The successful response of this method will include the folowing:
RequestID
for this Card Entry Form session. You will need to use this request ID in future requests relating to this Card Entry Form session.Location
header for the URL of the card form. You can use this URL to display the card form in your iframe.
3D Secure challenge timeout
Please note that if you enable 3DS processing during card capture, the 3DS challenge window will have a 5 minute timeout period. If the card owner does not submit the response to the 3DS challenge within that timeframe, their authentication will be rejected.
All URLs should be https.
CVV Retention Policy
Remember to set the CVV Retention Policy for this token.
Custom Merchant Information
Please do not use the
merchantName
parameter in the request unless you have followed our guide on managing merchant information for 3D Secure authentication as this may cause problems in your 3DS processing.If you plan to use the PCI Booking merchant information for 3DS Authentication, please set "ThreeDs" as
True
and "merchantName" blank.
Please note that the PCI Booking merchant can only be used to perform 3D Secure authentication on Visa and Mastercard cards.
Complying with Visa 3DS Authentication requirements
As of August 12th 2024, Visa requires all merchants performing 3D Secure authentication to send additional information for the purpose of the authentication. Many of these additional details are sent automatically, in the background, by our system, but there are some parameters that you will need to provide PCI Booking in your request - you would need to provide either the email address or the phone number of the person you are authenticating.
You will find two new additional parameters in this request to provide these values.
If you are using 3DS authentication, you MUST provide at least one of these values.