3D Secure Card Payment

3D-Secure is authentication protocol for e-commerce transaction where card is not present on time of the purchase. Initially developed by VISA and known as Verified by VISA. 3D-Secure is adapted by all the major card schemes such as MasterCard, Amex, JCB and Discovery.

🚧

How to Integrate

Please refer high level diagram flow of Third Party Redirection.

πŸ“˜

Please refer available payment channel below :

Global Card (CC)
Local Card (LCC)

Β 

Prepare Payment Token Request

Below are the required parameter for create payment. Refer to following on how to prepare request.

πŸ“˜

Please refer: Payment Token API Request

Pre Requisite

  1. MerchantID, secret code & currencyCode are provided by 2c2p.
  1. For PaymentChannel, merchant can refer to above available payment channel Global Card (CC) & Local Card (LCC). Merchant is allowed to passed in either Category Code, Group Code or Channel Code.

If merchant already know which specific card payment need to be proceed, merchant can passed in Channel Code, else pass in Category Code Or Group Code and available payment channel will be shown in Payment Option / Payment Option Detail API in next section.

{
    "merchantID": "JT01",
    "invoiceNo": "1523953661",
    "description": "item 1",
    "amount": 1000.00,
    "currencyCode": "SGD",
    "paymentChannel": ["CC"]
}

Β 

Receive Payment Token Response

Below are the sample payment token response. Refer to following on how to receive.

πŸ“˜

Please refer: Payment Token API Response

{
  "paymentToken": "kSAops9Zwhos8hSTSeLTUU3o184xaNR/T6ySCKGXyEBuOG+IdpUQMByX2CNQX7ogIAPBAgzDWpVj6447eDblRXUO/jOyK6mFETAAoLnxVjo=",
  "respCode": "0000",
  "respDesc": "Success"
}

Β 

Validation of Payment Token

Process only when parameter "respCode" is "0000" which is success requested payment token. Otherwise, terminate the payment process. Refer to Refer below Payment Response Code.

🚧

Please refer : Payment Response Code

Β 

Prepare Payment Option Request [Optional Step]

Merchant required to call this API to get payment option. This is an optional step if merchant already know what is the available payment options. Below are the sample payment option request. Refer below on how to prepare request.

πŸ“˜

Please refer: Payment Option API Request

{
    "paymentToken": "kSAops9Zwhos8hSTSeLTUU3o184xaNR/T6ySCKGXyEBuOG+IdpUQMByX2CNQX7ogIAPBAgzDWpVj6447eDblRXUO/jOyK6mFETAAoLnxVjo=",
    "locale": "en",
    "clientID": "30c7cf51-75c4-4265-a70a-effddfbbb0ff"
}

Β 

Receive Payment Option Response [Optional Step]

Below are the sample payment option response, refer to below on how to receive.

πŸ“˜

Please refer: Payment Option API Response

{
  "paymentToken": "kSAops9Zwhos8hSTSeLTUU3o184xaNR/T6ySCKGXyEBuOG+IdpUQMByX2CNQX7ogIAPBAgzDWpVj6447eDblRXUO/jOyK6mFETAAoLnxVjo=",
  "merchantDetails": {
    "id": "JT04",
    "name": "DEMO Merchant TH",
    "address": "DEMO",
    "email": "",
    "logoUrl": "https://pgw-static-sandbox.s3.amazonaws.com/images/merchantlogo/JT04.png",
    "bannerUrl": null
  },
  "transactionDetails": {
    "amount": "10.00",
    "currencyCode": "THB",
    "invoiceNo": "230620092028",
    "description": "V4 Test"
  },
  "channelCategories": [
    {
      "groups": [
        {
          "sequenceNo": 1,
          "name": "Credit Card Payment",
          "code": "CC",
          "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/cc.png",
          "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/.png",
          "default": true
        },
        {
          "sequenceNo": 2,
          "name": "Installment Plan Payment",
          "code": "IPP",
          "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/ipp.png",
          "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/.png",
          "default": false
        },
        {
          "sequenceNo": 3,
          "name": "3rd Party Payment",
          "code": "GTPTY",
          "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/tpty.png",
          "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/.png",
          "default": false
        }
      ],
      "sequenceNo": 1,
      "name": "Global Card",
      "code": "GCARD",
      "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/gcard.png",
      "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/.png",
      "default": true
    }
  ],
  "respCode": "0000",
  "respDesc": "Success"
}

Β 

Prepare Payment Option Details Request [Optional Step]

Merchant required to call this API to get payment option details. This is an optional step if merchant already know what is the available payment option details. Below are the sample payment option details request. Refer below on how to prepare request.

