Below is the flow of how a charge is made using the 3d Secure process:
Below are the fields of the POST form, which must comply with current web standards like url-encoding, headers with user-agent, content-lenght, etc. to ensure maximum compatibility with current browsers.
The steps to integrate the flow:
- Create secure 3D transactions. - You must create in Openpay a transaction indicating that you want to use 3D Secure. See: Charge with token.
- Authentication url sent. - The response from step 1 will be the URL to which the client should be re-directed to perform the 3D Secure process.
- Re-direction to Authentication URL. - Once the trade has the authentication URL, you must redirect the client to the same.
- Autenticación 3D Secure. – The client performs the authentication process with the issuing bank of the card.
- Authentication Response. – The issuing bank sends Openpay the result of client authentication.
- Re-direction to response URL. - Openpay uses the trade-defined URL in step 1 to redirect the client, at this URL the transaction ID is sent as a parameter.
- Response page generation. – The customer's browser asks the merchant for the response page (accepted or rejected)
- Transaction Confirmation. – Trading via the ID obtains transaction status and generates the customer response page (Accepted or Rejected). See: Get a position with ID
Create 3D Secure Transaction with Token
To use this service you must have a Token, which can be obtained in the following ways:
- Pre-charge token. – If an attempt was made to collect the card following the guide of Card payments and the result was a error code 3005 (Rejection by risk), you can use the same token created for 3D Secure.
- Creation of new Token. - If a previous token is not available, the token creation service to create one.
Once you have a token this should use the source_id property.
|method||String (Required)||It must contain the card value to indicate that the charge will be made from a card.|
|source_id||String (Required, legth = 45)||ID of the saved card or token id created from where the funds will be withdrawn.|
|amount||Numeric (Required)||Amount of charge. Must be an amount greater than zero, with up to two decimal digits.|
|currency||String (Optional)||Type of currency of charge. At the moment only two types of currencies are supported: Mexican Pesos (MXN) and American Dollars (USD).|
|description||String (Required, legth = 250)||A description associated with the position.|
|order_id||String (Optional, legth = 100)||Unique identifier of the position. Must be unique among all transactions.|
|customer||Objeto (Optional)||Information of the client to whom the charge is made. See object Customer.|
|payment_plan||Objeto (Optional)||Data of the months of interest-free plan that you want to use in the position. See object PaymentPlan.|
|metadata||List(key, value) (Optional)||Listing of custom antifraud fields, these fields must adhere to the rules for creating custom antifraud fields.|
|use_3d_secure||Boolean (Required)||This parameter must be specified in true handle 3D Secure.|
|redirect_url||String (Optional)||Indicates the URL to which to redirect after the 3D Secure authentication result.|
Example of request:
Sending Authentication URLs
The response to the charge creation request will be a JSON with the transaction information to be paid by the user. Particular attention should be paid to the following parameters:
Id. – Unique ID of the transaction created must be stored since it will be through this ID that the response is sent once the user performs the 3D Secure authentication.
payment_method.url. – URL where the user should be redirected to start the process.
Redirect to Response URL
Once user authentication is completed on the 3D Secure system and the response is received in Openpay, the user will be redirected to the URL defined in step 1 (redirect_url) using the ID of the transaction that was sent in step 2.