Local Card 3DS Payment

Merchants can integrate the local card 3DS payment method on their website, where cardholders can input card details to complete their online payment securely with 3D Secure authentication.

Local card 3DS payment process

  1. Cardholder Initiation:

    • The cardholder initiates a local card payment request within the merchant’s online application.
    • This request typically includes relevant payment details such as card information, transaction amount, and other required parameters.
  2. Merchant’s API Call:

    • Before performing a payment, the merchant’s payment application must call the Authorization API to obtain a token.
    • Using the Authorization token, the merchant’s payment application calls OTT Pay’s API to post a payment for processing.
    • The API request includes the Authorization token, as well as all required payment method information, including the total payment amount and any additional details received in the request.
  3. Payment Authorization:

    • The payment gateway validates the request and communicates with the payment processor and card issuer.
    • If the issuing bank requires a 3DS challenge for transaction authorization, a challenge page will be displayed to the cardholder.
    • The cardholder must provide the necessary verification information on the challenge page.
    • If the verification information is valid, the transaction is authorized, and the payment gateway returns an authorized status.
    • This status indicates that the payment has been accepted and can proceed for capture by OTT Pay.
  4. Payment Verification:

    • The merchant’s payment application can verify the payment result using OTT Pay’s payment status query API.
    • If the payment was successful, the status returned will be success.
    • This step ensures that the payment was processed correctly.

NOTE: The completed payment status list here.

  1. Response:
    • Once the OTT Pay gateway confirms the payment result, the API will send a response via the callback URL provided in the initial payment request
    • The callback URL allows the merchant to receive real-time updates on the payment status

3D Secure 2 authentication flows

A transaction that qualifies for 3D Secure 2 can go through either a frictionless flow or a challenge flow, depending on the issuer’s requirements.

  1. Frictionless flow In a frictionless flow, the acquirer, issuer, and card scheme exchange all necessary information in the background through passive authentication using the shopper’s device fingerprint. The transaction is completed without further shopper interaction.

  2. Challenge flow In a challenge flow, the issuer requires additional shopper interaction, either through biometrics, two-factor authentication, or similar methods based on SCA authentication factors.

Payment process status transition diagram

API Explanation


Testing 3D Secure 2 authentication

Test 3D Secure 2 authentication with your integration and troubleshoot issues before it goes live.