Pre Requisite

  1. Payment Token get from Payment Token API
  1. CategoryCode & GroupCode get from Payment Option API

πŸ“˜

Please refer: Payment Option Details API Request

{
  "categoryCode": "GCARD",
  "groupCode": "CC",
  "paymentToken": "kSAops9Zwhos8hSTSeLTUU3o184xaNR/T6ySCKGXyEBuOG+IdpUQMByX2CNQX7ogIAPBAgzDWpVj6447eDblRXUO/jOyK6mFETAAoLnxVjo=",
  "locale": "en",
  "clientID":"30c7cf51-75c4-4265-a70a-effddfbbb0ff"
}

Β 

Receive Payment Option Details Response [Optional Step]

Below are the sample payment option response, refer to below on how to receive

πŸ“˜

Please refer: Payment Option Details API Response

{
  "totalChannel": 4,
  "name": "Credit Card Payment",
  "categoryCode": "GCARD",
  "groupCode": "CC",
  "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/cc.png",
  "channels": [
    {
      "sequenceNo": 1,
      "name": "MasterCard",
      "currencyCodes": null,
      "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/master.png",
      "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/master.png",
      "payment": {
        "code": {
          "channelCode": "CC"
        },
        "input": {
          "cardNo": "M",
          "expiryDate": "M",
          "securityCode": "O",
          "name": "O",
          "email": "O",
          "pin": "I"
        },
        "validation": {
          "cardNo": "^(?:5[1-5][0-9]{2}|222[1-9]|22[3-9][0-9]|2[3-6][0-9]{2}|27[01][0-9]|2720)[0-9]{12}$",
          "expiryDate": "^(2\\d{3}0?[1-9]|1[012])$",
          "securityCode": "^[0-9]{3,4}$",
          "name": "^(?!\\s*$)[-a-zA-Z' ']{1,}$",
          "email": "^(([^<>()\\[\\]\\\\.,;:\\[email protected]\"]+(\\.[^<>()\\[\\]\\\\.,;:\\[email protected]\"]+)*)|(\".+\"))@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}])|(([a-zA-Z\\-0-9]+\\.)+[a-zA-Z]{2,}))$",
          "token": "(.*?)",
          "additional": {
            "cardNo": {
              "luhn": true,
              "prefixes": [
                "51",
                "52",
                "53",
                "54",
                "55",
                "2221",
                "2222",
                "2223",
                "2224",
                "2225",
                "2226",
                "2227",
                "2228",
                "2229",
                "223",
                "224",
                "225",
                "226",
                "227",
                "228",
                "229",
                "23",
                "24",
                "25",
                "26",
                "270",
                "271",
                "2720"
              ]
            },
            "amount": null
          }
        }
      },
      "isDown": false
    },
    {
      "sequenceNo": 2,
      "name": "VISA",
      "currencyCodes": null,
      "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/visa.png",
      "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/visa.png",
      "payment": {
        "code": {
          "channelCode": "CC"
        },
        "input": {
          "cardNo": "M",
          "expiryDate": "M",
          "securityCode": "O",
          "name": "O",
          "email": "O",
          "pin": "I"
        },
        "validation": {
          "cardNo": "^4[0-9]{12}(?:[0-9]{3})?$",
          "expiryDate": "^(2\\d{3}0?[1-9]|1[012])$",
          "securityCode": "^[0-9]{3,4}$",
          "name": "^(?!\\s*$)[-a-zA-Z' ']{1,}$",
          "email": "^(([^<>()\\[\\]\\\\.,;:\\[email protected]\"]+(\\.[^<>()\\[\\]\\\\.,;:\\[email protected]\"]+)*)|(\".+\"))@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}])|(([a-zA-Z\\-0-9]+\\.)+[a-zA-Z]{2,}))$",
          "token": "(.*?)",
          "additional": {
            "cardNo": {
              "luhn": true,
              "prefixes": [
                "4"
              ]
            },
            "amount": null
          }
        }
      },
      "isDown": false
    },
    {
      "sequenceNo": 3,
      "name": "JCB",
      "currencyCodes": null,
      "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/jcb.png",
      "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/jcb.png",
      "payment": {
        "code": {
          "channelCode": "CC"
        },
        "input": {
          "cardNo": "M",
          "expiryDate": "M",
          "securityCode": "O",
          "name": "O",
          "email": "O",
          "pin": "I"
        },
        "validation": {
          "cardNo": "^(?:2131|1800|35\\d{3})\\d{11}$",
          "expiryDate": "^(2\\d{3}0?[1-9]|1[012])$",
          "securityCode": "^[0-9]{3,4}$",
          "name": "^(?!\\s*$)[-a-zA-Z' ']{1,}$",
          "email": "^(([^<>()\\[\\]\\\\.,;:\\[email protected]\"]+(\\.[^<>()\\[\\]\\\\.,;:\\[email protected]\"]+)*)|(\".+\"))@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}])|(([a-zA-Z\\-0-9]+\\.)+[a-zA-Z]{2,}))$",
          "token": "(.*?)",
          "additional": {
            "cardNo": {
              "luhn": true,
              "prefixes": [
                "35"
              ]
            },
            "amount": null
          }
        }
      },
      "isDown": false
    },
    {
      "sequenceNo": 4,
      "name": "American Express",
      "currencyCodes": null,
      "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/amex.png",
      "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/amex.png",
      "payment": {
        "code": {
          "channelCode": "CC"
        },
        "input": {
          "cardNo": "M",
          "expiryDate": "M",
          "securityCode": "O",
          "name": "O",
          "email": "O",
          "pin": "I"
        },
        "validation": {
          "cardNo": "^3[47][0-9]{13}$",
          "expiryDate": "^(2\\d{3}0?[1-9]|1[012])$",
          "securityCode": "^[0-9]{3,4}$",
          "name": "^(?!\\s*$)[-a-zA-Z' ']{1,}$",
          "email": "^(([^<>()\\[\\]\\\\.,;:\\[email protected]\"]+(\\.[^<>()\\[\\]\\\\.,;:\\[email protected]\"]+)*)|(\".+\"))@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}])|(([a-zA-Z\\-0-9]+\\.)+[a-zA-Z]{2,}))$",
          "token": "(.*?)",
          "additional": {
            "cardNo": {
              "luhn": true,
              "prefixes": [
                "34",
                "37"
              ]
            },
            "amount": null
          }
        }
      },
      "isDown": false
    }
  ],
  "validation": {
    "cardNo": {
      "prefixes": [
        "51",
        "52",
        "53",
        "54",
        "55",
        "2221",
        "2222",
        "2223",
        "2224",
        "2225",
        "2226",
        "2227",
        "2228",
        "2229",
        "223",
        "224",
        "225",
        "226",
        "227",
        "228",
        "229",
        "23",
        "24",
        "25",
        "26",
        "270",
        "271",
        "2720",
        "4",
        "35",
        "34",
        "37"
      ],
      "regex": null
    },
    "cardTypes": null
  },
  "configuration": {
    "payment": {
      "tokenize": false,
      "tokenizeOnly": false,
      "cardTokenOnly": false,
      "immediatePayment": false,
      "fx": {
        "mcp": {
          "active": false
        },
        "dcc": {
          "active": false
        }
      }
    },
    "notification": {
      "facebook": false,
      "whatsApp": false,
      "line": false
    }
  },
  "respCode": "0000",
  "respDesc": "Success"
}

