• France
status page
demonstrations
assistance
FAQContact support
Search
Categories
Tags
English
French
English
Homepage
Use cases
Create a payment
Create an installment payment
Create a multi-card (split) payment
Create a payment by Alias (Token)
Create a payment link
Create a recurring payment
Manage subscriptions
Manage your transactions (refund, cancel...)
Analyze your reports
API docs
Embedded Form
REST API
Hosted payment
Mobile payment
File exchange
Snippets
Payment methods
Plugins
Guides
Merchant Back Office
Functional guides

3DS2 - Authentication challenge in timeout (deprecated)

Deprecated integration. It is recommended to implement this integration : " Bearer Authentication Service (Simple Mode) "

To test this scenario, use one of the card numbers below:

CARD Expiry date Label
4970110000000021 To be chosen VISA
5100010000000049 To be chosen MASTERCARD
375900000000016 To be chosen AMEX

When entering the authentication code, do not enter anything and wait for 10 minutes for the payment session to expire.

Exchange flow

1. Initial call to the PCI/Charge/Authenticate service with a card enrolled for 3DS2.

{
  "amount": "9990",
  "currency": "EUR",
  "transactionCategory": "PAYMENT",
  "productType": "GOODS_OR_SERVICE_PURCHASE",
  "merchant": {
    "mid": "9876357"
  },
  "paymentForm": {
    "expiryMonth": "09",
    "expiryYear": "22",
    "networkPreference": "VISA",
    "pan": "4970110000000021"
  },
  "device": {
    "acceptHeader": "text/html",
    "colorDepth": "32",
    "deviceType": "BROWSER",
    "ip": "69.89.31.226",
    "javaEnabled": true,
    "language": "FR",
    "screenHeight": "768",
    "screenWidth": "1258",
    "timeZoneOffset": "-120",
    "userAgent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101"
  },
  "protocolRequest": {
    "name": "THREEDS",
    "version": "2",
	"challengePreference": "NO_PREFERENCE"
  }
}

2. A return with a CHALLENGE instruction of redirection to the ACS with a CReq (visible iFrame).

{
	"webService":"PCI/Charge/Authenticate",
	"version":"V4",
	"applicationVersion":"5.23.0",
	"serverDate":"2021-05-05T12:02:47+00:00",
	"ticket":null,
	"applicationProvider":"",
	"metadata":null,
	"status":"SUCCESS",
	"mode":"TEST",
	"serverUrl":"https://api.scelliuspaiement.labanquepostale.fr",
	"_type":"V4/WebService/Response",
	"answer":{
		"id":"3b25e3ed-5d48-4f99-af61-0d5db9e3b18e",
		"protocol":{
			"name":"THREEDS",
			"version":"2.1.0",
			"network":"VISA",
			"challengePreference":"NO_PREFERENCE",
			"simulation":true,
			"_type":"V4/Charge/Authenticate/Protocol"
		},
		"value":{
			"instructionType":"FORM",
			"name":"CHALLENGE",
			"timeout":600,
			"target":{
				"element":"IFRAME",
				"visible":true,
				"width":500,
				"height":600,
				"_type":"V4/Charge/Authenticate/InstructionTarget"
			},
			"http":{
				"method":"POST",
				"url":"https://acs.sg.com/acs/v2/creq",
				"body":{
					"creq":"eyJ0aHJlZURTU...",
					"threeDSSessionData":"H4sIAAAAAAAAAC2..."
				},
				"_type":"V4/Charge/Authenticate/HttpRequest"
			},
			"_type":"V4/Charge/Authenticate/AuthenticationInstruction"
		},
		"_type":"V4/AuthenticationResponseData"
	}
}

3. Redirection to the ACS in the iFrame, cardholder authentication.

The characteristics of the Iframe are given in the answer.value.target object. The form to be displayed in the Iframe is described in the answer.value.http object.

4. Return via the browser with a TIMEOUT instruction result.

{
	"eventName":"LYRA_AUTH_INSTRUCTION_RESULT",
	"value":{
		"name":"CHALLENGE",
		"value":"TIMEOUT",
		"protocol":{
			"name":"THREEDS",
			"version":"2.1.0",
			"network":"VISA",
			"challengePreference":"NO_PREFERENCE",
			"simulation":true
		}
	}
}

5. A new call to the PCI/Charge/Authenticate service transmitting this result.

{
  "amount": "9990",
  "currency": "EUR",
  "transactionCategory": "PAYMENT",
  "productType": "GOODS_OR_SERVICE_PURCHASE",
  "merchant": {
    "mid": "9876357"
  },
  "paymentForm": {
    "expiryMonth": "09",
    "expiryYear": "22",
    "networkPreference": "VISA",
    "pan": "4970110000000021"
  },
  "device": {
    "acceptHeader": "text/html",
    "colorDepth": "32",
    "deviceType": "BROWSER",
    "ip": "69.89.31.226",
    "javaEnabled": true,
    "language": "FR",
    "screenHeight": "768",
    "screenWidth": "1258",
    "timeZoneOffset": "-120",
    "userAgent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101"
  },
  "protocolRequest": {
    "name": "THREEDS",
    "version": "2",
    "challengePreference": "NO_PREFERENCE"
  },
  "id":"3b25e3ed-5d48-4f99-af61-0d5db9e3b18e",
  "instructionResult": {
    "name" : "CHALLENGE",			    
    "value":"TIMEOUT",
    "protocol":{
		"name":"THREEDS",
		"version":"2.1.0",
		"network":"VISA",
		"challengePreference":"NO_PREFERENCE",
		"simulation":true
    }
  }		  
}

6. Answer of the payment gateway server with the final authentication result.

{
	"webService":"PCI/Charge/Authenticate",
	"version":"V4",
	"applicationVersion":"5.23.0",
	"serverDate":"2021-05-05T12:12:49+00:00",
	"ticket":"19c4fb4e301d4aaeaa51a63f316e55da",
	"applicationProvider":"",
	"metadata":null,
	"status":"SUCCESS",
	"mode":"TEST",
	"serverUrl":"https://api.scelliuspaiement.labanquepostale.fr",
	"_type":"V4/WebService/Response",
	"answer":{
		"id":"3b25e3ed-5d48-4f99-af61-0d5db9e3b18e",
		"protocol":{
			"name":"THREEDS",
			"version":"2.1.0",
			"network":"VISA",
			"challengePreference":"NO_PREFERENCE",
			"simulation":true,
			"_type":"V4/Charge/Authenticate/Protocol"
		},
		"value":{
			"authenticationType":"CHALLENGE",			
			"status":"FAILED",
			"extension":{
				"code":"AUTHENTICATION_ERROR",
				"message":"Challenge timeout",
				"_type":"V4/Charge/Authenticate/AuthenticationResultReason",
			},
			
			"reason":{
				"code":"AUTHENTICATION_ERROR",
				"message":"Challenge timeout",
				"_type":"V4/Charge/Authenticate/AuthenticationResultReason"
			},
			"_type":"V4/Charge/Authenticate/AuthenticationResult"
		},
		"_type":"V4/AuthenticationResponseData"
	}
}
© 2025 {'|'} All rights reserved to Scellius
25.25.0-1.11