3DS2 - Challenge authentication timeout
To test this scenario, use one of the card numbers below:
| CARD | Expiry date | Label |
|---|---|---|
| 4970110000000021 | To be chosen | VISA |
| 5100010000000049 | To be chosen | MASTERCARD |
| 375900000000016 | To be chosen | AMEX |
When entering the authentication code, do not enter anything and wait for 10 minutes for the payment session to expire.
Exchange flow
1. Initial call to the PCI/Charge/CreateToken service with a 3DS2 enrolled card.
{
"currency": "EUR",
"paymentForms": [
{
"paymentMethodType": "CARD",
"pan": "4970110000000021",
"expiryMonth": "11",
"expiryYear": "27",
"securityCode": "123"
}
],
"device": {
"acceptHeader":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
"colorDepth":"24",
"deviceType":"BROWSER",
"ip":"69.89.31.226",
"javaEnabled":false,
"language":"fr-FR",
"screenHeight":"720",
"screenWidth":"1280",
"timeZoneOffset":"-60",
"userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36"
},
"customer": {
"email": "sample@example.com",
"reference":"myCustomerRef-123456"
}
}2. A return with a CHALLENGE instruction of redirection to the ACS with a CReq (visible iFrame).
{
"webService":"PCI/Charge/CreateToken",
"version":"V4",
"applicationVersion":"5.30.0",
"serverDate":"2021-12-10T10:28:26+00:00",
"ticket":"4946c106a833413daf41e485245e69d4",
"applicationProvider":"",
"metadata":null,
"status":"SUCCESS",
"mode":"TEST",
"serverUrl":"https://api-sogecommerce.societegenerale.eu",
"_type":"V4/WebService/Response",
"answer":{
"id":"e0fa068f-ac95-47dd-a4b7-6799e5268771",
"operationSessionId":"81655958183e4e9e955115197599870f",
"protocol":{
"name":"THREEDS",
"version":"2.1.0",
"network":"VISA",
"challengePreference":"CHALLENGE_MANDATED",
"simulation":true,
"_type":"V4/Charge/Authenticate/Protocol"
},
"value":{
"instructionType":"FORM",
"name":"CHALLENGE",
"timeout":600,
"target":{
"element":"IFRAME",
"visible":true,
"width":500,
"height":600,
"_type":"V4/Charge/Authenticate/InstructionTarget",
"showUrl":true,
"fullscreen":false
},
"http":{
"method":"POST",
"url":"https://acs-test.com/acs/v2/creq",
"body":{
"creq":"eyJ0aHJlZURTU2VydmVyVHJhbnNJRCI6ImUwZmEwNjhmLWFjOTUtNDdkZC1hNGI3LTY3OTllNTI2ODc3MSIsIm1lc3NhZ2VFeHRlbnNpb24iOlt7ImNyaXRpY2FsaXR5SW5kaWNhdG9yIjpmYWxzZSwiZGF0YSI6eyJ0aHJlZURTU2VydmVyVHJhbnNJRCI6ImUwZmEwNjhmLWFjOTUtNDdkZC1hNGI3LTY3OTllNTI2ODc3MSIsIm1lc3NhZ2VUeXBlIjoiQVJlcSIsIm1lc3NhZ2VWZXJzaW9uIjoiMi4xLjAiLCJkZXZpY2VDaGFubmVsIjoiMDIiLCJ0aHJlZURTU2VydmVyUmVmTnVtYmVyIjoiM0RTX0xPQV9TRVJfTFlORV8wMjAxMDBfMDAzNjkiLCJ0aHJlZURTU2VydmVyT3BlcmF0b3JJRCI6IjEwMDY5NzMyIiwidGhyZWVEU0NvbXBJbmQiOiJVIiwidGhyZWVEU1JlcXVlc3RvckF1dGhlbnRpY2F0aW9uSW5kIjoiMDQiLCJ0aHJlZURTUmVxdWVzdG9yQ2hhbGxlbmdlSW5kIjoiMDQiLCJ0aHJlZURTUmVxdWVzdG9ySUQiOiIxMDA3MTUyOSoxOTk5ODg4IiwidGhyZWVEU1JlcXVlc3Rvck5hbWUiOiJERU1PIFN0b3JlIiwidGhyZWVEU1JlcXVlc3RvclVSTCI6Imh0dHA6Ly9kZW1vLmx5cmEtbmV0d29yay5jb20iLCJ0aHJlZURTU2VydmVyVVJMIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL3Byb3RlY3RlZC92MS8zZHN2Mi9ub3RpZnkvcnJlcT9uZXR3b3JrPVZJU0EmbWVzc2FnZVZlcnNpb249Mi4xLjAmZGV2aWNlQ2hhbm5lbD1CUk9XU0VSJmNoYWxsZW5nZUluZD1DSEFMTEVOR0VfTUFOREFURUQmYXV0aGVudGljYXRlSWQ9ZTBmYTA2OGYtYWM5NS00N2RkLWE0YjctNjc5OWU1MjY4NzcxIiwiYWNxdWlyZXJCSU4iOiI0OTc1NjYiLCJhY3F1aXJlck1lcmNoYW50SUQiOiIxOTk5ODg4IiwiYWRkck1hdGNoIjoiWSIsImJyb3dzZXJBY2NlcHRIZWFkZXIiOiJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsaW1hZ2UvYXBuZywqLyo7cT0wLjgsYXBwbGljYXRpb24vc2lnbmVkLWV4Y2hhbmdlO3Y9YjM7cT0wLjkiLCJicm93c2VySVAiOiIxODUuMjQ0LjczLjIiLCJicm93c2VySmF2YUVuYWJsZWQiOnRydWUsImJyb3dzZXJMYW5ndWFnZSI6ImZyLUZSIiwiYnJvd3NlckNvbG9yRGVwdGgiOiIyNCIsImJyb3dzZXJTY3JlZW5IZWlnaHQiOiI3MjAiLCJicm93c2VyU2NyZWVuV2lkdGgiOiIxMjgwIiwiYnJvd3NlclRaIjoiLTYwIiwiYnJvd3NlclVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNiIsImNhcmRFeHBpcnlEYXRlIjoiMjcxMSIsImFjY3RJbmZvIjp7InNoaXBOYW1lSW5kaWNhdG9yIjoiMDEifSwiYWNjdE51bWJlciI6IjQ5NzAxMTAwMDAwMDAwMjEiLCJlbWFpbCI6InNhbXBsZUBleGFtcGxlLmNvbSIsIm1jYyI6IjQyMjUiLCJtZXJjaGFudENvdW50cnlDb2RlIjoiMjUwIiwibWVyY2hhbnROYW1lIjoiREVNTyBTdG9yZSIsIm1lc3NhZ2VDYXRlZ29yeSI6IjAxIiwibm90aWZpY2F0aW9uVVJMIjoiaHR0cHM6Ly90bHMtcGFzcy5wYXl6ZW4uZXUvcHVibGljL3YxLzNkc3YyL25vdGlmeS9jcmVzL2UwZmEwNjhmLWFjOTUtNDdkZC1hNGI3LTY3OTllNTI2ODc3MS9WSVNBIiwicHVyY2hhc2VBbW91bnQiOiIwIiwicHVyY2hhc2VDdXJyZW5jeSI6Ijk3OCIsInB1cmNoYXNlRXhwb25lbnQiOiIyIiwicHVyY2hhc2VEYXRlIjoiMjAyMTEyMTAxMDI4MjUiLCJ0cmFuc1R5cGUiOiIwMSJ9LCJpZCI6IlNJTVVMQVRJT04tQVJFUSIsIm5hbWUiOiJTSU1VTEFUSU9OLUFSRVEifV0sIm1lc3NhZ2VUeXBlIjoiQ1JlcSIsIm1lc3NhZ2VWZXJzaW9uIjoiMi4xLjAiLCJhY3NUcmFuc0lEIjoiNGQ3ZTM0ODUtODdlZS00MDQ1LWFiY2MtNzZlZjlhMzIzYTExIiwiY2hhbGxlbmdlV2luZG93U2l6ZSI6IjAzIn0",
"threeDSSessionData":"H4sIAAAAAAAAAC2Px5KrMBBFv8hTMgiHpYgWILII2rgYcEAYzDiQvv7hel7c6urb3XVunyaTs9QEecK6TNABC_EG32SZrp0zCeHsTHBIQZfGCn7iNpAKZZnX377Rn2z67JsR4VTALfg5TeaQpc7sC-M1T0DlVuY2VcxHutwtmgOdTEt9Lt788cqDuWbhWOBWLjDvClw72KcjCah0COK941NJ8-NAD_ShsheVi9zbULFIbrIICa6RvbKESE4IgCMEtZ1oIOPFy-GF5CZ0TXgGnbkYv8z3_xxmEsaO_PWEb7bJ5tqbfDnsyyGquWQDla2YXSGSzz--HzsRrpad9Dpgfh8dTiQSkZmoSDj7P36-914nF3qw__VO-6PLtkNy9aNV58kHIGarxut_27ei0vouGCgda217YXdJF1dDjG4h1Uw37VFD467aUXJ3iWyvrof-xLgoTW7CuSQKalg1SlE95PyZ0eQxWjzv3B3G_SSqhcV_I7FpAD_PRQOtNRUv0qXYO9NG2GyVNbBsuisf7R-J5qN1HGLKRheOGaHZ-vCCeNobbRlL6LxpFY3dRQPOAhsvqLmgoxXeLf0JxmBh2mfLgBbsgjofmGGNtQJLQdx4_aQ-R_B360E4C8Ay0MtaZdd6QHEMiGaSdmNsz_BVouCRSKjy4jpXdraEDNfeA9S958OuU3PrUbndrhxwRE8r2_8HlrIrgakCAAA"
},
"_type":"V4/Charge/Authenticate/HttpRequest"
},
"_type":"V4/Charge/Authenticate/AuthenticationInstruction"
},
"_type":"V4/AuthenticationResponseData"
}
}3. Redirection to the ACS in the iFrame, cardholder authentication.
