3DS FAQ: Difference between revisions

From Barion Documentation
Jump to navigation Jump to search
No edit summary
Line 1: Line 1:
__TOC__
{{PageTitle|title=3DSecure}}
{{TableOfContents}}
 
Here, you can find the frequently asked questions related to the Barion 3D Secure solution. The content of this page is updated if any issues surface or clarifications are needed.
 
If you have any questions related to 3D Secure not covered in this FAQ, reach out to us at [mailto:[email protected] [email protected]], where we can provide more in-depth, case-specific answers, depending on the issue you encountered.


== Upon starting the payments which properties are required? ==
== Upon starting the payments which properties are required? ==
<div>The new properties marked with {{3dsfield}} badge in the [[Payment-Start-v2|PaymentStart]] request are highly recommended. (Read: error won't be thrown, when sent without these properties). These content of these fields are optional. Payments undergo Transaction Risk Analysis on the card issuer side based on these data as well, deciding if the payment should be challenged or not.</div>
We highly recommend using the properties marked with {{3dsfield}} badge in the [[Payment-Start-v2|PaymentStart]] request. There is no ''Read: error'' thrown when sent without these properties. The content of these fields is optional. Payments undergo Transaction Risk Analysis on the card issuer side based on these data as well, deciding if the payment should be challenged or not.


== Are TraceId required for earlier initialized token payments after 2021.02.01? ==
== Are TraceId required for earlier initialized token payments after 2021.02.01? ==
TraceIds are not required for OneClick payments. For an interim period (until 2021.02.01) TraceIds will be required for all MerhcantInitiatedPayments and RecurringPayments.
TraceIds are not required for OneClick payments. For an interim period (until 2021.02.01) TraceIds are required for all MerhcantInitiatedPayments and RecurringPayments.


== We've received TraceId in the following format: <code>0MHSGZRZ1G0118      0</code>==
== We've received TraceId in the following format: <code>0MHSGZRZ1G0118      0</code>==
The TraceId is generated by the card issuer, and can be anything up to 100 characters. Whitespaces and 0s should also be left intact. You can read more about the TraceId [[Token_payment_3D_Secure#TraceId|here]]
The TraceId is generated by the card issuer and can be anything up to 100 characters. Whitespaces and 0s should also be left intact. You can read more about the TraceId [[Token_payment_3D_Secure#TraceId|here]].


== Can we skip the additional data in subsequent payments that were required for 3DS authentication in the first Token Payment? ==
== Can we skip the additional data in subsequent payments that were required for 3DS authentication in the first Token Payment? ==
Line 14: Line 19:


== Do we have to generate the TraceId in the first [[Payment-Start-v2|Payment/Start]], or is it generated by Barion? ==
== Do we have to generate the TraceId in the first [[Payment-Start-v2|Payment/Start]], or is it generated by Barion? ==
TraceId is generated by the Card Issuer, so it is not required in the initial [[Payment-Start-v2|Payment/Start]] request. You have to store the TraceId, received in the [[Payment-GetPaymentState-v2|GetPaymentState]] response, and send it in all subsequent payments. You can read more [[Token_payment_3D_Secure#1.3_Processing_the_callback_and_requesting_information_about_the_result_of_the_payment|here]]. The exceptions are the subsequent payments of an already initialized token payments without 3DS. More info can be found [[Token_payment_3D_Secure#Changing_the_token_payment_scenario_with_an_existing_token|here]]
TraceId is generated by the Card Issuer, so it is not required in the initial [[Payment-Start-v2|Payment/Start]] request. You have to store the TraceId, received in the [[Payment-GetPaymentState-v2|GetPaymentState]] response, and send it in all subsequent payments. You can read more [[Token_payment_3D_Secure#1.3_Processing_the_callback_and_requesting_information_about_the_result_of_the_payment|here]]. The exceptions are the subsequent payments of an already initialized token payments without 3DS. More info can be found [[Token_payment_3D_Secure#Changing_the_token_payment_scenario_with_an_existing_token|here]].


