Out of Band (OOB) Authentication & Response
If your Product(s) support the Out Of Band Authentication (OOB) either as the only method or the primary method with the One Time Passcode (OTP) as a secondary method, CLOWD9 will provide you with authentication request via a webhook.
You will need to provide CLOWD9 with the endpoint for the message to be delivered which will be configured initially during the Implementation stage. If you require the end point to be replaced at any time please follow the Change Request process.
During the 3D Secure authentication process, CLOWD9 will send the OOB Authentication request to you.
Authenticate Request:
| Field Name | Description | Format |
|---|---|---|
| client_id | Client identifier as pr the GUID generated by CLOWD9 | String |
| card_id | The GUID of the card relating to the purchase | String |
| customer_id | The GUID associated with the Customer as generated by CLOWD9 | String |
| sp_transaction_id | Unique identifier associated to the authorization request | String |
| ds_transaction_id | Directory server unique identifier associated to the transaction | String |
| card_acceptor_id | The ID of the merchant | String |
| card_acceptor_name | The Merchant name | String |
| card_acceptor_country | The numeric ISO country code associated with the Merchant | String |
| transaction_category | Type of transaction for which authentication is requested. Values are: “payment” - Spend “account-verification” - To verify the account | String |
| transaction_currency_code | Numeric ISO currency code of the transaction | String |
| transaction_currency_exponent | Minor units of the transaction currency | String |
| transaction_amount | Transaction amount in minor units of the transaction currency | String |
| transaction_channel | Channel at which transaction was acquired through: "app": The transaction was initiated from a merchant app using a 3DS SDK “browser”: The transaction was initiated from a web browser “merchant-initiated”: The transaction was initiated asynchronously by the merchant directly with the user | String |
| transaction_datetime | Date and time of the transactions | Integer |
| challenged_datetime | Date and time when the end user was challenged | Integer |
| challenge_expiry_window | Time window until the challenge is valid from challenged_datetime | Integer |
| challenge_expiry_datetime | Date and time when the challenge expires | Integer |
Example:
"client_id": "123e4567-e89b-12d3-a456-426614174000",
"card_id": "123e4567-e89b-12d3-a456-426614174001",
"customer_id": "123e4567-e89b-12d3-a456-426614174002",
"sp_transaction_id": "123e4567-e89b-12d3-a456-426614174003",
"ds_transaction_id": "123e4567-e89b-12d3-a456-426614174004",
"card_acceptor_id": "5999",
"card_acceptor_name": "Amazon",
"card_acceptor_country": "826",
"transaction_category": "payment",
"transaction_currency_code": "978",
"transaction_currency_exponent": "2",
"transaction_amount": "10000",
"transaction_channel": "browser",
"transaction_datetime": 1728478766,
"challenged_datetime": 1728478766,
"challenge_expiry_window": 10,
"challenge_expiry_datetime": 1728478776
}
Authenticate Response:
| Field Name | Description |
|---|---|
| client_id | Client identifier as pr the GUID generated by CLOWD9 |
| card_id | The GUID of the card relating to the purchase |
| customer_id | The GUID associated with the Customer as generated by CLOWD9 |
| sp_transaction_id | Unique identifier associated to the authorization request |
| status | Status of the web hook request. Should carry a static value of “ok” |
Example:
{
"client_id" : "",
"card_id" : "",
"customer_id" : "",
"sp_transaction_id" : "",
"status" : "ok"
}
Updated about 2 months ago