Redirect 3DS Components integration

Support cards with 3D Secure authentication through a redirect in your Android app.

You can use the Redirect Component to handle Redirect 3D Secure 2 authentication if you have an API-only integration.

If you have a Components integration that uses the Card Component, the Card Component can handle Redirect 3D Secure 2 authentication without additional integration. You do not need to use the 3D Secure 2 Component in this case.

This guide is for integrations using Redirect Component v5.0.0 with the Advanced flow.
For v4.13.3 or earlier, use the guide for earlier versions.

Requirements

Build your own UI for collecting card details.

Collect additional parameters in your payment form

For higher authentication rates, we strongly recommend that you collect the shopper's billing address and email address. Send these parameters to your server when making a payment, because they are required by the card schemes.

Import the Redirect Component

When you import the library, import the Redirect Component:

Make a payment

When you make a payment request, include the following additional 3D Secure 2 parameters.

See additional 3D Secure 2 parameters that we recommend to include in your request to increase authentication performance in our API reference.

Parameter name	Required	Description
paymentMethod		The type and required details for a card payment method. When using the Card Component, pass the `paymentComponentState.data.paymentMethod` object from your client app. When submitting raw card data, refer to Raw card data for the fields that you need to pass.
paymentMethod.holderName		Use case: required for Visa and JCB transactions. The cardholder's name.
channel		The platform where the transaction takes place. Set to Android.
returnUrl		The URL where the shopper will be redirected back to after completing 3D Secure authentication. Get this URL from the Component in the `RedirectComponent.getReturnUrl(context)`. Format: Maximum characters: 1024. Must not include `//` (double slash) after the top-level domain.
browserInfo		The shopper's browser information. The following sub-fields are required: acceptHeader: The accept header value of the shopper's browser. You can use a dummy value. userAgent: Get it using `WebSettings.getDefaultUserAgent(Context);` .
shopperIP		Use case: required for Visa and JCB transactions. The shopper's IP address.
shopperEmail		Use case: required for Visa and JCB transactions. The cardholder's email address. If you do not include the shopper email, you must include the shopper's phone number in your request.
telephoneNumber		Use case: required for Visa and JCB transactions if you did not include the `shopperEmail` field. The shopper's phone number. To be more specific, you can use the `mobilePhone`, `homePhone`, and `workPhone` fields in the `threeDS2RequestData` object. Format: The phone number must include a plus sign (+) and a country code (1-3 digits), followed by the number (4-15 digits). Example: +4912345678901 If the value you provide does not follow the guidelines, we drop the value and do not submit it for authentication.

Required for all transactions. Required for particular setups, or issuers and card schemes.

In the response, check if there is an action object. Your next steps depend on whether the response contains an action object, and on the action.type.

Response	Description	What to do
No `action` object	The transaction was either exempted or out-of-scope for 3D Secure 2 authentication.	Continue to get the payment outcome.
`action.type`: redirect	The payment qualifies for 3D Secure.	Handle the redirect.

A sample response with action.type: redirect:

Handle the redirect

Pass the action object to the Component to handle the redirect. The shopper is redirected to a separate page to perform 3D Secure 2 authentication and returns to your app after.

Continue to get the payment outcome.

Test and go live

Use our test card numbers to test how your integration handles different 3D Secure authentication scenarios.