Payer Authentication (3DS)

Quick Start Online Payments In-Person Payments Collect.js Customer Vault Extensions API Reference Sample Code

Payer Authentication (3DS)

3D Secure (3DS) adds an authentication step for online card payments — cardholders verify their identity with their bank before the transaction completes.

3DS2 is required for PSD2 compliance in Europe. In the US it's optional but significantly reduces chargebacks by shifting liability to the card issuer.

Benefits

  • Liability shift — Approved 3DS transactions shift chargeback liability to the issuer
  • Reduced fraud — Catches stolen cards via behavioral and biometric authentication
  • Frictionless for low-risk — Most transactions complete without customer action

Frontend Implementation

CyoGateGateway.ThreeDS.mount('#threeds-container', {
  paymentToken: payment_token,
  amount: '29.99',
  currency: 'USD',
  onAuthenticated: function(authResult) {
    submitWithAuthData(authResult);  // authResult.eci, .cavv, .xid
  },
  onChallenge: function() { showChallengePending(); },
  onError: function(error) { handleError(error); }
});

Backend — Process with 3DS Data

$post = array(
    'security_key'     => YOUR_PRIVATE_KEY,
    'type'             => 'sale',
    'amount'           => '29.99',
    'payment_token'    => $payment_token,
    'cardholder_auth'  => $auth_result['eci'],
    'cavv'             => $auth_result['cavv'],
    'xid'              => $auth_result['xid'],
    'three_ds_version' => '2',
);

See also: Testing Guide | Sandbox Testing

Previous
Gateway Components (Gateway.js)

Take Your Business to the Next Level

Find out how our innovative payment solutions can benefit your business. Reach out to us for more information or to get started!

Let's Get Started