> For the complete documentation index, see [llms.txt](https://docs.verifone.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.verifone.com/api-reference/open-api-references/3d-secure.md). # 3D Secure The **3D Secure API** enables merchants to authenticate cardholders using the 3DS protocol, supporting both frictionless and challenge flows compliant with the Strong Customer Authentication (SCA) directive. Use these endpoints to initiate authentication lookups, manage JWT handshakes with the 3DS Client SDK, and query historical authentication records. {% hint style="info" %} All endpoints support both **Bearer (JWT)** and **Basic** authentication. See the [Authentication](#authentication) section below for details. {% endhint %} ## Environments {% tabs %} {% tab title="Production" %}

Region	Base URL
EMEA	`https://emea.gsc.verifone.cloud/oidc/3ds-service`
Americas	`https://us.gsc.verifone.cloud/oidc/3ds-service`
New Zealand	`https://nz.gsc.verifone.cloud/oidc/3ds-service`

{% endtab %} {% tab title="Sandbox" %}

Region	Base URL
Global Sandbox	`https://cst.test-gsc.vfims.com/oidc/3ds-service`
Americas Sandbox	`https://uscst-gb.gsc.vficloud.net/oidc/3ds-service`

{% endtab %} {% endtabs %} ## API Reference

Name	Description	Page	Cover image	Cover image (dark)
3DS Authentication	List, count, and retrieve historical 3DS authentication records with rich filtering support.	/spaces/OiXbo96Og9EN7rz2U44K/pages/51f2deb6988c495e9d8af2e9cd7d4193a821d357	/files/sHVUoUB1ALSjD0VstKV3	/files/jH5qUEHroD38NdV29emQ
Lookup	Initiate cardholder authentication — triggers frictionless or challenge flow and returns the authentication outcome.	/spaces/OiXbo96Og9EN7rz2U44K/pages/1cc7f27234c9f176df708699dccd4df687542a0f	/files/Rdf5FWD3fIZqc2g0WmLz	/files/1og0RnERdrJm7rSW9VEW
JWT	Create and validate JWTs for the 3DS Client SDK authentication handshake.	/spaces/OiXbo96Og9EN7rz2U44K/pages/f7c36444939ab34c9fafba41eb0626cf34b38233	/files/ACrmKokMuGOuhxS45S6X	/files/RHq9vp7jGXePBqDumU0k

## Authentication All endpoints accept either authentication method on each request. {% columns %} {% column %} #### Bearer (JWT) Pass a signed JWT in the `Authorization` header: ```http Authorization: Bearer ``` The JWT must be signed with your Verifone-provisioned private key and must include `entity_id`, `sub` (user\_id), and `roles` claims. {% endcolumn %} {% column %} #### Basic Auth Pass base64-encoded `username:password` in the `Authorization` header: ```http Authorization: Basic ``` {% endcolumn %} {% endcolumns %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.verifone.com/api-reference/open-api-references/3d-secure.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.