The iFrame characteristics are provided in the answer.value.target object.
The form to be displayed in the iFrame is described in the answer.value.http object.
4. Return via the browser with a TIMEOUT instruction result.
{
"eventName":"LYRA_AUTH_INSTRUCTION_RESULT",
"value":{
"name":"CHALLENGE",
"value":"TIMEOUT",
"protocol":{
"name":"THREEDS",
"version":"2.1.0",
"network":"VISA",
"challengePreference":"NO_PREFERENCE",
"simulation":true
}
}
}5. New call to the PCI/Charge/CreateToken service passing this result and the session ID (operationSessionId).
{
"operationSessionId": "81655958183e4e9e955115197599870f",
"instructionResult": {
"name" : "CHALLENGE",
"protocol" : {
"name" : "THREEDS",
"network": "VISA",
"version" : "2.1.0",
"challengePreference": "NO_PREFERENCE",
"simulation": 1
},
"value": "TIMEOUT"
}
}6. Return from the payment gateway server with the final result.
{
"webService":"PCI/Charge/CreateToken",
"version":"V4",
"applicationVersion":"5.30.0",
"status":"SUCCESS",
"answer":{
"shopId":"12345678",
"orderCycle":"CLOSED",
"orderStatus":"UNPAID",
"serverDate":"2021-12-10T10:38:39+00:00",
"orderDetails":{
"orderTotalAmount":0,
"orderEffectiveAmount":0,
"orderCurrency":"EUR",
"mode":"TEST",
"orderId":null,
"metadata":null,
"_type":"V4/OrderDetails"
},
"customer":{
"billingDetails":{
"address":null,
"category":null,
"cellPhoneNumber":null,
"city":null,
"country":null,
"district":null,
"firstName":null,
"identityCode":null,
"language":"FR",
"lastName":null,
"phoneNumber":null,
"state":null,
"streetNumber":null,
"title":null,
"zipCode":null,
"legalName":null,
"_type":"V4/Customer/BillingDetails"
},
"email":"sample@example.com",
"reference":"myCustomerRef-123456",
"shippingDetails":{
"address":null,
"address2":null,
"category":null,
"city":null,
"country":null,
"deliveryCompanyName":null,
"district":null,
"firstName":null,
"identityCode":null,
"lastName":null,
"legalName":null,
"phoneNumber":null,
"shippingMethod":null,
"shippingSpeed":null,
"state":null,
"streetNumber":null,
"zipCode":null,
"_type":"V4/Customer/ShippingDetails"
},
"extraDetails":{
"browserAccept":null,
"fingerPrintId":null,
"ipAddress":"185.244.73.2",
"browserUserAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36",
"_type":"V4/Customer/ExtraDetails"
},
"shoppingCart":{
"insuranceAmount":null,
"shippingAmount":null,
"taxAmount":null,
"cartItemInfo":null,
"_type":"V4/Customer/ShoppingCart"
},
"_type":"V4/Customer/Customer"
},
"transactions":[
{
"shopId":"12345678",
"uuid":"5ec224e752e244c2b943b43de9e63f3f",
"amount":0,
"currency":"EUR",
"paymentMethodType":"CARD",
"paymentMethodToken":null,
"status":"UNPAID",
"detailedStatus":"REFUSED",
"operationType":"VERIFICATION",
"effectiveStrongAuthentication":"DISABLED",
"creationDate":"2021-12-10T10:38:36+00:00",
"errorCode":"PSP_539",
"errorMessage":"3D Secure refusal for the transaction",
"detailedErrorCode":"39",
"detailedErrorMessage":"3D Secure refusal for the transaction.",
"metadata":null,
"transactionDetails":{
"liabilityShift":null,
"effectiveAmount":0,
"effectiveCurrency":"EUR",
"creationContext":"VERIFICATION",
"cardDetails":{
"paymentSource":"EC",
"manualValidation":"NO",
