3D Secure Card Payment

3D Secure is an authentication protocol for transactions where the card cannot be physically presented at the time of purchase. Initially developed by VISA and known as Verified by VISA, 3D Secure has since been adopted by all the major card schemes such as Mastercard, American Express (Amex), JCB and Discovery.

🚧

How to Integrate

Please refer to the high level diagram flow of Third Party Redirection.

📘

Please refer to the available payment channels below :

Global Card (CC)
Local Card (LCC)

 

1. Prepare Payment Token Request

To prepare a payment token request, refer to the required parameters below.

📘

Please refer to: Payment Token API Request

Pre Requisite
1. MerchantID, secret code & currencyCode are provided by 2C2P.
2. For PaymentChannel, merchants can refer to the available payment channels for Global Card (CC) & Local Card (LCC) linked above.

Merchants who already know the specific card payment to process may fill in the corresponding Channel Code, Category Code , or Group Code. The available payment channel will then be shown in the Payment Option and Payment Option Detail APIs.
{
    "merchantID": "JT01",
    "invoiceNo": "1523953661",
    "description": "item 1",
    "amount": 1000.00,
    "currencyCode": "SGD",
    "paymentChannel": ["CC"]
}

 

2. Receive Payment Token Response

To receive a payment token response, refer to the sample payment token response below.

📘

Please refer to: Payment Token API Response

{
  "paymentToken": "kSAops9Zwhos8hSTSeLTUU3o184xaNR/T6ySCKGXyEBuOG+IdpUQMByX2CNQX7ogIAPBAgzDWpVj6447eDblRXUO/jOyK6mFETAAoLnxVjo=",
  "respCode": "0000",
  "respDesc": "Success"
}

 

3. Validation of Payment Token

Proceed only when the parameter "respCode" is "0000". Otherwise, terminate the payment process. Refer to the Payment Response Code below.

🚧

Please refer to: Payment Response Code

 

4. Prepare Payment Option Request

To retrieve available payment options, send a payment option request. Refer to the sample Payment Option Request below.

For merchants who already know which payment options are available, this step is optional.

📘

Please refer: Payment Option API Request

{
	"paymentToken": "kSAops9Zwhos8hSTSeLTUU3o184xaNR/T6ySCKGXyEBuOG+IdpUQMByX2CNQX7ogIAPBAgzDWpVj6447eDblRXUO/jOyK6mFETAAoLnxVjo=",
	"locale": "en",
	"clientID": "30c7cf51-75c4-4265-a70a-effddfbbb0ff"
}

 

5. Receive Payment Option Response

To receive a payment option response, refer to the sample payment option response below.

📘

Please refer to: Payment Option API Response

{
  "paymentToken": "kSAops9Zwhos8hSTSeLTUU3o184xaNR/T6ySCKGXyEBuOG+IdpUQMByX2CNQX7ogIAPBAgzDWpVj6447eDblRXUO/jOyK6mFETAAoLnxVjo=",
  "merchantDetails": {
    "id": "JT04",
    "name": "DEMO Merchant TH",
    "address": "DEMO",
    "email": "",
    "logoUrl": "https://pgw-static-sandbox.s3.amazonaws.com/images/merchantlogo/JT04.png",
    "bannerUrl": null
  },
  "transactionDetails": {
    "amount": "10.00",
    "currencyCode": "THB",
    "invoiceNo": "230620092028",
    "description": "V4 Test"
  },
  "channelCategories": [
    {
      "groups": [
        {
          "sequenceNo": 1,
          "name": "Credit Card Payment",
          "code": "CC",
          "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/cc.png",
          "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/.png",
          "default": true
        },
        {
          "sequenceNo": 2,
          "name": "Installment Plan Payment",
          "code": "IPP",
          "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/ipp.png",
          "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/.png",
          "default": false
        },
        {
          "sequenceNo": 3,
          "name": "3rd Party Payment",
          "code": "GTPTY",
          "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/tpty.png",
          "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/.png",
          "default": false
        }
      ],
      "sequenceNo": 1,
      "name": "Global Card",
      "code": "GCARD",
      "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/gcard.png",
      "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/.png",
      "default": true
    }
  ],
  "respCode": "0000",
  "respDesc": "Success"
}

 

6. Prepare Payment Option Details Request

To retrieve details for available payment options, send a payment option details request. Refer to the sample Payment Option Details Request below.

For merchants who already know payment option details, this step is optional.

