3D Secure

Authentication Insight

Authentication Insight provides you with more details about the regulatory environment and applicable customer authentication regulation for a potential transaction. This empowers you to make an informed decision whether to perform 3D Secure authentication.

You can use the regulation environment information contained in the Authentication Insight to make a decision about whether to perform a 3D Secure verification, or continue without a verification. If you choose to perform a 3D Secure verification, proceed as usual using the payment method nonce.

The regulation environment field currently has three possible values:

Regulation Environment	Description
`psd2`	The impending transaction (when using the provided payment method nonce and merchant account) is believed to be within scope of PSD2 SCA regulations, and requires 3D Secure authentication.
`unregulated`	The impending transaction is not believed to be within scope of any SCA regulations, PSD2 or otherwise.
`unavailable`	The impending transaction's SCA regulation environment could not be determined.

As global regulations evolve, these values will continue to be updated.

To request Authentication Insight, include authenticationInsight.merchantAccountId in the options object you pass to Hosted Fields:

Callback

Promise

hostedFieldsInstance.tokenize({
  authenticationInsight: {
    merchantAccountId: 'merchant-account-id'
  }
}, function (tokenizeErr, payload) {
  if (tokenizeErr) {
    // Handle error
  } else {
    // access regulation environment
    var regulationEnvironment = payload.authenticationInsight.regulationEnvironment);
  }
});

Requesting Authentication Insight for a vaulted payment method

You can request Authentication Insight for a customer's payment method stored in the Vault. To retrieve the Authentication Insight for a single-use-token, set authentication_insight to true and specify your merchant_account_id.

Ruby

Java

Node

PHP

Python

create_request = {
  merchant_account_id: "merchant-account-id",
  authentication_insight: true
}

result = gateway.payment_method_nonce.create(
  "payment-method-token",
  payment_method_nonce: create_request
)

regulation_environment = result.payment_method_nonce.authentication_insight[:regulation_environment]

Testing

Currently, we have test cards available that can return the various regulation environment values when authentication insight is requested on tokenization, depending on the merchant account that is specified:

Test Value	Card Information	Regulation Environment Value
`4012000033330620`	country of issuance = "USA"	`unregulated`
`4023490000000008`	country of issuance = "IRL"	`psd2` if using a merchant account acquired in the European Economic Area (EEA) `unregulated` if using a merchant account acquired outside the EEA `unavailable` if using a merchant account where acquirer country is unknown or has not been specified

Next Page: Testing →