Integrating Payer Authentication into Your Business

You can integrate payer authentication services into your existing business processes whether you are currently using 3D Secure 1.0 or are new to payer authentication.

Four types of integration are available:

nCardinal Cruise Direct Connection API

nSDK integration for your mobile application

nHybrid integration

nStandard integration

 

If you are using tokenization, use the Cardinal Cruise Direct Connection API integration method and Payer Authentication Setup service.

 

 

The SDK integration is designed for 3D Secure 2.x transactions only.

 

The Cardinal Cruise Direct Connection API is the recommended integration method.

If you are currently using 3D Secure 1.0, see Upgrading Your Payer Authentication Implementation.

You can also use Secure Acceptance to enable 3D Secure 2.x for payer authentication services. For more information, see Using Secure Acceptance with Payer Authentication. 

Implementing 3D Secure 2.x 

Scenario 1: You are a New Merchant

 

Step 1Contact your Cybersource account manager or sales manager to learn more about 3D Secure 2.x and PSD2.

Step 2Set up your merchant ID with Cybersource.

aContact Customer Support to enable 3D Secure 2.x for the desired card type, currencies, and acquiring bank. For details, see Required Merchant Information.

You must request additional services such as payments using Secure Acceptance at this time; you can request additional services such as token management as well.

bLog in to the Business Center to obtain the API keys for implementation.

Step 3Implement 3D Secure 2.x.

nUsing Cybersource SCMP API:

aUse the Cardinal Cruise Direct Connection API.

bConfigure your system to request the Check Enrollment and Validate Authentication services. Include the required API fields in your request and consider including optional fields based on your business needs.

For more information, see the Required Merchant Information section and Implementing Cardinal Cruise Direct Connection API Payer Authentication.

You can configure your system to request payment services through Cybersource along with your payer authentication for 3D Secure 2.x; however, it is not required.

Step 4Test your 3D Secure 2.x services.

This testing ensures that you understand the possible use cases as part of implementation.

Refer to Testing Payer Authentication Services and run the test cases in Test Cases for 3D Secure 2.x. 

Step 5Configure your account for production.

aRequest a boarding form from Customer Support for your processor or acquirer.

bComplete the boarding form with required information including your Cybersource merchant ID, your acquirer merchant ID, and BIN information for all chosen card types. For details, see Required Merchant Information.

 

Scenario 2: You Use the Cybersource SCMP API and Payer Authentication Services for 3D Secure 1.0

 

Step 1Contact your Cybersource account manager, sales manager, or technical account manager to learn more about 3D Secure 2.x and PSD2.

Step 2Configure your test merchant ID with Cybersource.

aContact Customer Support to make the necessary configuration changes to enable 3D Secure 2.x for the desired card type and currencies.

bLog in to the Business Center to obtain the API keys for implementation.

Step 3Implement 3D Secure 2.x. by migrating to the Hybrid integration.

aAdd the CardinalCommerce JavaScript code to your checkout page.

bConfigure your system to request the Check Enrollment and Validate Authentication services. Include the required API fields in your request and consider including optional fields based on your business needs.

For more information, see Upgrading Your Payer Authentication Implementation.

You can configure your system to request payment services through Cybersource along with your payer authentication for 3D Secure 2.x; however, it is not required.

Step 4Test your 3D Secure 2.x services.

This testing ensures that you understand the possible use cases as part of implementation.

Refer to Testing Payer Authentication Services and run the test cases in Test Cases for 3D Secure 2.x. 

Step 5Configure your account for production. Repeat Steps 2-4 for the production environment.

 

Scenario 3: You Want to Integrate Using an SDK for your Mobile Application

 

Step 1Contact your Cybersource account manager, sales manager, or technical account manager to learn more about 3D Secure 2.x and PSD2.

Step 2Configure your test merchant ID with Cybersource.

aContact Customer Support to make the necessary configuration changes to enable 3D Secure 2.x for the desired card type and currencies. For details, see Required Merchant Information.

bLog in to the Business Center to obtain the API keys for implementation.

Step 3Implement 3D Secure 2.x.

You must use the Cybersource SCMP API as well as the SDK in order to implement a native mobile application. SDKs are available for iOS or Android.

aImplement the SDK to handle authentication steps within the native application. The SDKs are the CardinalCommerce JavaScript equivalent for mobile applications.

For more information see Implementing SDK Payer Authentication.

bConfigure your system to request the Check Enrollment and Validate Authentication services. Include the required API fields in your request and consider including optional fields based on your business needs.

You can configure your system to request payment services through Cybersource along with your payer authentication for 3D Secure 2.x; however, it is not required.

Step 4Test your 3D Secure 2.x services.

This testing ensures that you understand the possible use cases as part of implementation.

Refer to Testing Payer Authentication Services and run the test cases in Test Cases for 3D Secure 2.x. 

Step 5Configure your account for production. Repeat Steps 2-4 for the production environment.

 

Using Secure Acceptance with Payer Authentication

Secure Acceptance offers the ability to enable 3D Secure 2.x for payer authentication services. You can choose when to upgrade by selecting the option in your Secure Acceptance profile in the Business Center.

For more information on implementing Secure Acceptance with payer authentication, see the Secure Acceptance Hosted Checkout Integration Guide or Secure Acceptance Checkout API Integration Guide.

Required Merchant Information

Before using Cybersource Payer Authentication services in production, you must contact Customer Support to provide information about your company and your acquiring bank so that Cybersource can configure your account to implement these services.

You must provide the information listed in Table 1 to Cybersource before payer authentication services can be enabled:

Table 1Merchant Information Required for Payer Authentication Services

Information

Description

About your company

nYour Cybersource merchant ID.

nURL of your company’s website, for example:

http://www.example.com

nTwo-character ISO code for your country.

n3D Secure requestor ID (optional)

n3D Secure requestor name (optional)

nMerchant category code

Bank information

nName of your bank acquirer.

nComplete name and address of your bank contact, including email address.

Visa, Mastercard, Maestro, American Express, JCB, Diners Club, Discover, China UnionPay, and Elo information

Acquirer merchant ID

Information provided by your bank acquirer about each payment card company for which you are configured:

n6-digit BIN numbers.

nAcquirer merchant ID: merchant ID assigned by your acquirer.

nAll currencies that you are set up to process.