4 Steps in a 3D Secure Biometric/In-app Project
This section describes the steps in setting up a 3D Secure RDX
3D Secure real-time API call to enroll a card in 3D Secure service with Biometric or In-App authentication.
4.1 Overview of Steps
The RDX service is required for Biometrics or Out of Band In-App authentication. A project starts once Cardinal Commerce have received your requirements. A typical RDX project takes 7-8 weeks, but you should plan for up to 9-10 weeks to allow for contingencies. (This timeline assumes you have already developed the customer smart device application you will be using to provide Biometric/In-App authentication, and have developed Card Enrolment APIs.)
Figure 1 below provides an overview of the steps in a typical project.
Figure 5: Steps in a 3D Secure RDX Project
Refer to the table below.
|
# |
Step/Action |
Approximate time needed |
|---|---|---|
|
1 |
Complete your 3DS Product Setup Form (PSF) Your Thredd 3DS project manager can help you complete this form, which provides details of your 3D Secure service configuration at Thredd. |
Allow 1-2 days. A Statement of Work must be completed between Thredd and Cardinal. |
|
2 |
Cardinal sets up your 3D Secure account and Screens Specify the Cardinal 3D Secure configuration options. Cardinal will configure your 3D secure settings, provide Cardinal Portal access and customised authentication screens. |
Allow around 4 weeks for Cardinal to configure both RDX and biometric. |
|
3 |
Integrate the 3D Secure RDX endpoints Provide Thredd with your API endpoints and a list of permitted IP addresses for using the services. Develop the functionality to receive and process 3D Secure messages using either our 3D Secure Thredd API |
Allow 1-2 weeks for Thredd to configure the API endpoints and enable access for your IP addresses. |
|
4 |
Thredd sets up your oAuth access and provides you with details to access the Thredd oAuth server. Test that you are able to access the oAuth server in staging and production; see Steps 6 and 7 below. |
Included in the 1-2 weeks period for integrating RDX endpoints (step 3 above) |
|
5 |
Thredd activates a single card product in the Staging environment, so you can enrol a few cards for Staging UAT testing. You can enrol your cards and specify the types of authentication: if using the Thredd API then use the 3D Secure RDX Thredd API ( |
It takes 1-2 hours for Thredd to activate the card product. Allow 1-2 hours to enrol cards in the Thredd Staging UAT environment and run authentication tests. See step 6. Then repeat in Pilot production. See step 7. |
|
6 |
Once RDX and biometric are configured, Thredd and Cardinal release the project into the Staging UAT environment for you to test. You can now create your 3D Secure rules and policies in the Cardinal Staging Portal. |
It will take you 1-3 hours to set up your rules (e.g., for Success, Fail/Reject or Challenge outcomes) and link your BIN range to a 3D Secure policy. You can start testing in Staging using the Cardinal UAT simulator in the Cardinal Staging Portal. Allow a week to complete the Staging UAT testing. |
|
7 |
Complete pilot Production testing Thredd and Cardinal set up your cards in the Production environment:
|
The full pilot testing phase takes around 1-2 weeks:
|
|
8 |
Notify Thredd once you have completed your pilot testing. Thredd configures your card products for 3D Secure. You need to enrol all your live cards in 3D Secure and register them for your supported authentication types (e.g., Biometric or OTP SMS). Thredd also offer an auto-enrolment option. See Card Auto Enrolment. Notify Thredd that you have completed enrolment. Your issuer (BIN sponsor) contacts the Card Scheme to set your card BIN ranges live (For Mastercard). For Visa, Cardinal supplies the card range files for the issuer (BIN sponsor) to load at the Visa Directory Server. |
Allow a week to 10 days to complete the roll-out at the Card Scheme and to enrol your cards. |
Each of these steps is broken down into further detail below.