Skip to main content

3D Secure Response Parameters

Zuora

3D Secure Response Parameters

This article mainly describes the parameters contained in the 3D Secure response.

The following table lists the parameters contained in the 3D Secure response when the 3D Secure process is successful.

Parameter Description Remarks
ThreeDSResult

The status result of the 3D Secure check.

For more information about the parameter values, see 3D Secure Status Results.

The general result of 3D Secure authentication. This parameter and its value are always returned as long as it is a 3D Secure hosted page and the authentication amount is greater than zero.

AuthorizeResult

The result of the authorization.

For more information about the parameter values, see 3D Secure Authorization Results.

The result of authorization. This parameter and its value are always returned in the response.
AuthTransactionId The transaction ID that represents the authorization. You can use it to capture or void the authorization. The unique identifier of authorization. It is required if you want to void or capture the authorization.
threedPaymentMethodId The payment method ID that is created for this 3D Secure request. It can be used to create a billing account and associate with the billing account. It can also be used to capture the authorization. Regardless of whether 3D Secure authentication is successful, Zuora creates a payment method and returns its ID as long as the authorization is successful.
CAVV Cardholder Authentication Verification Value, a value that allows VisaNet to validate the integrity of the Verified by Visa (VbV) transaction data.

The value is responded from the corresponding payment gateway.

If the credit card is enrolled with 3D secure, this parameter and its value are returned in the response.

If the credit card is not enrolled with 3D secure, this parameter is returned in the response without any value.

ECI Electronic Commerce Indicator, the two or three digit code that is returned by the credit card processing networks and issuing banks to notify an eCommerce merchant about the authentication of the cardholder and the status of the cardholder’s issuing bank under 3D Secure. Each credit card network has a specific type of ECI framework used.

The value is responded from the corresponding payment gateway.

If the credit card is enrolled with 3D secure, this parameter and its value are returned in the response.

If the credit card is not enrolled with 3D secure, this parameter is returned in the response without any value.

XID The unique ID generated by the card issuer bank to represent this 3D Secure authentication request.

If the credit card is enrolled with 3D secure, this parameter and its value are contained in the response.

If the credit card is not enrolled with 3D secure, this parameter is returned in the response without any value.

3D Secure Status Results

The following table lists the 3D Secure status results and corresponding required actions. These status results are possible values of the ThreeDSResult parameter displayed in the 3D Secure response.

3D Secure Status Description Required Actions 
AuthRequestRecieved The initial status of 3D Secure, as long as Zuora receives the request. N/A
InvalidAuthRequest

The authentication request was invalid. The request was invalid mainly because basic validation on Credit Card fields failed. The 3D Secure process was stopped.

The validation includes but not limited to:

  • Required fields are not specified.
  • The expiration date has passed.
The error is displayed on the Payment Page so that consumers can modify their input.
GatewayNotSupported The payment gateway does not support 3D Secure. Adjust the HPM integration to use payment gateways that support 3D Secure.
EnrollCheckAttempt

An attempt was conducted to check whether the credit card was enrolled with 3D Secure.

If the card issuer, card range, or cardholder is not enrolled, this value will be returned. For more information, see the Worldline Global Collect documentation.

Authorization is performed if possible. The authorization result is displayed in the AuthorizeResult parameter.

If the AuthorizeResult parameter shows that authorization succeeded, you can decide whether to go on the shopping flow and capture payments eventually or to block the shopping. If you block the shopping, void the authorization by using Zuora’s Cancel authorization REST API with AuthTransactionId as the parameter.

If the AuthorizeResult parameter shows that authorization failed, stop the shopping flow and provide information to consumers.

EnrollCheckFailed

An issue occurred in the attempt to check whether the credit card was enrolled with 3D Secure. For example, the card issuer was unable to authenticate or did not respond. 

For more information, see the Worldline Global Collect documentation.

Same as above. 
AuthenticationFailed Zuora attempted to perform authentication for a credit card enrolled with 3D Secure, but the payment gateway responded that authentication failed. Same as above. 
AuthenticationException An unexpected exception occurred while preparing or during 3D authentication. Same as above and contact Zuora Global Support.
PendingRedirect The credit card was enrolled, and Zuora received the issuer bank’s URL and rendered it in the HPM iframe to ask for 3D Secure credentials. The 3D Secure flow was pending on waiting for consumer actions. Wait for consumer inputs.
IssuerCallbackRecieved Consumers entered 3D Secure credentials and submitted the Payment Page. The issuer triggered the callback, and Zuora received the callback. 

Wait for the HPM callback of Zuora.

Zuora will validate the issuer callback first and then query the 3D Secure result with the payment gateway. At last Zuora will send the HPM callback by calling the callback function that you provided when rendering Payment Pages.

InvalidIssuerCallback The issuer callback did not pass Zuora’s validation. The URL could be attacked, or other issues happened. Stop the shopping flow and contact Zuora Global Support.
ValidatePassed The issuer callback passed validation and Zuora sent a request to the corresponding payment gateway, and confirmed that consumers passed 3D Secure authentication. Go on the shopping flow. 
If the AuthorizeResult parameter shows that authorization succeeded, call Create Account to create a billing account and a subscription and generate an invoice. However, you cannot collect money in this call. After making a call to Create Account, you obtain the invoice ID and account ID. Then, call Create a payment with the authTransactionId parameter to collect the money.
ValidateFailed The issuer callback passed the validation and Zuora sent a request to the corresponding payment gateway and confirmed that consumer doesn’t pass 3D authentication. Stop the shopping flow and provide feedback to consumers.
Usually, the AuthorizeResult parameter is not Approved, indicating that the money is not authorized yet. However, if it is Approved, void the authorization by using Zuora’s Cancel authorization REST API with AuthTransactionId as the parameter.
AuthenticateValidationException The issuer callback passed the validation and an unexpected exception occurred when Zuora tried to query the 3D Secure result with the corresponding payment gateway. If the AuthorizeResult parameter shows that authorization succeeded, you can decide whether to go on the shopping flow or to stop it and void the authorized money.
If the AuthorizeResult parameter shows that authorization failed, stop the shopping flow and contact Zuora Global Support.
Unknown The issuer callback passed the validation. Zuora sent a request to the corresponding payment gateway to query the 3D Secure result, but did not receive any response because of network issues or other issues. If the AuthorizeResult parameter shows that authorization succeeded, you can decide whether to go on the shopping flow or to stop it and void the authorized money.
If the AuthorizeResult parameter shows that authorization failed, stop the shopping flow and contact Zuora Global Support.
ZeroAuthAmount You provided 0 as the authorization amount or does not provide any value. Zuora 3D Secure for Payment Pages 2.0 does not support such situations. Modify the HPM integration to provide a value greater than zero.

3D Secure Authorization Results

The following table lists the 3D Secure authorization status results. These status results are possible values of the AuthorizeResult parameter displayed in the 3D Secure response.

Authorization Status Description
Pending Zuora sent the 3D Secure authentication request to the corresponding payment gateway, received the issuer URL, and rendered it for consumers. It was waiting for consumer actions to go on. 
Approved The payment transaction amount was authorized.
NotApproved The payment authorization request was declined.
Voided The payment authorization was voided.
Captured The payment authorization was captured.
NotAttempted Zuora did not send any authorization request to the corresponding payment gateway.
Unknown Zuora sent the authorization request to the corresponding payment gateway, but did not receive any response because of network issues or other issues.