cancel
Showing results for 
Search instead for 
Did you mean: 

3DS Payer Authentication Challenge/Stepup not working

Hi, I'm implementing Payer Authentication (3ds) and had a working version that today suddenly stopped to work.

When I submit the challenge in the challenge iframe, it post to: 


it is a form-encoded value with 2 fields. 
 
And then it gets a 400 - Bad Request as a response.

I don't know how to diagnose it, because it was working and is is generated by 3ds, not me.

Any idea how to see logs/something from cardinalcommerce?

The iframe post only to items that seems to be ok:

  1. cres
    eyJtZXNzYWdlVHlwZSI6IkNSZXMiLCJtZXNzYWdlVmVyc2lvbiI6IjIuMi4wIiwidGhyZWVEU1NlcnZlclRyYW5zSUQiOiJhNmY5MGU1MS0yNzE5LTQwN2ItODI2Ni1lYjgwMDdjYjY2YmUiLCJhY3NUcmFuc0lEIjoiYTA1ZDRiODQtNWUxNC00YWYwLTgxNGYtOGNhNTVkNDM2N2NhIiwiY2hhbGxlbmdlQ29tcGxldGlvbkluZCI6IlkiLCJ0cmFuc1N0YXR1cyI6IlkifQ
  2.  
    threeDSSessionData
    MF9iNjEyYXXXXXXXXXXXXXXyMzU2YmU
Thanks very much.


 
fruscitti
Member
3 REPLIES 3

Hi ,

The issue appears to be resolved now. We have retested the 3DS Payer Authentication Challenge flow, and the OTP submission is working correctly. We are no longer receiving the 400 Bad Request response, and the authentication process completes successfully.

seenivasan
Member

I ran into the same issue in their sandbox for about a week. I even reached out to support when it first started happening, but since I wasn't a paying customer and nobody else had reported it yet, the answer was essentially, "Have you tried reading the docs again?"

Despite me pointing out that there were no code changes and that yesterday's working integration had mysteriously decided to stop working overnight, CyberSource's customer service representative was adamant it wasn't on their side. So I spent more than a day chasing ghosts through our codebase.

At least it's working again, and that's all I really wanted in the end.

jbrown_ams
New Member

It seems that the problem has been fixed. The 3DS Payer Authentication Challenge flow has been retested, and the OTP submission is operating as intended. The 400 Bad Request response is no longer shown, and the authentication procedure is successfully finished.

jason533
Member