############
Introduction
############
.. toctree::
:maxdepth: 2
:caption: Contents:
:hidden:
:numbered: 2
self
getting-started
server-information
usage
guides
examples
reference
sandbox
changelog
This is the documentation for the 3-D Secure Server provided by `3dsecure.io`_.
It is a Software as a Service (SaaS) implementation, offering a language-agnostic
HTTP API integration. This service supports all active versions of 3-D Secure version 2
(``2.1.0``, ``2.2.0``) and our goal was to make the documentation work on it’s own.
Nevertheless, you may need to refer to the specifications during the implementation.
A 3-D Secure Server is used for *cardholder authentication*. An authentication
in 3-D Secure, is the process of verifying cardholder involvement in e.g. a
purchase. An authentication results from an *authentication flow* and proof of
authentication is an *authentication value*. Get an overview of a 3-D Secure
Server in :ref:`what-is-a-3-d-secure-server`
Who should integrate with this service
=======================================
Candidates for integrating with this service:
- Acquirers
- Gateways
- Merchants
- Other Payment Service Providers
Why choose this service by **3dsecure.io**?
===========================================
We believe our service offering is a great product, let us list a few reasons
why.
Developed to have no downtime
Updates and deployments have been engineered to have no downtime
for integrators.
No performance limit
The service is highly scalable and has been engineered to be redundant.
Sandbox service
We provide access to a sandbox service that allows for continuous testing
against a “live” system.
Competitive pricing
We offer plans you can grow with. Our pricing is aimed at both low scale
users as well as high scale enterprise users.
Dashboard
Use our dashboard to gain insight into your 3-D Secure usage.
Devoted team
We take pride in our job and are dedicated to providing a great service.
.. _what-is-a-3-d-secure-server:
What is a 3-D Secure Server?
============================
A 3-D Secure Server is used in the financial industry, to facilitate cardholder
authentication in preparation for e.g. making a purchase. The specification is
developed by EMVCo, who by `their own
words `_:
EMVCo exists to facilitate worldwide interoperability and acceptance of
secure payment transactions
The specification is public and can be found at `EMVCo's document page
`_. The specifications are
included here for ease of access. This guide intends to be self-contained, such
that you do not need to refer to the specification.
.. note::
The following documents are all produced and copyrighted by `EMVCo `_.
.. list-table::
:header-rows: 1
* - File
- Description
* - :download:`EMVCo_3DS_spec_v210.pdf `
- Specification 2.1.0
* - :download:`EMVCo_3DS_SDKSpec_v210.pdf `
- SDK Specification 2.1.0
* - :download:`EMVCo_3DS_SB204v5.pdf `
- Specification Bulletin No. 204 v5 (Cumulative updates to 2.1.0)
* - :download:`EMVCo_3DS_SB207v1.pdf `
- Update document describing changes between 2.1.0 and 2.2.0.
* - :download:`EMVCo_3DS_Spec_v220.pdf `
- Specification 2.2.0
* - :download:`EMVCo_3DS_SDKSpec_v220.pdf `
- SDK Specification 2.2.0
* - :download:`EMVCo_3DS_SB214v1.pdf `
- Specification Bulletin No. 214 v1 (Cumulative updates to 2.2.0)
Parts involved in 3-D Secure
============================
Requestor (3DSRequestor)
An organization performing 3-D Secure authentication on behalf of a merchant.
The requestor may be a merchant.
3-D Secure SDK (SDK)
An SDK for e.g. a mobile phone platform or smart television, providing
platform native support for EMVCo 3DS authentication.
3-D Secure Server (3DSS)
A server facilitating communication between the Requestor and Card Schemes.
Directory Server (DS)
Card scheme service facilitating connections between 3-D Secure Server and ACS.
Access Control Server (ACS)
Acts on behalf of issuer to support authentication of cardholders.
Where to go from here
=====================
1. Sign up at `3dsecure.io `_ (not covered by this documentation)
2. Read the :ref:`getting-started` guide for getting an
understanding of the authentication flow.
3. Read the :ref:`requests` section to learn the prerequisites for requests.
4. Look at the :ref:`usage` in this documentation.
5. Consult the :ref:`reference` to get details about the individual API endpoints.