Visa 3D Secure
Visa 3D Secure
Implementation of 3D secure requires the following changes to how the merchant sends and processes the data.
Include the following fields:
| Variable | Required | Max Size | Value | Notes |
| termurl | Mandatory | NA | URL of merchant’s processing scrtip. | |
| tdsflag | Mandatory | NA | 1 | When set to ‘1’ indicates that the transaction should be processed as 3D secure. |
1. Merchant must subscribe to the 3D secure program. Additional fees apply, so please contact either your sales agent or technical support.
2. When a 3D secure registered credit card is presented for payment, the system will respond with all submitted variables as well as name value pairs delineated below.
| Variable | Value | Notes |
| FinalStatus | success/problem | success - Transaction was processed successful.problem - Transaction failed. |
| tdsauthreq | Authentication Request Page | If returned, the contents of this variable must be returned to the customer un-altered. |
3. If the variable ’tdsauthreq’ is returned along with a value for FinalStatus of ‘success’, then the value for this variable must be returned to the customer unaltered.
This will redirect the customers to the Authentication Web Site (Visa/Mastercard) The browser will contain a request to enter their 3D secure password.
4. Once the customer enters their password and authenticates, the merchant will receive another form POST to the processing script as specified in the variable ’termurl’.
The post-authentication payment request can be identified by the presence of one of the following variables depending on your 3D Secure processor:
| Variable | Value | Notes |
| MD | wirecard3ds | This will only be returned for merchants using Wirecard. |
| OrderID | firstatl,{your account name},{Transaction orderID} | This will only be returned for merchants using First Atlantic. |
5. All name/value pairs received during the post-authentication request must be sent to the payment URL identified at the beginning of this section, typically pnpremote.cgi.
6. The gateway will respond to this secondary request as outlined in the paragraph Response Fields - the same as if the transaction was not a 3D secure transaction.