Β 

Prepare Do Payment Request

Merchant required to call this API to request payment. Below are the sample do payment request. Refer below on how to prepare request.

Pre Requisite :

  1. Payment Token get from Payment Token API
  1. ChannelCode get from Payment Option Details API
  1. To prepare Do Payment request parameter payment.data, it is required to refer Payment Option Details API Response parameter channels.payment.input to determine which payment data is required.
  1. Parameter securePayToken is required encrypted data that contain sensitive information, Refer to Encryption of card info token on how to generate it.

πŸ“˜

Please refer: Do Payment API Request

{
    "payment": {
        "code": {
            "channelCode": "CC"
        },
        "data": {
            "name": "Terrance Tay",
            "email": "[email protected]",
            "securePayToken": "00acd0YYe3Ob1GHTprOPybLpDUQz+0ZIjRSYkpZzEHFtNqPXeKzC92+e/5LLUTHOfeWmAF2WA1HKGuZPFh4p2OgGxm8QIayaXyJKI5zOWF4E4XCyPx0+nJRMHXrhr0n4iCAV8MmXZbPYm2kj3fnnRX+vjyYy8FCy165eOxqq9MWDex0=U2FsdGVkX187qEju5uo37OfKlSjyBT9+FlFU0wdGFANyrycT98W73d8z9vu4O/DT"
        }
    },
    "clientIP": "175.139.9.173",
    "paymentToken": "kSAops9Zwhos8hSTSeLTUXvfNA7ZE0pxOdr5WUx0Ns/ek/yQU4Hkg8cz5QcnVTlMqz//r2NtpdRmiu1pOpKsDv1byMx7OK/qq4CaRgQbvAU=",
    "locale": "en",
    "clientID": "30c7cf51-75c4-4265-a70a-effddfbbb0ff"
}

