When processing card payments under PSD2 SCA rules, a transaction may be eligible for a 3DS exemption.
Exemptions can reduce friction by allowing a payment to proceed without an explicit cardholder challenge.
Exemptions are always subject to issuer and scheme decisioning. Requesting an exemption or challenge preference does not guarantee that outcome.
When creating a payment session via paymentSessionCreate, you can use the paymentSettings.threeDs.challengeIndicator field to specify your 3DS authentication preference.
Setting the challengeIndicator field allows you to influence the 3DS flow, such as requesting exemptions for low-risk transactions or enforcing a challenge for higher-security requirements. Here are the available options for this field:
| Value | Description |
|---|---|
NoPreference | No explicit preference. Ryft/provider requests standard 3DS handling. |
NoChallengeRequested | Requests a frictionless flow where possible (challenge not explicitly requested). |
ChallengeRequested | Requests the issuer to challenge the cardholder. |
TransactionRiskAnalysisAlreadyPerformed | Signals that Transaction Risk Analysis (TRA) has already been performed prior to authentication. |
If omitted, no explicit preference is requested.
Here's an example of how to set the challengeIndicator when creating a payment session:
{
"amount": 54550,
"currency": "GBP",
"customerEmail": "test@mail.com",
"paymentSettings": {
"threeDs": {
"challengeIndicator": "TransactionRiskAnalysisAlreadyPerformed"
}
}
}Please note you can also update the 3DS settings of an existing payment session before attempting payment. This allows you to adjust your 3DS preferences based on the evolving risk profile of the transaction or other factors.
To update the 3DS settings, use the paymentSessionUpdate endpoint with the appropriate challengeIndicator value.
- To create and process payments end-to-end, follow Initial Setup.
- To learn more about 3DS, see 3D Secure.