• France
status page
demonstrations
assistance
FAQContact support
Search
Categories
Tags
English
French
English
Homepage
Use cases
Create a payment
Create an installment payment
Create a multi-card (split) payment
Create a payment by Alias (Token)
Create a payment link
Create a recurring payment
Manage subscriptions
Manage your transactions (refund, cancel...)
Analyze your reports
API docs
Embedded Form
REST API
Hosted payment
Mobile payment
File exchange
Snippets
Payment methods
Plugins
Guides
Merchant Back Office
Functional guides

Integration guide (deprecated)

Deprecated integration. It is recommended to integrate the new version V4.1/PCI/Charge/CreatePayment: Integration guide

The parameters for calling the PCI/Charge/CreatePayment (deprecated) service depend on the authentication protocol used and the authentication result.

This section describes the parameters to be transmitted for each supported protocol.

  • 3D Secure v2 authentication
  • Disabled authentication.

3D Secure v2 authentication

Request body :

LEVEL name Description required
1 amount Amount expressed in the smallest currency unit.
Must match the authentication amount.		 YES
1 currency Code (ISO 4217 alpha3) of the payment currency.
Eg: "EUR" for the euro.		 YES
1 orderId Order reference. No
1 formAction Allows to indicate if you want to save the card details.
Possible values:
  • PAYMENT : Payment without creating an alias. Default value.
  • REGISTER_PAY : Creation of the alias during a payment.
 No
1 customer Object containing buyer's data. No
2 email Buyer's e-mail address.
Mandatory whenformActionis set toREGISTER_PAY.		 See description
1 paymentForms Object containing the card data. YES
2 paymentMethodType Type of payment method.
Must be set toCard.		 YES
2 pan Card number. YES
2 expiryMonth Card expiration month.
E.g.: 3 or 03		 YES
2 expiryYear Card expiration year.
E.g.: 27 or 2027		 YES
2 securityCode Card security code (CVV or 4DBC). No
1 authenticationDetails Object containing cardholder authentication data. YES
2 protocol Object describing the authentication protocol used. YES
3 name Name of the authentication protocol.
Must be set toTHREEDS.		 YES
3 version Version of the authentication protocol.
Must be set to2,2.1.0or to2.2.0.		 YES
3 directoryServer Directory Server name (DS) used during authentication.
Possible values:
  • Amex
  • CB
  • Diners
  • Discover
  • Visa
  • mastercard
 YES
3 challengePreference 3DS preference transmitted to the DS during cardholder authentication.
Mandatory ifstatusis set toSUCCESSorATTEMPT.		 See description
2 status Authentication status.
Possible values:
  • DISABLED
  • ATTEMPT
  • ENROLLED_UNAVAILABLE
  • FAILED
  • NOT_ENROLLED
  • SUCCESS
  • UNAVAILABLE
 YES
2 authenticationType Authentication type.
Mandatory ifstatusis set toSUCCESS or ATTEMPT.
Possible values: :
  • CHALLENGE
  • FRICTIONLESS
 See description
2 authenticationValue A reference generated by the issuer that validates the integrity of the transaction data. Depending on the DS, corresponds to either the CAVV for VISA, the AAV for Mastercard, or the AEVV for AMEX Safekey.
Mandatory whenstatusis set toSUCCESSorATTEMPT.
Example: +kAr/o8S0DxgGYkz7QQHZCw8V5k=		 See description
2 commerceIndicator E-commerce index (ECI). Value returned by the ACS after authentication. The value of the CIS depends on the authentication status and the card type.
Mandatory whenstatusis set toSUCCESSorATTEMPT.
E.g.: 05		 See description
2 dsTransID Unique identifier of the transaction generated by the DS 3DS2.
Mandatory whenstatusis set toSUCCESSorATTEMPT.
Example: d6706a0d-c48d-4cf4-a1d2-d4a401a3143e		 See description
2 exemption Exemption applied.
Mandatory whenauthenticationTypeis set toFRICTIONLESS.
See chapterReason for release and exemptions.		 See description
2 requestorName Merchant name used to authenticate the cardholder.
Mandatory ifdirectoryServeris set toCB.		 See description
2 acsTransID Unique identifier of the transaction generated by the ACS.
Mandatory whenstatusis set toSUCCESSorATTEMPTand thatdirectoryServeris set toCB.
E.g.: d727ebfe-de4c-4682-85fa-e60ca00a9cff		 See description
2 authValueAlgorithm Algorithm for checking the authentication status of the cardholder.
Mandatory whenstatusis set toSUCCESSorATTEMPTand thatdirectoryServeris set toCB.
Possible values:
  • 0: HMAC
  • 1: CVV
  • 2: CVV_ATN
  • 3: MASTERCARD_SPA
  • A: AV-CB
 See description
2 dsScore Authentication scoring returned by the CB DS.
Mandatory whenstatusis set toSUCCESSorATTEMPTand thatdirectoryServeris set toCB.
Example: 31		 See description
2 challengeCancelationIndicator Challenge cancellation indicator received in the RReq message. Value returned by the DS in case of authentication cancellation.
Example: 01		 No
2 transactionStatusReason The reason returned by the DS in case of authentication failure.
Example: 82		 No

