3DS Lifecycle and 3DS Details
Overview
debiX offers the possibility to handle 3DS lifecycle events and to query details for 3DS‑registered cards.
The lifecycle events include:
- registration of a card
- update of the 3DS data
- deregistration of the card from 3DS
To inquire about the 3DS status of a card, both the card details endpoint and the 3DS details endpoint can be used.
3DS registration information
The 3DS registration information including the OOB status can be retrieved via the card details endpoint:
- V2:
POST /cards/details - CardToken/V2:
POST v2/cards/{cardToken}/details
OOB Status
The response contains the OOB status in threeDsInformation.paymentAuthenticationMethods.oob.status.
- If the OOB status is
ENABLED, the card is registered for 3DS. - If the OOB status is
DISABLED, the card is not registered.
If the card is registered, the OOB ID in threeDsInformation.paymentAuthenticationMethods.oob.id provides additional information on how the card is registered:
| OOB ID | Registration |
|---|---|
| debiX | - via debiX+ App- via debiX API with authentication method SMS_ONLY- via debiX API with the bank's own app combined with the 3DS SDK from SIX. |
| debiX OOB | via the debiX API with the bank's own app and combined with bank’s own authentication backend. |
| debiX SMS | manually via SIX Customer Service Center (CSC) for SMS-only in response to the customer’s call. |
Detailed 3DS information
If the card is registered for 3DS, detailed 3DS information can be retrieved via the 3DS details endpoint:
- V2:
POST /cards/3ds/details - CardToken/V2:
POST v2/cards/{cardToken}/3ds/details
Important attributes
The following table explains some important attributes:
| Attribute | Explanantion |
|---|---|
| threeDsStatus | Indicates the status of a card registered for 3‑D Secure on the Access Control Server (ACS). Possible values are: ACTIVE: The card is registered for 3‑D Secure and is active, i.e. not blocked, and the eCommerce feature toggle is enabled. INACTIVE: The card is registered for 3‑D Secure but inactive, e.g. because the card is blocked and/or the eCommerce feature toggle is disabled.Note: The threeDsStatus is not the same as the OOB status available in the card details endpoint; see above. |
| smsFallback | Indicates whether SMS is configured as a fallback authentication method for the card. |
| authenticationMethod | Indicates which authentication method is registered for the card. |
Authentication method
Depending on the 3DS setup of the bank, different authentication methods can be used. Possible values are: PIN, BIOMETRIC, BIOMETRIC_WITH_PIN_FALLBACK, BIOMETRIC_AND_PIN DELEGATED, SMS_ONLY.
| Bank Setup | PIN | BIOMETRIC | BIOMETRIC_ WITH_PIN_FALLBACK | BIOMETRIC_ AND_PIN | DELEGATED | SMS_ONLY |
|---|---|---|---|---|---|---|
| Bank with debiX+ App Cards registered via debiX+ App | X | X | X | |||
| Bank with own App and 3DS SDK from SIXCards registered via debiX API | X | X | X | |||
| Bank with own App and own Authentication Backend (3DS OOB)Cards registered via debiX API | X | X | ||||
| SMS‑onlyCards registered via debiX API or CSC | X |