opayo3d-secure

Direct Protocol 4.00 - ThreeDSRequestorPriorAuthenticationInfo.threeDSReqPriorRef - how do I populate this?


I'm wondering how to populate a field.

The section "A1.2 ThreeDSRequestorPriorAuthenticationInfoXML" of the Direct integration specification states

The 3DS Requestor Prior Transaction Authentication Information contains optional information about a 3DS cardholder authentication that occurred prior to the current transaction.

The field threeDSReqPriorRef has the description:

This data element provides additional information to the ACS to determine the best approach for handling a request. It will contain an ACS Transaction ID for a prior authenticated transaction (for example, the first recurring transaction that was authenticated with the cardholder). This ID will be available in future via My Sage Pay and the Reporting and Admin API.

Clearly providing a prior reference will be "better", but I'm wondering how to populate it?

So I'm looking at the contents of the CReq:

{
  "messageType" : "CReq",
  "messageVersion" : "2.1.0",
  "threeDSServerTransID" : "0868ead0-8e3e-4c29-be1a-9689500b52fe",
  "acsTransID" : "44d368d3-31c5-472d-a27e-ad2fd2a75cc7",
  "challengeWindowSize" : "05"

I assume the required data is obtained from acsTransID, which I'll presumably have to store for the next use? But I'm swithering as to whether I should be cracking open the CRreq at all as this seems like an almighty smell? (also note that the above from the SagePay test system isn't valid JSON either)

Surely SagePay should be giving this reference in the response? (I don't really want to use the Reporting API to get the reference TBH ... it's a bit of a rats nest)


Solution

  • Sound like you're going to need to bust the acsTransID out of the broken JSON response and use that. This is a best guess though. It doesn't sound as if SagePay currently return this in any form.