On This Page
REST API
Process Flow for SDK Integration
The steps that are required to integrate Payer Authentication into a SDK mobile
application are described below.
- ContactCybersourcecustomer support to register for an API key.
- Download and import the Cardinal Mobile SDK for either iOS or Android.
- Set up your build environment.
- Configure your SDK.
- Setup the initial call to Cardinal.
- Create an API call to your merchant server to request the Enrollment Check service, passing in transaction details and theconsumerAuthenticationInformation.referenceIdrequest field.
- If the issuing bank does not require authentication, you receive the following information in the Enrollment Check response:
- E-commerce indicator
- CAVV (all card types except Mastercard)
- AAV (Mastercard only)
- Transaction ID
- 3-D Secure version
- Directory server transaction ID
- If the issuing bank requires authentication, you receive a response with the payload, and the transaction ID that you include in theCardinal.continuecall from your SDK.
- The Cardinal Mobile SDK displays the authentication window, and the customer enters the authentication information.
- The bank validates the customer credentials and a JWT is returned by the SDK in theonValidatedcallback that the merchant is required to validate server-side for security reasons.
- Create an API call to your merchant server to request the Validate Authentication service, extracting the processor transaction ID value from the JWT and sending it in theconsumerAuthenticationInformation.authenticationTransactionIdrequest field. You receive the e-commerce indicator, CAVV or AAV, transaction ID, 3-D Secure version, and directory server transaction ID.
Verify that the authentication was successful and continue processing your
order.
You must pass all pertinent data for the card type and processor in your
authorization request. For more information, see Requesting the Validation Service.