Β 

Receive Do Payment Response

Below are the sample Do Payment response, refer below on how to receive

πŸ“˜

Please refer: Do Payment API Response

{
    "data": "https://demo2.2c2p.com/2C2PFrontEnd/storedCardPaymentV2/MPaymentProcess.aspx?token=3fhCWP3HMJpULpWvK7ITK800x9JUcQUh0EF2cy/1zfClSknusBg/2w==",
    "channelCode": "CC",
    "respCode": "1001",
    "respDesc": "Redirect to authenticate ACS bank page."
}

Β 

Perform Redirection to Third Party Process Page

parameter from Do Payment Response

Description

data

third party URL end point

respCode

Indicate what is the redirection method. merchant required to refer to Payment Process Flow

Merchant required to perform redirection to third party URL to process the payment based on response from do payment api.

**If return respCode is is failed or rejected, process terminate here.*

Receive Payment Response via backend API

πŸ“˜

Please refer : Payment Response - Backend API

The parameter "backendReturnUrl" that previously send via Payment Token Request is the merchant endpoint that will receive backend notification. If parameter "backendReturnUrl" is not set, system will default get the backend return url from merchant profile set in 2c2p merchant portal.

{
  "merchantID": "JT04",
  "invoiceNo": "280520075921",
  "cardNo": "411111XXXXXX1111",
  "amount": "230.87",
  "currencyCode": "THB",
  "tranRef": "2868821",
  "referenceNo": "2785703",
  "approvalCode": "531484",
  "eci": "05",
  "transactionDateTime": "20200528080508",
  "respCode": "0000",
  "respDesc": "Success"
}

Β 

Receive Payment Response via browser redirection

πŸ“˜

Please refer : Payment Response - Frontend API

The parameter "frontendReturnUrl" that previously send via Payment Token Request is the merchant page that will be redirect to. If parameter "frontendReturnUrl" is not set, system will default get the front end return url from merchant profile set in 2c2p merchant portal. Below are the sample response returned.

{
    "invoiceNo": "280520075921",
    "channelCode": "CC",
    "respCode": "2000",
    "respDesc": "Transaction is completed, please do payment inquiry request for full payment information."
}

Β 

Prepare Payment Inquiry Request [Optional Step]

Merchant required to call this API to inquiry payment. If merchant has implemented backend payment response then payment inquiry is not required. Below are the sample payment inquiry request. Refer below on how to prepare request.

πŸ“˜

Please refer : Payment Inquiry API Request

{
    "paymentToken": "kSAops9Zwhos8hSTSeLTUXvfNA7ZE0pxOdr5WUx0Ns/ek/yQU4Hkg8cz5QcnVTlMqz//r2NtpdRmiu1pOpKsDv1byMx7OK/qq4CaRgQbvAU=",
    "merchantID": "JT01",
    "invoiceNo": "254b77aabc",
    "locale": "en"
}

Β 

Receive Payment Inquiry Response [Optional Step]

Merchant is required to received payment inquiry response, Refer below on how to receive

πŸ“˜

Please refer : Payment Inquiry API Response

{
    "merchantID": "JT01",
    "invoiceNo": "1523953661",
    "amount": 1000.00,
    "currencyCode": "SGD",
    "transactionDateTime": "311220235959",
    "agentCode": "OCBC",
    "channelCode": "VI",
    "approvalCode": "717282",
    "referenceNo": "00010001",
    "pan": "411111XXXXXX1111",
    "cardToken": "",
    "issuerCountry": "SG",
    "eci": "05",
    "installmentPeriod": 6,
    "interestType": "M",
    "interestRate": 0.3,
    "installmentMerchantAbsorbRate ": 0.0,
    "recurringUniqueID": "",
    "fxAmount": 25000.00,
    "fxRate": 25.0000001,
    "fxCurrencyCode": "THB",
    "userDefined1": "",
    "userDefined2": "",
    "userDefined3": "",
    "userDefined4": "",
    "userDefined5": "",
    "respCode": "0000",
    "respDesc": "Transaction is successful."
}