Professional Documents
Culture Documents
Pre-Implementation
The Merchant/Acquirer must have a 3DS Server and 3DS SDK that can connect to Visa’s 3DS 2.0 Directory Server.
3DS SERVER AND 3DS SDK1
Decide: Build, Buy, or use Hosted Solution
If building in-house solution merchant/acquirer must:
- EMVCo’s 3DS requirements. This first step is done by completing EMVCo’s 3DS Testing. EMVCo issues an EMVCo
Reference Number and a Letter of Approval on successful completion of EMVCo 3DS Testing
- Visa’s 3DS requirements. This is done by completing Visa’s 3DS Compliance Test. Visa issues an 3DS Approval
Letter and lists the 3DS product on Visa 3DS Approved Products List
- Digital Certificates: Obtain and install Digital Certificates for the 3DS Server to connect to Visa’s Directory Server
If using or buying an already built product, merchant/acquirer must:
- Visa’s 3DS requirement: Obtain EMVCo Letter of Approval & Reference # from purchsee and complete Visa’s 3DS
Compliance Test. Visa issues an 3DS Approval Letter
- Digital Certificates: Obtain and install Digital Certificates for the 3DS Server to connect to Visa’s Directory Server
If using a hosted solution or buying an already built product, merchant/acquirer must:
- Choose a Compliant 3DS Server and/or 3DS SDKProduct: Choose a 3DS Server/3DS SDK that has completed EMVCo
3DS testing and Visa testing using the Visa Approved 3DS 2.0 Product list.
- Register 3DS Server with Visa through the 3rd party agent program (hosted solution only): Merchant/acquirer must
ensure its 3DS Server and/or 3DS SDK provider is registered in Visa’s Third Party Agent Program and obtains a Visa
Business ID (see website www.visa.com/third-party-agent)
- Digital Certificates: Obtain and install Digital Certificates for the 3DS Server to connect to Visa’s Directory Server
1
Using a hosted solution dramatically lowers implementation and maintenance requirements. Most of the steps in this document
will be performed by the service provider if a hosted solution is chosen. See page 2 for link to list of service providers
3DS Server and 3DS SDK Implementation
Review relevant Visa guides and specifications: Implementation Guide
3DS Server Integration and Requirements: integrate with 3DS Server with Merchant Application
3DS SDK Integration and Requirements: integrate the 3DS SDK with the Merchant Application
Review all 3DS 2.0 Data Elements: make sure to collect and provided all required, conditional, and optional data
Visa Implementation
Obtain Visa Required Merchant Identifier’s
Ensure Payment Gateway/ Acquirer Host Supports 3DS Fields in VisaNet
Test 3DS Server, 3DS SDK, and Payment Gate/ Acquirer Host
PAYMENT PROCESS SETUP
Obtain Visa Required Merchant Identifier: Obtain 3DS requestor ID
Ensure Merchant/Acquirer payment processing system processes 3DS Authentication and related Authorization Data
Fields: CAVV Results Code (F44.13), Electronic Commerce Indicator (ECI)(F60.8), Cardholder Authentication Verification
Value (CAVV) Data (F126.9), 3DS Indicator (F126.20) (optional)
Ensure Additional Processing Requirements are Supported: ACI and ECI Value Alignment (U.S. domestic only)
Obtain Fraud Data (TC40): Request frequent fraud data reports from acquirer
TESTING
Test Authentication: Merchant, 3DS server, 3DS SDK, and merchant application (if applicable)
Test Authorization is also required if Merchant/Acquirer payment processing does not support the following fields:
Visa Authentication Data fields (CAVV Results Code (F44.13), ECI (F60.8), CAVV Data (F126.9)), Visa Authentication Data
field (3DS Indicator (F126.20))
Program Launch
Finalize “go live” date: Communicate date to all stakeholders, Develop training materials for all parties, ensure all
internal teams are trained on Visa’s 3DS 2.0 program
Launch 3DS 2.0 program: Set a coordinated “go live” date between 3DS Server, Acquirer and Merchant
Manage the program: 3DS Server/3DS SDK Monitoring (system availability, authentication processing,
authorization processing), Reporting (transaction reports, statistical reports, disputed transactions reports),
Dispute Resolution (review and respond to disputes)
Maintain Updated 3DS Program/System: 3DS server or SDK changes and updates
Acquirer/Payment • Some acquirers / payment processors have a 3DS Server Software • Reach out to your acquirer or
Processor integrated into their payment platforms payment processor to ask if they
support participation in 3DS 2.0 and
have a 3DS Server
Fraud Data • 3DS provides merchants with liability protection on 3DS transactions • VOL for VisaVue
• Merchants no longer receive disputes related to 3DS fraud, and therefore • Reach out to acquirer
lose insight into fraudulent transactions
• Merchants should request fraud data (TC40) from acquirer
• Visa has a solution for Acquirers to easily obtain fraud data through a paid
for service called VisaVue Online