3D Secure Guide (Apata)

This guide describes the Thredd 3D Secure service and how to implement a 3D Secure project with OTP, KBA, or biometric/In-app authentication.

Topics covered: Authorisation types, transaction flows, project steps, completing the 3DS product setup form, Enrolling cards in 3D Secure, auto-enrolment, test and rollout, Apata Portal, Merchant Simulator, Biometric/In-App authentication, KBA, 3DS Screens, Language support, Support for 3D Secure versions, 3DS Test Merchants

Current Version

Click the links below to view the current version, available in both Online (HTML) and PDF format.

Online (HTML)	PDF	What's Changed?	Version
3D Secure Guide (Apata)		Added descriptions on creating, editing, and publishing draft risk profiles. Included descriptions on backtesting. See Creating a draft risk profile and Backtesting risk profiles. Added references to Thredd Portal, our new web application for managing your cards and transactions Added notes to clarify the effect of passing an empty space as a value in specific fields in the 3D Secure Configuration (Apata) (`Ws_ApataCardLevelConfigurations`) web service. See Using the Card Configuration API. Added a new web service, (Ws_GetApataCardLevelConfigurations) to be used to retrieve the card level configuration for Apata. See Using the Get Card Level Configuration API. Added a Note on 3D-Secure unenrolment in the General FAQs. Clarified explanations of enrolment and unenrolment (see Enroling your Cards in 3D-Secure). Corrections to sample examples in Initiating a Biometric Session and Cancelling an authentication sections. Updated the company address.	1.3

Online (HTML)

PDF

What's Changed?

Version

3D Secure Guide (Apata)

Added descriptions on creating, editing, and publishing draft risk profiles. Included descriptions on backtesting. See Creating a draft risk profile and Backtesting risk profiles.

Added references to Thredd Portal, our new web application for managing your cards and transactions
Added notes to clarify the effect of passing an empty space as a value in specific fields in the 3D Secure Configuration (Apata) (Ws_ApataCardLevelConfigurations) web service. See Using the Card Configuration API.

Added a new web service, (Ws_GetApataCardLevelConfigurations) to be used to retrieve the card level configuration for Apata. See Using the Get Card Level Configuration API.

Added a Note on 3D-Secure unenrolment in the General FAQs. Clarified explanations of enrolment and unenrolment (see Enroling your Cards in 3D-Secure).
Corrections to sample examples in Initiating a Biometric Session and Cancelling an authentication sections.

Updated the company address.

1.3

Older Versions

Older versions are available in PDF format only.

File Name	What's Changed?	Version
3D Secure Guide (Apata) 1.2	Corrected name of heading to describe HTTP response in Using the Delegated SMS API. Added descriptions of client-managed OTP SMS authentication. This includes: An update to the Authentication method section. A new sub-section in Cardholder Authentication Flows. Changes to steps in a 3D-Secure Project. A new section on using the Delegated SMS API. A new page on the Delegate OTP Message fields.	1.2
3D Secure Guide (Apata) 1.1	Updates to endpoint URLs and examples in Using the Biometric/In-App Authentication APIs. Updates to a field name in the Delegate SCAValidation Message Fields. Added details of how to add, update or delete card level configurations for Apata, such as the language of the Apata Challenge screens and the Challenge Profile to use. See Using the Card Configuration API. Correction to Figure 1: Flowchart of Parties involved 3D Secure. Added Biometric endpoint content on Apata. This includes updates in the following areas: Summary of steps for Biometric and OOB in Completing Your 3DS Product Setup Form and Authentication via Biometric or In-App OOB Step-by-step instructions on using the APIs in Using the Biometric/In-App Authentication APIs IP address information in Authorising Thredd IP Addresses Reference information in Appendix 6: Biometric OOB Fields.	1.1
3D Secure Guide (Apata) 1.0	Updates to the description of the fields in the Product Setup Form (PSF), added sections describing new features on the Apata Portal, plus other corrections. First version	1.0

File Name

What's Changed?

Version

3D Secure Guide (Apata) 1.2

Corrected name of heading to describe HTTP response in Using the Delegated SMS API.

Added descriptions of client-managed OTP SMS authentication. This includes:

An update to the Authentication method section.
A new sub-section in Cardholder Authentication Flows.
Changes to steps in a 3D-Secure Project.
A new section on using the Delegated SMS API.
A new page on the Delegate OTP Message fields.

1.2

3D Secure Guide (Apata) 1.1

Updates to endpoint URLs and examples in Using the Biometric/In-App Authentication APIs. Updates to a field name in the Delegate SCAValidation Message Fields.

Added details of how to add, update or delete card level configurations for Apata, such as the language of the Apata Challenge screens and the Challenge Profile to use. See Using the Card Configuration API.

Correction to Figure 1: Flowchart of Parties involved 3D Secure.

Added Biometric endpoint content on Apata. This includes updates in the following areas:

Summary of steps for Biometric and OOB in Completing Your 3DS Product Setup Form and Authentication via Biometric or In-App OOB
Step-by-step instructions on using the APIs in Using the Biometric/In-App Authentication APIs
IP address information in Authorising Thredd IP Addresses
Reference information in Appendix 6: Biometric OOB Fields.

1.1

3D Secure Guide (Apata) 1.0

Updates to the description of the fields in the Product Setup Form (PSF), added sections describing new features on the Apata Portal, plus other corrections.

First version

1.0