"expectedCaptureDate":null,
"effectiveBrand":"VISA",
"pan":"497011XXXXXX0021",
"expiryMonth":11,
"expiryYear":2027,
"country":"FR",
"issuerCode":17807,
"issuerName":"Banque Populaire Occitane",
"effectiveProductCode":null,
"legacyTransId":"926164",
"legacyTransDate":"2021-12-10T10:38:36+00:00",
"paymentMethodSource":"TOKEN",
"authorizationResponse":{
"amount":null,
"currency":null,
"authorizationDate":null,
"authorizationNumber":null,
"authorizationResult":null,
"authorizationMode":"FULL",
"_type":"V4/PaymentMethod/Details/Cards/CardAuthorizationResponse"
},
"captureResponse":{
"refundAmount":null,
"refundCurrency":null,
"captureDate":null,
"captureFileNumber":null,
"effectiveRefundAmount":null,
"effectiveRefundCurrency":null,
"_type":"V4/PaymentMethod/Details/Cards/CardCaptureResponse"
},
"threeDSResponse":{
"authenticationResultData":{
"transactionCondition":null,
"enrolled":null,
"status":null,
"eci":null,
"xid":null,
"cavvAlgorithm":null,
"cavv":null,
"signValid":null,
"brand":null,
"_type":"V4/PaymentMethod/Details/Cards/CardAuthenticationResponse"
},
"_type":"V4/PaymentMethod/Details/Cards/ThreeDSResponse"
},
"authenticationResponse":{
"id":"e0fa068f-ac95-47dd-a4b7-6799e5268771",
"operationSessionId":"81655958183e4e9e955115197599870f",
"protocol":{
"name":"THREEDS",
"version":"2.1.0",
"network":"VISA",
"challengePreference":"CHALLENGE_MANDATED",
"simulation":true,
"_type":"V4/Charge/Authenticate/Protocol"
},
"value":{
"authenticationType":"CHALLENGE",
"status":"FAILED",
"extension":{
"authenticationType":"THREEDS_V2",
"_type":"V4/Charge/Authenticate/AuthenticationResultExtensionThreedsV2"
},
"reason":{
"code":"AUTHENTICATION_ERROR",
"message":"Challenge timeout",
"_type":"V4/Charge/Authenticate/AuthenticationResultReason"
},
"_type":"V4/Charge/Authenticate/AuthenticationResult"
},
"_type":"V4/AuthenticationResponseData"
},
"installmentNumber":null,
"installmentCode":null,
"markAuthorizationResponse":{
"amount":null,
"currency":null,
"authorizationDate":null,
"authorizationNumber":null,
"authorizationResult":null,
"_type":"V4/PaymentMethod/Details/Cards/MarkAuthorizationResponse"
},
"cardHolderName":null,
"identityDocumentNumber":null,
"identityDocumentType":null,
"_type":"V4/PaymentMethod/Details/CardDetails"
},
"fraudManagement":{
"riskControl":[],
"riskAnalysis":[],
"_type":"V4/PaymentMethod/Details/FraudManagement"
},
"subscriptionDetails":{
"subscriptionId":null,
"_type":"V4/PaymentMethod/Details/SubscriptionDetails"
},
"parentTransactionUuid":null,
"mid":"9999999",
"sequenceNumber":1,
"taxAmount":null,
"preTaxAmount":null,
"taxRate":null,
"externalTransactionId":null,
"nsu":null,
"tid":"001",
"acquirerNetwork":"CB",
"taxRefundAmount":null,
"userInfo":"API REST",
"paymentMethodTokenPreviouslyRegistered":null,
"occurrenceType":"RECURRENT_INITIAL",
"_type":"V4/TransactionDetails"
},
"_type":"V4/PaymentTransaction"
}
],
"subMerchantDetails":null,
"_type":"V4/Payment"
},
"ticket":"99d99167e0f64a06bf9fa24cd7540ad8",
"serverDate":"2021-12-10T10:38:39+00:00",
"applicationProvider":"",
"metadata":null,
"mode":"TEST",
"serverUrl":"https://api-sogecommerce.societegenerale.eu",
"_type":"V4/WebService/Response"
}