Migration steps for placeOrder call on API 3.0 and 4.0

Overview

Under the Payment Services Directive 2 (PSD2) initiative, in order to prevent ever-evolving fraud methods, Payment Service Providers (PSPs), such as 2Checkout, must apply extra security steps to implement Strong Customer Authentication (SCA) and further protect the confidentiality of consumers’ data.

For more details about 3D Secure support in API, check the Payment Services Directive 2 (PSD2) article:

https://verifone.cloud/Documentation/03Billing-and-payments/Payment-operations/Payment-Services-Directive-2-PSD2

Additional resources:

https://www.2checkout.com/lp/psd2-sca-compliance.html#whatIsPSD2
https://blog.2checkout.com/payment-services-directive-psd2-explained/
https://blog.2checkout.com/psd2-sca-ordering-flows-exemptions/

Impact

All merchants using the 2Checkout Public API versions 3.0, 3.1, and 4.0, on all protocols, are affected by this change.

In order to avoid your orders being declined due to the lack of 3DS, we recommend you migrate to API version 6.

How to migrate

Update the endpoint

Migrate your placeOrder call to API 6.0 by updating the endpoint to one of the following (depending on your protocol):

REST: https://api.2checkout.com/rest/
SOAP: https://api.2checkout.com/soap/6.0/
JSON-RPC: https://api.2checkout.com/rpc/6.0/

Provide mandatory 3DS parameters

Once you’ve migrated to API 6.0, include two mandatory parameters in the paymentMethod object:

Vendor3DSReturnURL — the URL address to which customers are redirected after the 3DS details get validated by the bank and the order is successfully authorized.
Vendor3DSCancelURL — the URL address to which customers are redirected if the 3DS details were not validated or the order could not be authorized.

Handle Authorize3DS in the response

Once the order has been submitted, you will find a new property in the API response: Authorize3DS.

Based on the parameters provided in Authorize3DS, build and redirect the shopper to a page where they will finalize the 3DS flow. After the shopper completes the 3DS flow and approves the order, 2Checkout will update the order status and trigger webhook notifications.

Example paymentMethod block in the API response:

paymentMethod example

{
  "Type": "CC",
  "Currency": "usd",
  "PaymentMethod": {
    "Authorize3DS": {
      "Href": "http://api.sandbox63.avangate.local/6.0/scripts/credit_card/authorize",
      "Method": "GET",
      "Params": {
        "avng8apitoken": "50dcb997be8b70bd"
      }

    },

    "Vendor3DSReturnURL": "http://shopping.cart.local/checkout/external/return/cc",
    "Vendor3DSCancelURL": "http://shopping.cart.local/checkout/external/cancel/cc",
    "FirstDigits": "4111",
    "LastDigits": "1111",
    "CardType": "Visa",
    "RecurringEnabled": false

  },
  "CustomerIP": "10.11.12.1"
}

The shopper needs to be redirected to: http://api.sandbox63.avangate.local/6.0/scripts/credit_card/authorize?avng8apitoken=50dcb997be8b70bd

You can read more information on the 3DS flow here: https://verifone.cloud/API-Integration/01Start-using-the-2Checkout-API/2Checkout-API-general-information/3D-Secure-Flow

Related migration guides

API Migration Guide (SOAP): https://verifone.cloud/docs/2checkout/API-Integration/Legacy-API-versions/SOAP_API/API_Migration_Guide
API Migration Guide (JSON-RPC): https://verifone.cloud/docs/2checkout/API-Integration/Legacy-API-versions/JSON-RPC_API/API_Migration_Guide
Transition guide for the 1-click purchase flow with 3D Secure: https://verifone.cloud/docs/2checkout/API-Integration/Transition_guides/Transition-guide-for-the-1-click-purchase-flow-with-3DS

Need help?

If you didn’t find the answer you’re looking for in our documentation, contact Support: Support

Not yet a Verifone customer?

We’ll help you choose the right payment solution for your business. Contact sales: Contact sales

Last updated 6 months ago

Was this helpful?