Pre Requisite
1. Payment Token from Payment Token API
2. CategoryCode & GroupCode from Payment Option API

📘

Please refer to: Payment Option Details API Request

{
  "categoryCode": "GCARD",
  "groupCode": "CC",
  "paymentToken": "kSAops9Zwhos8hSTSeLTUU3o184xaNR/T6ySCKGXyEBuOG+IdpUQMByX2CNQX7ogIAPBAgzDWpVj6447eDblRXUO/jOyK6mFETAAoLnxVjo=",
  "locale": "en",
  "clientID":"30c7cf51-75c4-4265-a70a-effddfbbb0ff"
}

 

7. Receive Payment Option Details Response

To receive a payment option details response, refer to the sample payment option details response below.

📘

Please refer to: Payment Option Details API Response

{
  "totalChannel": 4,
  "name": "Credit Card Payment",
  "categoryCode": "GCARD",
  "groupCode": "CC",
  "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/cc.png",
  "channels": [
    {
      "sequenceNo": 1,
      "name": "MasterCard",
      "currencyCodes": null,
      "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/master.png",
      "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/master.png",
      "payment": {
        "code": {
          "channelCode": "CC"
        },
        "input": {
          "cardNo": "M",
          "expiryDate": "M",
          "securityCode": "O",
          "name": "O",
          "email": "O",
          "pin": "I"
        },
        "validation": {
          "cardNo": "^(?:5[1-5][0-9]{2}|222[1-9]|22[3-9][0-9]|2[3-6][0-9]{2}|27[01][0-9]|2720)[0-9]{12}$",
          "expiryDate": "^(2\\d{3}0?[1-9]|1[012])$",
          "securityCode": "^[0-9]{3,4}$",
          "name": "^(?!\\s*$)[-a-zA-Z' ']{1,}$",
          "email": "^(([^<>()\\[\\]\\\\.,;:\\s@\"]+(\\.[^<>()\\[\\]\\\\.,;:\\s@\"]+)*)|(\".+\"))@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}])|(([a-zA-Z\\-0-9]+\\.)+[a-zA-Z]{2,}))$",
          "token": "(.*?)",
          "additional": {
            "cardNo": {
              "luhn": true,
              "prefixes": [
                "51",
                "52",
                "53",
                "54",
                "55",
                "2221",
                "2222",
                "2223",
                "2224",
                "2225",
                "2226",
                "2227",
                "2228",
                "2229",
                "223",
                "224",
                "225",
                "226",
                "227",
                "228",
                "229",
                "23",
                "24",
                "25",
                "26",
                "270",
                "271",
                "2720"
              ]
            },
            "amount": null
          }
        }
      },
      "isDown": false
    },
    {
      "sequenceNo": 2,
      "name": "VISA",
      "currencyCodes": null,
      "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/visa.png",
      "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/visa.png",
      "payment": {
        "code": {
          "channelCode": "CC"
        },
        "input": {
          "cardNo": "M",
          "expiryDate": "M",
          "securityCode": "O",
          "name": "O",
          "email": "O",
          "pin": "I"
        },
        "validation": {
          "cardNo": "^4[0-9]{12}(?:[0-9]{3})?$",
          "expiryDate": "^(2\\d{3}0?[1-9]|1[012])$",
          "securityCode": "^[0-9]{3,4}$",
          "name": "^(?!\\s*$)[-a-zA-Z' ']{1,}$",
          "email": "^(([^<>()\\[\\]\\\\.,;:\\s@\"]+(\\.[^<>()\\[\\]\\\\.,;:\\s@\"]+)*)|(\".+\"))@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}])|(([a-zA-Z\\-0-9]+\\.)+[a-zA-Z]{2,}))$",
          "token": "(.*?)",
          "additional": {
            "cardNo": {
              "luhn": true,
              "prefixes": [
                "4"
              ]
            },
            "amount": null
          }
        }
      },
      "isDown": false
    },
    {
      "sequenceNo": 3,
      "name": "JCB",
      "currencyCodes": null,
      "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/jcb.png",
      "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/jcb.png",
      "payment": {
        "code": {
          "channelCode": "CC"
        },
        "input": {
          "cardNo": "M",
          "expiryDate": "M",
          "securityCode": "O",
          "name": "O",
          "email": "O",
          "pin": "I"
        },
        "validation": {
          "cardNo": "^(?:2131|1800|35\\d{3})\\d{11}$",
          "expiryDate": "^(2\\d{3}0?[1-9]|1[012])$",
          "securityCode": "^[0-9]{3,4}$",
          "name": "^(?!\\s*$)[-a-zA-Z' ']{1,}$",
          "email": "^(([^<>()\\[\\]\\\\.,;:\\s@\"]+(\\.[^<>()\\[\\]\\\\.,;:\\s@\"]+)*)|(\".+\"))@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}])|(([a-zA-Z\\-0-9]+\\.)+[a-zA-Z]{2,}))$",
          "token": "(.*?)",
          "additional": {
            "cardNo": {
              "luhn": true,
              "prefixes": [
                "35"
              ]
            },
            "amount": null
          }
        }
      },
      "isDown": false
    },
    {
      "sequenceNo": 4,
      "name": "American Express",
      "currencyCodes": null,
      "iconUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/icon/amex.png",
      "logoUrl": "https://d27uu9vmlo4gwh.cloudfront.net/images/v4/images/logo/amex.png",
      "payment": {
        "code": {
          "channelCode": "CC"
        },
        "input": {
          "cardNo": "M",
          "expiryDate": "M",
          "securityCode": "O",
          "name": "O",
          "email": "O",
          "pin": "I"
        },
        "validation": {
          "cardNo": "^3[47][0-9]{13}$",
          "expiryDate": "^(2\\d{3}0?[1-9]|1[012])$",
          "securityCode": "^[0-9]{3,4}$",
          "name": "^(?!\\s*$)[-a-zA-Z' ']{1,}$",
          "email": "^(([^<>()\\[\\]\\\\.,;:\\s@\"]+(\\.[^<>()\\[\\]\\\\.,;:\\s@\"]+)*)|(\".+\"))@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}])|(([a-zA-Z\\-0-9]+\\.)+[a-zA-Z]{2,}))$",
          "token": "(.*?)",
          "additional": {
            "cardNo": {
              "luhn": true,
              "prefixes": [
                "34",
                "37"
              ]
            },
            "amount": null
          }
        }
      },
      "isDown": false
    }
  ],
  "validation": {
    "cardNo": {
      "prefixes": [
        "51",
        "52",
        "53",
        "54",
        "55",
        "2221",
        "2222",
        "2223",
        "2224",
        "2225",
        "2226",
        "2227",
        "2228",
        "2229",
        "223",
        "224",
        "225",
        "226",
        "227",
        "228",
        "229",
        "23",
        "24",
        "25",
        "26",
        "270",
        "271",
        "2720",
        "4",
        "35",
        "34",
        "37"
      ],
      "regex": null
    },
    "cardTypes": null
  },
  "configuration": {
    "payment": {
      "tokenize": false,
      "tokenizeOnly": false,
      "cardTokenOnly": false,
      "immediatePayment": false,
      "fx": {
        "mcp": {
          "active": false
        },
        "dcc": {
          "active": false
        }
      }
    },
    "notification": {
      "facebook": false,
      "whatsApp": false,
      "line": false
    }
  },
  "respCode": "0000",
  "respDesc": "Success"
}

