Visa will require 5 data elements in the 3DS Authentication Request (AReq)-Mobile app

[atalleb]

Merchants must provide complete and accurate transaction data in their authentication request for accurate risk assessments and better performance.

This is an update of the article shared on November 22th, where initially Visa required 12 fields in the authentication message with an effective date of February 2024. After feedback and discussions with Visa product teams, they now revised the bulletin, reducing the number of fields required and postponing the effective date.  

The mandatory fields are now as follows:

1.Browser screen height
2.Browser screen width
3.Browser IP address
4.Cardholder Name
5.Cardholder Email Address OR Cardholder Phone Number

Query 1:
In case of 3DS flow we open in app browser for validating the request so in this case do we need to pass browser width and height

if we have to pass then please let us know on which point we should pass these values to Adyen.

[descorp]

Hey @atalleb

This is not necessary for native 3DS2.

You can see list of necessary fields in Make a payment doc.

You can use AdyenAction.threeDS2SdkVersion to get threeDS2SdkVersion for current platform, see API-only example

[atalleb]

We have following queries on 3DS native, Please clarify.

1. In the save payment method card if we are making payment and if it is opening in web browser then it will come under Native 3DS category or browser category, if it comes under browser category then where we have to send parameters like browserInfo.screenHeight and browserInfo.screenWidth to Adyen.

2. If we are opening payment type using start('dropIn')- it will come under native 3S? Please confirm and not required to pass any parameter like browser info width and height.

3. If we are opening url in web view in save payment method then that’s things will come under 3DS native or browser category if it will come under browser category then where we have to send browserInfo.screenHeight and browserInfo.screenWidth in query parameters or somewhere else.

4. For react native app side we have required to pass browser info width and height to Adyen or not?

[descorp]

Hey @atalleb

Note

We recommend using Native 3DS2 for mobile apps.

---

if it is opening in web browser

If something is opening in a SFViewController or Android Custom Tabs - then it is a Redirect 3DS2, not a Native 3DS2.

If we are opening payment type using start('dropIn')- it will come under native 3S?

No. DropIn will simplify your integration, but your backend is still controlling the payment flow and communication with Adyen API.

we have required to pass browser info width and height to Adyen

BrowserInfo width and height are not obligatory on mobile.

---

Are you on \sessions or on \payments (aka "Advanced" aka "3 endpoints") flow ?

[atalleb]

We are under DropIn Flow where we are appearing payment component with start(payment-type) in React native.

But in case of save payment flow for debit/credit visa and if authentication required by Adyen for that we are using WebView screen to determine the request link Like it’s contains adyencheckout://, adyenreactnative:// etc. then we are showing success popup based on that.

Please confirm in this case we have to pass browserinfo width and height or not.

[descorp]

But in case of save payment flow for debit/credit visa and if authentication required by Adyen for that we are using WebView screen to determine the request link Like it’s contains adyencheckout://, adyenreactnative:// etc. then we are showing success popup based on that.

Sorry @atalleb
I am not following..

1. What Adyen API endpoint your backend use: \sessions or \payments ?
2. Why you need a WebView? Can you provide a screenshot/video of this flow?

[atalleb]

Can you please clarify below 2 points.

1. Using \payment something like this on backend

import { CheckoutAPI, Client } from '@adyen/api-library';
const client = new Client(adyenConfig);
const checkout = new CheckoutAPI(client);
const response = await checkout.payments(body);
const { action } = response;

for other payment like PayPal, sepa, etc based on backend action we are using nativeComponent.handle because in save payment flow we are not using start(payment-type) right? and not opening any popup to enter info.
So in that case (save of card flow) we are directing to web view and checking it's request link based on that we are showing success popup.

2. In sort Please clarify in mobile app side we have to send browser info width and height to our backend or not if we are using dropin start() 3DS redirect flow.

[descorp]

@atalleb

As already mention4ed above - browserInfo width and height are not required on mobile.

we are directing to web view

We have example code for stored payment methods.

You don't have to handle any actions yourself, you can use AdyenAction.handle

import { AdyenAction } from '@adyen/react-native';

await AdyenAction.handle(action, configuration)

[atalleb]

@descorp ,implemented like as you suggested, observed one time popup is being opened in browser by AdyenAction but main concern is it's payment happened without any card holder approval? Can you please suggest in which case it does not ask for approval, earlier it was working perfectly with 1.2.0 version but with the latest version looks payment done without any approval in case of save payment card.Please clarify.

[descorp]

Hey @atalleb

payment happened without any card holder approval?

observed one time popup is being opened in browser by AdyenAction

Those two statements contradict each other.

If you have provided card details (or stored card details) and have received and action (threeds or redirect) from \payments API - this is a "card holder approval". Shopper would have to performe some sort of OTP to proceed.

Can you please suggest in which case it does not ask for approval

Depending on issuer of the card, country, fraud score etc. Our Test cards provides examples for different kind of a flows.

In general - always recommend to use native threeDS with paymentMethod.threeDS2SdkVersion and

"authenticationData": {
    "threeDSRequestData": {
      "nativeThreeDS": "preferred"
    }
  },

---

If you want to have abetter understanding of 3D Secure - please check documentation.

[atalleb]

Checked for UK card.

[atalleb]

@descorp We are using @adyen/react-native": "1.2.0", in this case how we can redirect the action in the case if save payment flow, can you please suggest.

AdyenAction is in latest version correct?

[descorp]

It is available from 2.0.0 indeed.

In general 1.2.0 does not provide PrivacyManifest for iOS - we recommend to update to at least 1.2.1

[atalleb]

@descorp with 1.2.1 how we can handle payment redirection in the case of save card? we need to use web view stuff or any other official way to handle that.

[descorp]

@atalleb

we need to use web view stuff

Fair. There is no officially recommended way of handling actions for v1 in API-only (or CSE) integration.
Out of the box WebView could be limiting (for example redirect is not guarantied) and making custom one requires strong Swift and Kotlin expertise.

I can only advice you to upgrade to v2. The Migration process should not be very complicated.