| HTTP Method | API URL | API Version |
|---|---|---|
| POST | https://api.payzone.ma/transaction/3dscheck | >= 0208 |
| Name | Type | Max Length | Required | Description | Version |
|---|---|---|---|---|---|
| customerIP | String | 40 | yes | Customer’s request IP | 0208 |
| amount | Integer | 10 | yes | Number in minor unit, e.g. cents; 100 dollar cent equals to 1 dollar | 0208 |
| currency | String | 3 | yes | ISO-4217 currency codes | 0208 |
| orderID | String | 100 | yes | Unique reference to current transaction request | 0208 |
| cardNumber | String | 40 | yes | Credit card number | 0208 |
| cardSecurityCode | String | 4 | yes | CVV number from credit card | 0208 |
| cardExpireMonth | String | 2 | yes | Month of the card expire: 09 | 0208 |
| cardExpireYear | String | 4 | yes | Year of the card expire ie: 2017 | 0208 |
| cardHolderEmail | String | 100 | yes | Customer’s email | 0208 |
| cardHolderName | String | 80 | yes | Customer’s name | 0208 |
| threeDSReturnURL | String | 4096 | yes | The return URL to redirect the shopper to after 3DSv2 fingerprinting and authentication | 0208 |
| device | Object | yes | Device object containing information about the customer’s device. (see Device Object) | 0208 | |
| order | Object | yes | Order object containing information about the order. (see Order Object) | 0208 | |
| shopper | Object | yes | Shopper object containing information about the customer. (see Shopper Object) | 0208 | |
| shipping | Object | yes | Shipping object containing information about goods shipping. (see Shipping Object) | 0208 |
While testing your 3DSv2 implementation, you can set the parameter shopper.account.suspicious as true to trigger a challenge. false should result in frictionless flow.
Note: Gateway API transactions are done with a different library than payment-page API. See the code sample comments for more info:
/*
* Example of a 3DSecure V2 Check operation
*/
$client = new GatewayClient();
$transaction = $client->newTransaction('3DSCheck');
$transaction->setTransactionInformation('200', 'USD', "orderID123");
$transaction->setCardInformation('4111111111111111', '000', 'Jean XxXxX', '10', '2024');
$shopper = new \PayXpert\Gateway\Client\Shopper();
$shopper->setName('John Doe')->setAddress1('123 Main Street')->setCity('London');
$shopper->setHomePhonePrefix('33')->setHomePhone('474123456');
$shopper->setMobilePhonePrefix('33')->setMobilePhone('612345678');
$shopper->setWorkPhonePrefix('34')->setWorkPhone('987654321');
$account = new \PayXpert\Gateway\Client\Account();
$account->setAge('05')->setSuspicious(true);
$shopper->setAccount($account);
$device = new \PayXpert\Gateway\Client\Device();
$device->setType('browser')->setJavaEnabled(false)->setJsEnabled(true)->setChallengeWindowSize('04')->setLanguage('en-GB');
$transaction->setSCAShopper($shopper);
$transaction->setSCADevice($device);
$transaction->setSCAReturnURL('https://zemerchant.url/scareturn');
$response = $transaction->send();
if ('000' === $response->errorCode) {
$transactionID = $response->transactionID;
$url = $response->threeDSURL;
$threeDSServerTransID = $response->threeDSServerTransID
$data = $response->threeDSMethodData;
$version = $response->threeDSVersion;
} else {
echo "Error {$response->errorCode} with message {$response->errorMessage}";
}
PaymentGatewayConnector connector = new PaymentGatewayConnector(API_URL, ORIGINATOR, PASSWORD);
ThreeDSCheckResponse threeDSCheckResponse = null;
ThreeDSCheckRequest request = new ThreeDSCheckRequest();
request.setAmount(100).setCurrency("EUR").setCardNumber("4111111111111111").setCardExpireMonth(10)
.setCardExpireYear(2024);
request.setCustomerIP("127.0.0.1").setOrderId(Utils.getRandomString(10));
request.setThreeDSReturnURL("https://example.com/sca/return");
Shopper shopper = new Shopper();
shopper.setName("John Doe").setEmail("toto@fake.dom");
Account account = new Account();
// This will trigger a challenge on Test provider
account.setSuspicious(true);
shopper.setAccount(account);
Device device = new Device();
device.setType(DeviceType.BROWSER).setColorDepth(DeviceColorDepth.FOURTY_EIGHT_BITS);
request.setShopper(shopper);
request.setDevice(device);
try {
threeDSCheckResponse = connector.doThreeDSCheckTransaction(request);
} catch (Exception e) {
e.printStackTrace();
}
if (threeDSCheckResponse != null) {
if (TransactionResultCode.TRANSACTION_SUCCESSFULLY.equals(threeDSCheckResponse.getErrorCode()) {
System.out.println("Success: " + threeDSCheckResponse.getErrorMessage());
} else {
System.out.println("Failure: " + threeDSCheckResponse.getErrorMessage());
}
}
The body of the response is in JSON format.
The following fields are present in the response :
| Name | Type | Description |
|---|---|---|
| transactionID | Integer | Transaction reference returned by the system |
| errorCode | String | See API Response Codes |
| errorMessage | String | See API Response Codes |
| threeDSVersion | String | Exact version of 3DSecure v2 (e.g. 2.1.0, 2.2.0, … ) |
| threeDSServerTransID | String | Universally unique transaction identifier assigned by the 3DS Server to identify a single transaction. |
| CAVV | String | Cavv Cardholder Authentication Verification Value |
| threeDSURL | String | URL of the ACS in case the authentication response message indicates that further action is required. |
| threeDSMethodData | String | Base64-encoded Challenge Request object in case further action is required |