 

8. Prepare Do Payment Request

Merchants must call the Do Payment API to request for payment. To prepare a payment request, refer to the sample payment request below.

Pre Requisite :
1. Payment Token from Payment Token API
2. ChannelCode from Payment Option Details API
3. For the parameter payment.data , refer to the Payment Option Details API Response parameter channels.payment.input to determine the particular data required.
4. The parameter "securePayToken" requires encryption for sensitive information. Refer to Encryption of card info token on how to generate the token.

📘

Please refer to: Do Payment API Request

{
	"payment": {
		"code": {
			"channelCode": "CC"
		},
		"data": {
			"name": "Terrance Tay",
			"email": "[email protected]",
			"securePayToken": "00acd0YYe3Ob1GHTprOPybLpDUQz+0ZIjRSYkpZzEHFtNqPXeKzC92+e/5LLUTHOfeWmAF2WA1HKGuZPFh4p2OgGxm8QIayaXyJKI5zOWF4E4XCyPx0+nJRMHXrhr0n4iCAV8MmXZbPYm2kj3fnnRX+vjyYy8FCy165eOxqq9MWDex0=U2FsdGVkX187qEju5uo37OfKlSjyBT9+FlFU0wdGFANyrycT98W73d8z9vu4O/DT"
		}
	},
	"clientIP": "175.139.9.173",
	"paymentToken": "kSAops9Zwhos8hSTSeLTUXvfNA7ZE0pxOdr5WUx0Ns/ek/yQU4Hkg8cz5QcnVTlMqz//r2NtpdRmiu1pOpKsDv1byMx7OK/qq4CaRgQbvAU=",
	"locale": "en",
	"clientID": "30c7cf51-75c4-4265-a70a-effddfbbb0ff"
}

 

9. Receive Do Payment Response

To receive a payment response, refer to the the sample payment response below.

