3DS支付验证
在信用卡支付中使用3DS支付验证
要使用3DS支付验证,你可能需要先集成供应商所提供的用于3DS的JavaScript库。 然后你需要在支付请求的card3dsInfo对象中,指定字段use3ds的值为true,并提供对应供应商所需的其他验证参数。
在收到3DS支付验证请求后,支付系统会返回一个带有验证信息的IN_PROGRESS状态的响应。 你需要根据这些验证信息,继续进行3DS的认证流程。当付款人完成认证后,支付成功,订单的状态将会转为SETTLED。
在巴西,3DS支付验证的可用性如下:
| 供应商 | 是否已支持 | 版本 | 参考文档 | JS库文件 |
|---|---|---|---|---|
| Tuna | - | - | - | |
| Adiq | 2.0 | 点击阅读 | adiq-3ds-package-1.0.1-hml-min.js adiq-3ds-package-1.0.1-min.js |
集成Adiq的3DS支付验证
1) 初次使用,你必须先在浏览器页面中集成Adiq的JavaScript库文件。
2) 浏览器页面中必须包含一个输入卡号的文本框。把文本框的元素标识以及回调函数,传递给Adiq库的构造函数,以便让Adiq能够获取卡号和进行回调函数的注册。
3) 浏览器页面需要首先调用Adiq库的Authorization3ds()函数来完成初始化,再调用getThreeDsCode()函数生成一个code3ds编码。
4) 使用这个code3ds编码来创建一个信用卡的支付请求。请求和响应的例子如下:
创建带3DS支付验证的请求
POST /v1/payments/charges/card
{
"Content-Type": "application/json",
"Authorization": "Bearer {{access_token}}",
"x-api-key": "{{api_key}}"
}
{
"idempotencyKey": "1ec983fa-1a37-679b-809b-067861d87ab0",
"amount": 1000,
"country": "BR",
"currency": "BRL",
"paymentMethod": "CREDIT_CARD",
... # other basic request fields
"card3dsInfo": {
"use3ds": true,
"code3ds": "a88e307cc7c0415494a1e306b4471d46", // 由Adiq的JS库提供
"merchantSite3ds": "estabelecimento.com.br" // 商家的网站域名
},
"subMerchantId": "UUID",
... # other basic request fields
}
{
"transferStatusCode": 200,
"idempotencyKey": "1ec983fa-1a37-679b-809b-067861d87ab0",
"referenceId": "1ec983fa-1a37-679b-809b-067861d87ab0",
"paymentMethod": "CREDIT_CARD",
"amount": 1000,
"currency": "BRL",
"finalAmount": 1000,
"finalCurrency": "BRL",
"country": "BR",
"createTime": "2022-03-01 17:53:18 GMT-08:00",
"scheduledTime": "2022-03-01 17:53:18 GMT-08:00",
... # other basic response fields
"transferDetails": {
"card": {
"cardInfo": {
"cardHolderName": "card_holder_name",
"expirationMonth": 9,
"expirationYear": 2024,
"brand": "VISA",
"bin": "458124",
"last4": "0000"
},
"cardId": "8736453a-dad0-4f26-85f0-95e8787d0237",
"card3dsInfo": {
"use3ds": true,
"code3ds": "a88e307cc7c0415494a1e306b4471d46",
"merchantSite3ds": "estabelecimento.com.br",
"vendor3dsChallengeInfo": {
"adiq3dsChallengeInfo": {
"acsUrl": "https://emv3dsauth1.secureacs.com/acs2web/acs2nubankbr/authentication",
"pareq": "eyJtZXNzYWdlVHlwZSI6IkNSZXEiLCJtZXNzYWdlVmVyc2lvbiI6",
"authenticationTransactionId": "mBNpR2zF2dkdFICP6NU1"
}
}
}
}
},
"transferStatus": "IN_PROGRESS",
"description": "this is a test pay",
"subMerchantId": "UUID"
}
5) 从以上例子的响应中可以看到,当认证需要走3DS的挑战流程时,vendorDsChallengeInfo对象中将会返回所须的验证信息。
6) 使用vendorDsChallengeInfo对象返回的acsUrl、pareq和authenticationTransactionId信息,调用浏览器页面的函数InitChallenge(acsUrl, pareq, authenticationTransactionId),之后浏览器会弹出一个发卡行的认证页面。
7) 当付款人完成认证后,弹出窗口将会消失。在第2步中注册的回调函数,将会收到一个包含JWT校验令牌和挑战状态的payments.validated事件。
8) 最后把第7步的校验令牌和code3ds编码,发送到端点/card/confirm/{idempotencyKey}。支付成功后,订单状态将会转为SETTLED。请求和响应的例子如下:
确认3DS支付验证
POST /v1/payments/charges/card/confirm/{{idempotencyKey}}
{
"transferStatusCode": 200,
"idempotencyKey": "1ec983fa-1a37-679b-809b-067861d87ab0",
"referenceId": "1ec983fa-1a37-679b-809b-067861d87ab0",
"paymentMethod": "CREDIT_CARD",
"amount": 1000,
"currency": "BRL",
"finalAmount": 1000,
"finalCurrency": "BRL",
"country": "BR",
"createTime": "2022-03-01 17:53:18 GMT-08:00",
"scheduledTime": "2022-03-01 17:53:18 GMT-08:00",
... # other basic response fields
"transferDetails": {
"card": {
"cardInfo": {
"cardHolderName": "card_holder_name",
"expirationMonth": 9,
"expirationYear": 2024,
"brand": "VISA",
"bin": "458124",
"last4": "0000"
},
"cardId": "8736453a-dad0-4f26-85f0-95e8787d0237",
"card3dsInfo": {
"use3ds": true,
"code3ds": "a88e307cc7c0415494a1e306b4471d46",
"merchantSite3ds": "estabelecimento.com.br",
"vendor3dsChallengeInfo": {
"adiq3dsChallengeInfo": {
"acsUrl": "https://emv3dsauth1.secureacs.com/acs2web/acs2nubankbr/authentication",
"pareq": "eyJtZXNzYWdlVHlwZSI6IkNSZXEiLCJtZXNzYWdlVmVyc2lvbiI6",
"authenticationTransactionId": "mBNpR2zF2dkdFICP6NU1"
}
}
}
}
},
"transferStatus": "SETTLED",
"description": "this is a test pay",
"subMerchantId": "UUID"
}