== When the amount of the first payment is different than the rest, I have to use [[RecurrenceType|MechantInitiatedPayment]] and not [[RecurrenceType|RecurringPayment]]. Right? ==
== When the amount of the first payment is different than the rest, I have to use [[RecurrenceType|MechantInitiatedPayment]] and not [[RecurrenceType|RecurringPayment]]. Right? ==
Yes, RecurringPayment can only be used, when the amounts of all the subsequent payments are the same or less. If only 1 is different (eg. you give discount/free for the first month), only MechantInitiatedPayment can be used. You can find more info [[Token_payment_3D_Secure#Token_payment_scenarios|here]].
Yes, RecurringPayment can only be used when the amounts of all the subsequent payments are the same or less. If only 1 is different (for example, you give discount/free for the first month), only MechantInitiatedPayment can be used. You can find more info [[Token_payment_3D_Secure#Token_payment_scenarios|here]].


== What is a soft decline? ==
== What is a soft decline? ==
When an exemption is requested (MIT, REC, TRA), the card issuer reserves the right to decline the charge with the exemption (could be identified by <code>ScaSoftDeclined</code> as the <code>FundingInformation</code> -> <code>ProcessResult</code> in the <code>GetPaymentState</code> response). In this case, a full 3ds authentication is required (hence the name "soft decline"), and the charge could be attempted again.
When an exemption is requested (MIT, REC, TRA), the card issuer reserves the right to decline the charge with the exemption (could be identified by <code>ScaSoftDeclined</code> as the <code>FundingInformation</code> -> <code>ProcessResult</code> in the <code>GetPaymentState</code> response). In this case, a full 3ds authentication is required (hence the name "soft decline"), and the charge could be attempted again.

Revision as of 08:24, 11 May 2023

3DSecure

Here, you can find the frequently asked questions related to the Barion 3D Secure solution. The content of this page is updated if any issues surface or clarifications are needed.

If you have any questions related to 3D Secure not covered in this FAQ, reach out to us at [email protected], where we can provide more in-depth, case-specific answers, depending on the issue you encountered.

Upon starting the payments which properties are required?

We highly recommend using the properties marked with

3DS

badge in the PaymentStart request. There is no Read: error thrown when sent without these properties. The content of these fields is optional. Payments undergo Transaction Risk Analysis on the card issuer side based on these data as well, deciding if the payment should be challenged or not.

Are TraceId required for earlier initialized token payments after 2021.02.01?

TraceIds are not required for OneClick payments. For an interim period (until 2021.02.01) TraceIds are required for all MerhcantInitiatedPayments and RecurringPayments.

We've received TraceId in the following format: 0MHSGZRZ1G0118 0

The TraceId is generated by the card issuer and can be anything up to 100 characters. Whitespaces and 0s should also be left intact. You can read more about the TraceId here.

Can we skip the additional data in subsequent payments that were required for 3DS authentication in the first Token Payment?

Additional data can't be ignored! The difference between the initial and subsequent token payment is that 3DS authentication is only required for the first, initial payment. More info can be found here

Do we have to generate the TraceId in the first Payment/Start, or is it generated by Barion?

TraceId is generated by the Card Issuer, so it is not required in the initial Payment/Start request. You have to store the TraceId, received in the GetPaymentState response, and send it in all subsequent payments. You can read more here. The exceptions are the subsequent payments of an already initialized token payments without 3DS. More info can be found here.

When the amount of the first payment is different than the rest, I have to use MechantInitiatedPayment and not RecurringPayment. Right?

Yes, RecurringPayment can only be used when the amounts of all the subsequent payments are the same or less. If only 1 is different (for example, you give discount/free for the first month), only MechantInitiatedPayment can be used. You can find more info here.

What is a soft decline?

When an exemption is requested (MIT, REC, TRA), the card issuer reserves the right to decline the charge with the exemption (could be identified by ScaSoftDeclined as the FundingInformation -> ProcessResult in the GetPaymentState response). In this case, a full 3ds authentication is required (hence the name "soft decline"), and the charge could be attempted again.