3D Secure

The 3D Secure API enables merchants to authenticate cardholders using the 3DS protocol, supporting both frictionless and challenge flows compliant with the Strong Customer Authentication (SCA) directive. Use these endpoints to initiate authentication lookups, manage JWT handshakes with the 3DS Client SDK, and query historical authentication records.

All endpoints support both Bearer (JWT) and Basic authentication. See the Authentication section below for details.

Environments

Region

Base URL

EMEA

https://emea.gsc.verifone.cloud/oidc/3ds-service

Americas

https://us.gsc.verifone.cloud/oidc/3ds-service

New Zealand

https://nz.gsc.verifone.cloud/oidc/3ds-service

API Reference

Cover

Name

3DS Authentication

Description

List, count, and retrieve historical 3DS authentication records with rich filtering support.

Cover

Name

Lookup

Description

Initiate cardholder authentication — triggers frictionless or challenge flow and returns the authentication outcome.

Cover

Name

JWT

Description

Create and validate JWTs for the 3DS Client SDK authentication handshake.

Authentication

All endpoints accept either authentication method on each request.

Bearer (JWT)

Pass a signed JWT in the Authorization header:

Authorization: Bearer <token>

The JWT must be signed with your Verifone-provisioned private key and must include entity_id, sub (user_id), and roles claims.

Basic Auth

Pass base64-encoded username:password in the Authorization header:

Authorization: Basic <credentials>

Previousfaqs Next3DS Authentication

Last updated 27 days ago

Was this helpful?