web
You’re offline. This is a read only version of the page.
close

What can we help you with?

Payer Authentication (3DS) - Setup and Troubleshooting


000002056


5

12/09/2025 19:47 PM

4.1

Introduction

This article provides a consolidated overview of how to configure Payer Authentication (3‑D Secure) for Cybersource, including enablement requirements, setup steps, enrollment workflow, and troubleshooting guidance. This information helps resolve the most common 3DS-related support cases, including configuration gaps, missing indicators, ECI 0/7 values, and step‑up challenges not appearing.

Use this guide to ensure your merchant account is properly configured, understand the full 3DS workflow, and troubleshoot common enrollment and authentication issues.

Overview

The Payer Authentication (3‑D Secure) service adds an additional layer of security and supports liability shift. Successful authentication depends on proper account enablement, accurate API requests, and completion of all steps in the 3DS flow.

  • 3DS must be enabled at the portfolio (organization) level before MIDs can process authenticated transactions.
  • If 3DS is enabled at the portfolio level, all transaction MIDs may use 3DS unless custom MID‑level configuration is required.
  • Most setup failures occur because 3DS is not fully enabled, incomplete, or missing indicators during processing.

Prerequisites

Before configuring or integrating 3‑D Secure:

  1. Contract and sign for Payer Authentication (3DS).
  2. Enable 3DS on the Cybersource portfolio MID and/or transaction MID in the Enterprise Business Center (EBC).
  3. Confirm acquirer support for 3‑D Secure on your merchant account.
  4. Contact Client Services to validate setup completeness.
    How to Contact Client Services

Enablement Requirements

To request activation of Payer Authentication, submit a Support Case with the following information:

Merchant Information

  • Organization ID (formerly CyberSource Merchant ID)
  • Company Name
  • Merchant Website URL
  • Primary Processing Currency

Merchant Acquirer Information

  • Acquiring Bank Name
  • Acquirer Contact Name
  • Acquirer Contact Phone Number and/or Email

Verified by Visa Requirements

  • Acquirer Bank Identifier (Visa BIN)
  • Acquirer Visa MID

Mastercard Identity Check Requirements

  • Acquirer Bank Identifier (Mastercard BIN)
  • Acquirer Mastercard MID

Procedure: Configure 3‑D Secure

Step 1: Add 3DS Credentials

  1. Sign in to the Business Center.
  2. Navigate to Payment Configuration > Payer Authentication Configuration.
  3. Select Add New Credentials.
  4. Enter the 3DS credentials provided during enablement.
  5. Select Save.

Step 2: Enable 3DS on Secure Acceptance Profiles

  1. Navigate to Payment Configuration > Secure Acceptance Settings.
  2. Select your Secure Acceptance profile.
  3. Open the Payment Settings tab.
  4. Select Edit Profile.
  5. Under Payer Authentication 3DS Version, select 3DS 2.
  6. Save the changes and select Promote to Active.

3‑D Secure Enrollment Workflow

The typical 3DS API workflow includes these steps:

  1. Setup Service
    • Executed after card entry.
    • Returns JWT, reference ID, and device data collection URL.
  2. Device Data Collection
    Completed in a hidden iframe before enrollment check.
  3. Check Enrollment
    Determines whether authentication or step‑up is required.
  4. Step‑Up Authentication
    • Issuer challenge window must open within 30 seconds.
    • Displayed in an iframe or via the SDK.
  5. Validation Service
    Used only if step‑up is completed.
  6. Authorization
    Send authentication values to support liability shift.

📱 Mobile SDK users skip the Setup step—the SDK manages device collection automatically.

Common Causes of 3DS Enrollment Failure

  • 3DS not fully configured in EBC.
  • Acquirer not enabled for 3DS.
  • Issuer not participating in 3DS.
  • Unsupported card types or BIN ranges.
  • Unsupported currencies.
  • 3DS version mismatch between merchant and issuer.
  • Invalid card formatting (Luhn/length).
  • Device data collection incomplete.
  • Missing required API fields such as returnURL or browser data.
  • Step‑up iframe not opened within 30 seconds.
  • Using test credentials in live environment.
  • Network or endpoint issues.

Troubleshooting by Reason Code

Reason CodeDescriptionAction
100Successful transactionProceed with authorization using 3DS authentication values.
101Missing required fieldsReview missingField values and resend request.
102Invalid field dataCorrect format errors in invalidField list.
150General system failureRetry later; contact support if the issue persists.
151Server timeoutRetry after a short delay.
152Service timeoutRetry after a short delay.
234Merchant configuration errorDo not retry. Contact Client Services to correct configuration.
475Card enrolled—authentication requiredInitiate challenge, complete validation, then authorize.
476Authentication cannot be completedDecline transaction; request alternate payment method.

Additional Resources



Was this article helpful?


Articles Recommended for You