How 3DS Data Gets Stored
In most cases, 3DS data is stored automatically and you do not need to call the Store endpoint:- PCI Booking performs the 3DS challenge. When you tokenize a card via the Card Entry Form, Card By Link, or Payments Library with 3DS enabled, PCI Booking runs the 3DS flow and stores the authentication data on the token automatically.
- Tokenization on Response with 3DS extraction. When you receive card details from a third party via Tokenization on Response, the profile can be configured to extract 3DS authentication data from the message alongside the card details. Both are stored on the token in one step. You can update your profile through the PCI Booking portal or contact support@pcibooking.net for assistance.
- Tokenization on Request with 3DS extraction. Similarly, when a third party sends card data to your API via Tokenization on Request, the gateway profile can extract 3DS data from the inbound message. Contact support@pcibooking.net to enhance your gateway profile with 3DS extraction.
Store 3DS Data Manually
Use the Store 3DS Token endpoint when you receive 3DS authentication data separately after the card has already been tokenized. For example, if a third party performs the 3DS challenge on their side and sends you the authentication results, you can attach that data to your existing token.Using 3DS Data in Transactions
When you use a token to send card data to a PSP or third party, PCI Booking can inject the stored 3DS authentication data into the outgoing message alongside the card details:- Universal Payment Gateway. 3DS data is included automatically when processing payments through a PSP.
- Token Replacement in Request. 3DS data can be injected into the request body alongside the detokenized card data.
Retrieve 3DS Data
Use the Retrieve 3DS Token endpoint when you need to send the 3DS authentication data separately from the card details. For example, if your integration requires you to pass 3DS data in a separate API call to your PSP rather than in the same message as the card.Delete 3DS Data
Remove stored 3DS data from a token via the Delete 3DS Token endpoint when it is no longer valid or needed.3DS authentication data has a limited validity window. Check with your payment processor for their specific reuse policies.
Next Steps
Token Management Overview
All token management capabilities

