Skip to main content

Migration steps for placeOrder call on API 3.0 and 4.0

Last updated: 18-Oct-2021
Rate this article:

Overview

Under the Payment Services Directive 2 (PSD2) initiative, in order to prevent ever-evolving fraud methods, Payment Service Providers (PSPs), such as 2Checkout, must apply extra security steps to implement Strong Customer Authentication (SCA) and further protect the confidentiality of consumers’ data. 

For more details about 3D Secure support in API, check the Payment Services Directive 2 (PSD2) article.  

You can also read the resources below to have a better understanding of what is PSD2 and what it entails: 

Impact 

All merchants using the 2Checkout Public API versions 3.0, 3.1, and 4.0, on all protocols, are affected by this change.  

In order to avoid your orders being declined due to the lack of 3DS, we recommend you migrate to API version 6.  

How to migrate 

Migrating your placeOrder call to API 6.0 is as simple as updating the endpoint: 

Once you’ve migrated to API 6.0, you need to provide two mandatory parameters in the paymentMethod object:  

  • Vendor3DSReturnURL - the URL address to which customers are redirected after the 3DS details get validated by the bank and the order is successfully authorized. 
  • Vendor3DSCancelURL - the URL address to which customers are redirected if the 3DS details were not validated or the order could not be authorized. 

Once the order has been submitted, you will find a new property in the API response - Authorize3DS. 

Based on the parameters provided in Authorize3DS, you need to build and redirect the shopper to a page where they will finalize the 3DS flow.

{ 
  "Type": "CC", 
  "Currency": "usd", 
  "PaymentMethod": { 
    "Authorize3DS": { 
      "Href": "http://api.sandbox63.avangate.local/6.0/scripts/credit_card/authorize", 
      "Method": "GET", 
      "Params": { 
        "avng8apitoken": "50dcb997be8b70bd" 
      } 

    }, 

    "Vendor3DSReturnURL": "http://shopping.cart.local/checkout/external/return/cc", 
    "Vendor3DSCancelURL": "http://shopping.cart.local/checkout/external/cancel/cc", 
    "FirstDigits": "4111", 
    "LastDigits": "1111", 
    "CardType": "Visa", 
    "RecurringEnabled": false 

  }, 
  "CustomerIP": "10.11.12.1" 

The shopper needs to be redirected to: http://api.sandbox63.avangate.local/6.0/scripts/credit_card/authorize?avng8apitoken=50dcb997be8b70bd 

Once the order is approved by the shopper, 2Checkout will update the order status and trigger the webhook notifications.  
You can read more information on the 3DS flow here

Rate this article:
Logo of Verifone