Testing & Implementing 3D Secure

The following document will walk you through how to test the experience of 3D Secure (3DS). More information about PSD2 and SCA can be found here

We currently support 3DS on the following gateways: Stripe, Braintree, CyberSource, Windcave (Payment Express), Adyen

Steps

You must complete the steps below in order to test and implement 3D secure. Click the links below for more information on each step.

PSD2 Flows: Pre Authentication and Post Authentication

Advanced Billing offers two ways to authenticate your customers' PSD2 transactions, via a Pre Authentication or Post Authentication flow. There are several differences in how each of these authentications handles transactions that are flagged for SCA.

The authentication path controls when the customer is authenticated through 3D Secure.

Pre Authentication occurs at the same time the user enters in their card details. This makes it easy for you, the merchant, as no further action is required on your end. Using this method will surface a pop-up that authenticates the customer for $0, which will not match up with the final purchase of the product.

Pre Authentication is applicable for:

Public Signup Pages (PSPs)
Self-Service Pages (SSPs)
Chargify.js for Cybersource, Braintree, Windcave, and Adyen

To enable Pre Authentication for supported gateways on Chargify.js, add the flag threeDSecure: true to your load.js form.

With Post Authentication, Advanced Billing waits until the token is used to check the need for SCA. In other words, a Chargify.js token is not authenticated until it is used. For API subscription creation requests that fail due to SCA, we will return an action_link URL that you can share with the user. This URL leads to a page where authentication can be completed. See a more detailed guide on this workflow here.

Post Authentication is applicable for:

Chargify.js + API for Stripe