Introduction to Spreedly 3DS2 Global

The Spreedly 3DS2 Global solution allows for a single integration that works across many of the gateways that we support. Instead of performing 3DS2 authentications via a specific gateway, our solution integrates directly with a 3DS Server so that the results can be taken to any gateway that accepts third-party 3DS2 authentication fields.

Spreedly 3DS2 Global Authentication Flow
In order to support this new flow, Spreedly has introduced three new API objects that are necessary to make requests to a 3DS2 server on behalf of our merchants: Merchant Profile, SCA Provider, and SCA Authentication. We cover these in detail below.

Merchant Profile

In order to perform the transcation, a 3DS2 Server needs to know information about the merchant that is requesting the 3DS2 Authentication. Some Spreedly customers may be platforms with many merchants that use a single environment. To help differentiate between which merchant is requesting authentication, Spreedly has created an entity called a Merchant Profile that allows our customers to save merchant information—such as their category and country codes.

A Merchant Profile is associated with a single Spreedly environment, and an environment may have many profiles associated with it.

SCA Provider

Just like a Gateway allows our customers to make transactions like purchase and authorize, an SCA Provider is a new entity that allows customers to make 3DS2 Authentication transactions. Also like a Gateway, an SCA Provider holds the credentials required for Spreedly to interact with a 3DS2 server on behalf of our merchants.

There is currently only one type of SCA Provider: a Spreedly SCA Provider. Instead of needing to sign up for a 3DS2 authentication service and then giving the credentials to Spreedly, merchants can create Spreedly SCA Providers directly via our API by simply providing the required merchant information. Spreedly will use the information provided in the Merchant Profile and the Spreedly SCA Provider call to register with our 3DS2 server on the merchant’s behalf. The SCA Provider can then be given to Gateway transactions to perform 3DS2 authentications as part of the transaction.

An SCA Provider is associated with a single Merchant Profile, and a Merchant Profile may have many SCA Providers associated with it.

SCA Authentication

An SCA Authentication is a Spreedly transaction type that represents a single 3DS2 Authentication. Since 3DS2 Authentications can be asynchronous, this transaction is the source of truth for the state of a 3DS2 Authentication. Once a 3DS2 Authentication is complete, it contains authentication values that can be sent to any Gateway that supports third-party 3DS2 fields.

SCA Authentication can be completed as a standalone action or as part of a Gateway’s authorize, purchase, or verify actions. That is, a merchant can:

  1. Authenticate a specific payment method and amount and store the authentication results until merchant is ready to perform a purchase or authorize with the authenticated payment method.
    • In this case, a merchant sends a the SCA Authentication transaction token in lieu of a payment method in the purchase or authorize
  2. Add the SCA Provider key to the authorize or purchase transaction, under the sca_provider_key field along with the standard transactions fields.
  3. Verify a cardholder’s identity with a specific payment method by performing a non-payment sca authentication. This can be performed standalone by passing in all data except for amount or by adding the SCA Provider key to the verify transaction.

If the transaction requires a challenge, Spreedly’s iFrame and Express javascript libraries provide ways to help with asynchronous polling to simplify an integration’s frontend development requirements.

Summary

Spreedly’s 3DS2 solution offers a single 3DS2 integration that will work with any of our Gateways that accept third-party 3DS2 authentication fields. The simplified process is to:

Create a Merchant Profile in your production Spreedly environment.
Create a Spreedly SCA Provider on that Merchant Profile.
For any transaction that should be 3DS2 authenticated, provide the SCA Provider key and all relevant device or browser info.
Make sure your frontend is able to handle asynchronous 3DS2 flows.

Getting Started

To get started on integrating with Spreedly’s 3DS2 solution, our Integration Guide covers how to create and use the entities talked about in this guide.