3D Secure

Authentication Insight

Authentication Insight provides you with more details about the regulatory environment and applicable customer authentication regulation for a potential transaction. This empowers you to make an informed decision whether to perform 3D Secure authentication.

You can use the regulation environment information contained in the Authentication Insight to make a decision about whether to perform a 3D Secure verification, or continue without a verification. If you choose to perform a 3D Secure verification, proceed as usual using the payment method nonce.

The regulation environment field currently has three possible values:

Regulation EnvironmentDescription
psd2 The impending transaction (when using the provided payment method nonce and merchant account) is believed to be within scope of PSD2 SCA regulations, and requires 3D Secure authentication.
unregulated The impending transaction is not believed to be within scope of any SCA regulations, PSD2 or otherwise.
unavailableThe impending transaction's SCA regulation environment could not be determined.

As global regulations evolve, these values will continue to be updated.

To request Authentication Insight, include `authenticationInsight.merchantAccountId` in the options object you pass to Hosted Fields:

  1. Callback
  2. Promise
hostedFieldsInstance.tokenize({
  authenticationInsight: {
    merchantAccountId: 'merchant-account-id'
  }
}, function (tokenizeErr, payload) {
  if (tokenizeErr) {
    // Handle error
  } else {
    // access regulation environment
    var regulationEnvironment = payload.authenticationInsight.regulationEnvironment);
  }
});

Requesting Authentication Insight for a vaulted payment methodAnchorIcon

You can request Authentication Insight for a customer's payment method stored in the Vault. To retrieve the Authentication Insight for a single-use-token, set authentication_insight to true and specify your merchant_account_id.

  1. Ruby
  2. C#
  3. Java
  4. Node
  5. PHP
  6. Python
create_request = {
  merchant_account_id: "merchant-account-id",
  authentication_insight: true
}

result = gateway.payment_method_nonce.create(
  "payment-method-token",
  payment_method_nonce: create_request
)

regulation_environment = result.payment_method_nonce.authentication_insight[:regulation_environment]

TestingAnchorIcon

Currently, we have test cards available that can return the various regulation environment values when authentication insight is requested on tokenization, depending on the merchant account that is specified:

Test ValueCard InformationRegulation Environment Value
4012000033330620country of issuance = "USA"unregulated
4023490000000008country of issuance = "IRL"
  • psd2 if using a merchant account acquired in the European Economic Area (EEA)
  • unregulated if using a merchant account acquired outside the EEA
  • unavailable if using a merchant account where acquirer country is unknown or has not been specified

If you accept cookies, we’ll use them to improve and customize your experience and enable our partners to show you personalized PayPal ads when you visit other sites. Manage cookies and learn more