topic Best Practices for Handling 3D Secure Redirects in Cybersource REST API in cybersource APIs

Best Practices for Handling 3D Secure Redirects in Cybersource REST API

Iuvtech — Fri, 02 Jan 2026 17:03:51 GMT

Hi. Just integrating 3d secure with cybersource rest api. when transactions triggers 3d authentication, I receive a redirect url. how to handle callback once authentication is complete?

Re: Best Practices for Handling 3D Secure Redirects in Cybersource REST API

alario — Wed, 07 Jan 2026 10:16:13 GMT

Redirect the user to the 3D Secure authentication URL, then send them back to your own return/callback URL after the challenge. Don’t treat the redirect as the final result once the user returns, verify the authentication outcome server-to-server by calling the CyberSource REST API using the transaction/request ID. The final payment decision should always come from the API, not the browser callback.

Re: Best Practices for Handling 3D Secure Redirects in Cybersource REST API

dani_dzotsi — Fri, 16 Jan 2026 11:30:27 GMT

My team and I are currently working with the 3DS authentication. We have several questions about the overall flow and how this authentication process works, particularly from the merchant's backend gateway perspective.

1. How the device data is initially handled and sent through Cybersource to the issue
2. When the challenge result is sent, how does the merchant backend relate and make use of the responses from the issuer

Any information on the 3ds integration will be helpful.