3D Secure (3DS) is a protocol to provide additional security for credit and debit cards. In the Philippines, it usually comes in the form of a one-time pin (OTP) sent via SMS. Each bank or card issuer would have its own page to allow the user to enter the OTP. Not all card payments require 3DS. If a user fails to authenticate the payment, the payment will not push through. Configuring your application to allow users to authenticate payments using 3DS requires additional set-up. A user would generally follow these steps when making a payment using 3DS:
- User enters their card details on the checkout page
- User is then presented with a form to enter their OTP
It is a best practice to open the authentication page in a modal, rather than redirecting the customer
- User then gets an SMS with their OTP
- User enters the SMS into the form
- If the OTP is valid, the payment will push through, otherwise the payment will not.
Updated about 1 year ago