- Home
- All APIs
- Access Worldpay
- 3DS2 API
- 3DS2 SDK - Android & iOS
- Challenge Display
Challenge Display
If the authentication response outcome is challenged and the authentication.version is 2.x.x (3DS2) you can use the SDK to provide the improved
3DS2 Challenge display
You will need the following values from the authentication response to use in the SDK.
| Access Name | Value from | Cardinal SDK Name |
|---|---|---|
challenge.reference | authentication response | transactionId |
challenge.payload | authentication response | payload |
The Access 3DS API is periodically tested against the latest version of the Cardinal SDK. You can see the latest tested version in the
SDK challenge display:
Customize Challenge Interface
As part of SDK setup you can customise the challenge user interface
Verification
Once the challenge has been completed, you must make a verification request to verify the result of the challenge.
Important: You should only request the verification API from your backend system. You should not call it directly from the mobile application using the Access credentials.
POST your verification request to our 3ds:verify action link received in your authentication response.
Verification example request
Note: You must use v3 of the API for the Android/iOS SDK
POST https://try.access.worldpay.com/verifications/customers/3ds/verification
Verification request body:
{
"transactionReference": "Memory265-13/08/1876",
"merchant": {
"entity": "default"
},
"challenge": {
"reference": "123456789"
}
}Verification responses
Best Practice: Access Worldpay returns a WP-CorrelationId in the headers of service responses. We highly recommend you log this. The WP-CorrelationId is used by us to examine individual service requests.
Here are examples of the verification responses you would receive.
{
"outcome": "authenticated",
"transactionReference": "Memory265-13/08/1876",
"authentication": {
"version": "2.1.0",
"authenticationValue": "MAAAAAAAAAAAAAAAAAAAAAAAAAA=",
"eci": "05",
"transactionId": "c5b808e7-1de1-4069"
}
}{
"outcome": "authenticationFailed",
"transactionReference": "Memory265-13/08/1876",
"authentication": {
"version": "1.0.2",
"eci": "00",
"transactionId": "N+en2I5+ZK/kQqk69wXdI8XIPg8="
},
"_links": {
"3ds:authenticate": {
"href": "https://try.access.worldpay.com/verifications/customers/3ds/authentication"
},
"curies": [{
"href": "https://try.access.worldpay.com/rels/verifications/customers/3ds/{rel}",
"templated": true,
"name": "3ds"
}]
}
}{
"outcome": "signatureFailed",
"transactionReference": "Memory265-13/08/1876",
"authentication": {
"version": "1.0.2",
"eci": "02"
},
"_links": {
"3ds:authenticate": {
"href": "https://try.access.worldpay.com/verifications/customers/3ds/authentication"
},
"curies": [{
"href": "https://try.access.worldpay.com/rels/verifications/customers/3ds/{rel}",
"templated": true,
"name": "3ds"
}]
}
}{
"outcome": "unavailable",
"transactionReference": "Memory265-13/08/1876",
"_links": {
"3ds:authenticate": {
"href": "https://try.access.worldpay.com/verifications/customers/3ds/authentication"
},
"3ds:verify": {
"href": "https://try.access.worldpay.com/verifications/customers/3ds/verification"
},
"curies": [{
"href": "https://try.access.worldpay.com/rels/verifications/customers/3ds/{rel}",
"templated": true,
"name": "3ds"
}]
}
}Use the values: version, authenticationValue, eci, transactionId from the request when
| Parameter | Description |
|---|---|
authentication.version | The version of 3DS used to process the transaction. Note: Required for Mastercard's Identity Check transactions in authorization. |
authentication.authenticationValue | A cryptographic value that provides evidence of the outcome of a 3DS verification.
Used when |
authentication.eci | Electronic Commerce Indicator (ECI). Indicates the outcome of the 3DS authentication.
You will need to use this when you are |
authentication.transactionId | A transaction identifier. If provided, you should use it as part of your If the authentication.version has a major version of:
|
Next steps
