3DS Fingerprinting

Home    Online Payments    REST 2.0 (Beta Release)    Features    Card Operations    Payment (3DS)    3DS Functions    3DS Fingerprinting

On this page:

Overview

3DS Fingerprinting for Web Browsers is an optional 3DS Authentication step in the REST 2.0 3DS payment flow.

3DS Fingerprinting has two functions:

  • Collects thumbnail browsing information using a hidden IFrame.
  • Sends this data to the card issuer.

1. Collect the Browser Info

Collect the 3DS web browser information from a web form on the client side.

Post a request to the fingerprintUrl in the response to the initial payment request in the REST 2.0 3DS flow. Include threeD.fingerprintUrl and threeD.fingerprintPayload in that response.

Example fingerprintUrl Request
<form 
  name="frm" 
  method="POST" 
  action={paymentOption.card.threeD.fingerprintUrl}>
<input 
  type="hidden" 
  name="threeDSMethodData" 
  value={paymentOption.card.threeD.fingerprintPayload}>
</form>

The card issuer’s Access Control Server (ACS) sends a response to the fingerprintNotificationUrl in the initial payment request. The response contains the base64-encoded threeDSServerTransId.

Example Base64-Encoded threeDSServerTransId
eyJ0aHJlZURTZXJ2ZXJUcmFuc0lEIjoiM2FjN2NhYTctYWE0Mi0yNjYzLTc5MWItMmFjMDVhNTQyYzRhIn0=

2. Send a Notification

Post a notification back to the fingerprintNotificationUrl and include:

  1. Decoded threeDSServerTransId.
    Decode threeDSServerTransId, which is encoded using base64.
    Example Decoded threeDSServerTransId
    {"threeDSServerTransId":"3ac7caa7-aa42-2663-791b-2ac05a542c4a"}
  2. Proceed to the next step in the flow, the second payment request (payments/{payment-id}/fingerprint).
    Specify paymentOption.card.threeD.fingerprintIndicator as:
    • Y”  – If the response from the issuer’s ACS returned within 10 seconds.
    • N”  – If the response from the issuer’s ACS returned in more than 10 seconds or never returned.
Last update iconLast modified February 2025