3D-Authentication Results POST from your Terminal URL

On this page:

Overview

The response from the 3D Callback service is identical to that of the initial registration POST.

POST

3D-Authentication Results POST from your Terminal URL

Name

Description

Mandatory

Valid Characters

Max Length

Allowed Values

VPSTxId

The Opayo ID that uniquely identifies the transaction on our system. This replaces the MD for the 3D-Authentication attempt.

This must match the VPSTxId value passed back to you with the CReq in response to your transaction registration POST.

Yes

​Letters, digits, hyphens, and curly brackets
   

 

38 

 

CRes

A Base64 URL encoded message sent back by Issuing Bank to your Terminal URL at the end of the 3D-Authentication process.

This field must be passed back to Direct along with the VPSTxId field to allow the Opayo MPI to decode the result.

Important: You will receive this value back from the Issuing Bank in a field called cres (lower case ‘cr”) and it must be passed to Opayo as CRes (uppercase ‘CR’).

Yes

BASE64

7500 

 

PARes

This field should only be submitted in case of fallback (fallback from 3DSv2 to 3DSv1), where you have initially received a PAReq in the 3D-Secure response.

A Base64 encoded, encrypted message sent back by Issuing Bank to your Terminal URL at the end of the 3D-Authentication process.

This field must be passed back to Direct along with the MD field to allow the Opayo MPI to decode the result.

Important: You will receive this value back from the Issuing Bank in a field called PaRes (lower case a”) and it must be passed to Opayo as PARes.

Yes

BASE64

 

 

 

 

 

7500 

 

MD

This field should only be submitted in case of fallback (fallback from 3DSv2 to 3DSv1), where you have initially received the MD in the 3D-Secure response.

A unique reference for the 3D-Authentication attempt. This will match the MD value passed back to your site in response to your transaction registration POST.

Yes

Letters and digits
 

35