# Transactions authentication (SCA)

Most Card Transactions require an SCA.

When such a transaction occurs:

# Authentication of the End User

Upon reception of the card3DSv2Authentication.create webhook, you must authenticate your End User using the SDK and a strong authentication method such as Pin Authentication or Device Biometric Authentication.

# Notification of Authentication Result

Upon authentication of the End User, you must inform Treezor of the authentication result by calling the following request:

The authenticationRequestID is provided in the card3DSv2Authentication.create webhook.

# Payload

The expected {payload} contains two attributes.

The authenticationResult can be:

  • OK if the SCA was successful
  • KO_AUTH_FAILED if the SCA was unsuccessful (the end user failed to authentify themselves)
  • KO_TECHNICAL if a technical error prevented the authentication
  • FALLBACK to request the sending of a One Time Password by SMS instead

The authenticationSignature is the SCA proof, as generated by the SDK on the end user's device.

# Example

Note icon

Note – The authentication result must be provided to Treezor within 5 minutes of the webhook emission.

This delay can be modified to suit your specific needs by contacting your Treezor Account Manager.

Treezor may answer with:

# 200 HTTP Status Code

If your answer has been received and accepted by Treezor.

# 400 HTTP Status Code

If the provided attributes are invalid or missing.

If the authentication request has already been processed by Treezor.

If the authentication request cannot be found on Treezor's side.

# 500 HTTP Status Code

If an internal error on our side prevented us from accepting your answer

# Final authentication request status

Depending on the authentication result you sent to Treezor and Treezor's final processing, you're notified of the Card Transaction authentication status through the card3DSv2Authentication.update webhook.

The authenticationFinalResult value can be one of the following.

Final result Description
SUCCESS Authentication is successful and the card transaction proceeds.
UNAUTHENTICATED Treezor took into account that the authentication has failed. The card transaction fails.
ERROR An error occurred during the authentication process. The card transaction fails. This may occur regardless of your response, due to an error on the card processor's side.
FALLBACK You sent a FALLBACK response. Authentication switches to SMS_OTP mode.
TIMEOUT Authentication failed due to a timeout. The card transaction fails. This may occur regardless of your response, due to an error on the card processor's side.
Updated on: 4/12/2024, 7:56:54 AM