Authentication Check Enrollment Service.
- MD POST Parameter: Merchant-defined data returned in the response. This field is optional.
- Iframe height and width:
- 3-D Secure 1.0 uses a standard size of 400 by 400 pixels.
- For 3-D Secure 2.x:
- Use theconsumerAuthenticationInformation.acsWindowSizerequest field to request (but not guarantee) a specific window size.
- Use theconsumerAuthenticationInformation. pareqresponse field to determine iframe dimensions by Base64 decoding the string and cross-referencing the Challenge Window Size value with the corresponding size.
The following table lists these values.
Challenge Window Size Value | Step-Up Iframe Dimensions (Width x Height) |
---|---|
01 | 250 x 400 |
02 | 390 x 400 |
03 | 500 x 600 |
04 | 600 x 400 |
05 | Full screen |
This is an example for the decoded value.
Challenge Window Size Decoded Value
{ "messageType":"CReq","messageVersion":"2.2.0", "threeDSServerTransID":"c4b911d6-1f5c-40a4-bc2b-51986a98f991", "acsTransID":"47956453-b477-4f02-a9ef-0ec3f9f779b3", "challengeWindowSize":"02" }