Field descriptions can be found on our playground.

Test data

pan : 4970110000001029 directoryServer : CB
expiryMonth / expiryYear : To be chosen authValueAlgorithm : 2
securityCode : To be chosen authenticationValue : +kAr/o8S0DxgGYkz7QQHZCw8V5k=
challengePreference : NO_CHALLENGE_REQUESTED dsTransID : d6706a0d-c48d-4cf4-a1d2-d4a401a3143e
authenticationType : FRICTIONLESS acsTransID : d727ebfe-de4c-4682-85fa-e60ca00a9cff
commerceIndicator : 05 exemption : LOW_VALUE
requestorName : Au choix dsScore : 31

The payment result depends on the status value that was used.

Sample query

{
	"amount": "1230",
	"currency": "EUR",
	"paymentForms": [
	  {
		"paymentMethodType": "CARD",
		"pan": "4970110000001029",			 
		"expiryMonth": "09",
		"expiryYear": "27",
		"securityCode": "123"		  
	  }
	],		  
	"customer": {
		"email": "sample@example.com"
	},		  
	"authenticationDetails":{	
		"protocol":{
			"name":"THREEDS",
			"version":"2",
			"directoryServer":"CB",
			"challengePreference":"NO_CHALLENGE_REQUESTED"
		},			
		"status":"SUCCESS",
		"authenticationType":"FRICTIONLESS",
		"commerceIndicator":"05",
		"authenticationValue":"+kAr/o8S0DxgGYkz7QQHZCw8V5k=",
		"dsTransID":"d6706a0d-c48d-4cf4-a1d2-d4a401a3143e",
		"acsTransID":"d727ebfe-de4c-4682-85fa-e60ca00a9cff",
		"authValueAlgorithm":"2",
		"dsScore":"31",
		"exemption":"LOW_VALUE",		
		"requestorName":"DEMO STORE"
	}		  
}

Disabled authentication.

The service allows the creation of a payment when cardholder authentication has been intentionally disabled, regardless of the authentication protocol.

In this case, the reason for this decision must be specified using the fieldexemption (See chapter Reason for walkout and exemptions ).

Request body :

LEVEL name Description required
1 amount Amount expressed in the smallest currency unit.
Must match the authentication amount.		 YES
1 currency Code (ISO 4217 alpha3) of the payment currency.
Eg: "EUR" for the euro.		 YES
1 orderId Order reference. No
1 formAction Allows to indicate if you want to save the card details.
Possible values:
  • PAYMENT : Payment without creating an alias. Default value.
  • REGISTER_PAY : Creation of the alias during a payment.
 No
1 customer Object containing buyer's data. No
2 email Buyer's e-mail address.
Mandatory whenformActionis set toREGISTER_PAY.		 See description
1 paymentForms Object containing the card data. YES
2 paymentMethodType Type of payment method.
Must be set toCard.		 YES
2 pan Card number. YES
2 expiryMonth Card expiration month.
E.g.: 3 or 03		 YES
2 expiryYear Card expiration year.
E.g.: 27 or 2027		 YES
2 securityCode Card security code (CVV or 4DBC). No
1 authenticationDetails Object containing cardholder authentication data. YES
2 status Authentication status. Must be set toDISABLED . YES
2 exemption Reason for disabling.
See chapterReason for release and exemptions.		 YES

Sample query

{
	"amount": "1230",
	"currency": "EUR",
	"paymentForms": [
	  {
		"paymentMethodType": "CARD",
		"pan": "4970100000000022",			 
		"expiryMonth": "09",
		"expiryYear": "27",
		"securityCode": "123"
	  }
	],		  
	"customer": {
		"email": "sample@example.com"
	},		  
	"authenticationDetails":{				
		"status":"DISABLED",
		"exemption":"OTHER_EXEMPTION"		
	}		  
}
© 2025 {'|'} All rights reserved to Sogecommerce
25.22-1.11