📘

Please refer to: Do Payment API Response

{
	"data": "https://demo2.2c2p.com/2C2PFrontEnd/storedCardPaymentV2/MPaymentProcess.aspx?token=3fhCWP3HMJpULpWvK7ITK800x9JUcQUh0EF2cy/1zfClSknusBg/2w==",
	"channelCode": "CC",
	"respCode": "1001",
	"respDesc": "Redirect to authenticate ACS bank page."
}

 

10. Redirect to Third Party Processor

Redirect to the appropriate third party processor via browser. The third party processor details are returned through the following parameters from the Do Payment API response. **Failure or rejection of the call for the respCode parameter will terminate the process.**

parameter from Do Payment ResponseDescription
dataThird party URL endpoint
respCodeIndicates redirection method. For more details, refer to Payment Process Flow

 

11. Receive Payment Response via backend API

📘

Please refer to: Payment Response - Backend API

The parameter "backendReturnUrl" that was previously sent via Payment Token Request is the merchant endpoint that will receive the backend notification. If the parameter "backendReturnUrl" is not set, the system will obtain the backend return URL from the merchant profile set in 2C2P's merchant portal by default.

{
  "merchantID": "JT04",
  "invoiceNo": "280520075921",
  "accountNo": "411111XXXXXX1111",
  "amount": "230.87",
  "currencyCode": "THB",
  "tranRef": "2868821",
  "referenceNo": "2785703",
  "approvalCode": "531484",
  "eci": "05",
  "transactionDateTime": "20200528080508",
  "respCode": "0000",
  "respDesc": "Success"
}

 

12. Receive Payment Response via browser redirection

📘

Please refer to: Payment Response - Frontend API

The parameter "frontendReturnUrl" that was previously sent via Payment Token Request is the merchant page that customers will be redirected to. If the parameter "frontendReturnUrl" is not set, the system will obtain the front end return URL from the merchant profile set in the 2C2P merchant portal by default. Refer to the sample response returned below.

{
	"invoiceNo": "280520075921",
	"channelCode": "CC",
	"respCode": "2000",
	"respDesc": "Transaction is completed, please do payment inquiry request for full payment information."
}

 

13. Payment Inquiry to retrieve payment information

For merchants who do not implement "Receive Payment Response via backend API", you are required to call to the Payment Inquiry API to receive the payment response.

To prepare a payment inquiry request, refer to the sample payment inquiry request below.

📘

Please refer to: Payment Inquiry API Request

{
    "paymentToken": "kSAops9Zwhos8hSTSeLTUXvfNA7ZE0pxOdr5WUx0Ns/ek/yQU4Hkg8cz5QcnVTlMqz//r2NtpdRmiu1pOpKsDv1byMx7OK/qq4CaRgQbvAU=",
    "merchantID": "JT01",
    "invoiceNo": "254b77aabc",
    "locale": "en"
}

 

14. Receive Payment Inquiry Response

To receive a payment inquiry response, refer to the sample payment inquiry response below.

📘

Please refer to: Payment Inquiry API Response

{
    "merchantID": "JT01",
    "invoiceNo": "1523953661",
    "amount": 1000.00,
    "currencyCode": "SGD",
    "transactionDateTime": "311220235959",
    "agentCode": "OCBC",
    "channelCode": "VI",
    "approvalCode": "717282",
    "referenceNo": "00010001",
    "pan": "411111XXXXXX1111",
    "cardToken": "",
    "issuerCountry": "SG",
    "eci": "05",
    "installmentPeriod": 6,
    "interestType": "M",
    "interestRate": 0.3,
    "installmentMerchantAbsorbRate ": 0.0,
    "recurringUniqueID": "",
    "fxAmount": 25000.00,
    "fxRate": 25.0000001,
    "fxCurrencyCode": "THB",
    "userDefined1": "",
    "userDefined2": "",
    "userDefined3": "",
    "userDefined4": "",
    "userDefined5": "",
    "respCode": "0000",
    "respDesc": "Transaction is successful."
}