3D-S (3D-Secure) is a security protocol designed to provide an additional layer of authentication for online credit and debit card transactions. When a customer attempts to make a payment, they are redirected to their bank’s website, where they are asked to enter a unique password to confirm their identity. This helps prevent fraud and unauthorized purchases.

How Rye handles 3D-S

If 3D-S challenge completion is required, you should display the redirectURL to the end buyer. Once the end buyer completes the challenge, Rye will continue with order processing. There are two ways for a developer to determine if a 3D-S challenge is required:
  1. Listen to the OrderRequiresActionWebhook, which will be sent when a 3D-S challenge is required. The webhook will contain a redirectURL property that should be displayed to the end buyer.
  2. Call the checkoutByCartID query to see if a challenge is required. If it is required you will see a response similar to below:
Response
{
  "data": {
    "checkoutByCartID": {
      "orders": [
        {
          "id": "6e8a8ae2-02b5-4035-8e70-f7bd4efae72f",
          "status": "ACTION_REQUIRED",
          "requiredActions": [
            {
              "__typename": "CompletePaymentChallenge",
              "redirectURL": "https://hooks.stripe.com/redirect/authenticate/src_1OZJBQHGDlstla3f4WO2gYDJ?client_secret=src_client_secret_dRbH7vMWvHpueFHzo8ZDpMdo&source_redirect_slug=test_YWNjdF8xTGdEaHJIR0Rsc3RsYTNmLF9QTzVNNGlGdzNyenlMZHRXeDduVnE3bDh2ZGp2TEdS0100HDag50jR"
            }
          ]
        }
      ],
      "status": "ACTION_REQUIRED",
      "cart": {
        "stores": [
          {
            "__typename": "AmazonStore"
          }
        ],
        "id": "zOsOZi96Lujxgxsgnms8"
      }
    }
  }
}
The requiredActions array will contain a CompletePaymentChallenge object with a redirectURL property. This URL should be displayed to the end buyer, and they should be able to use it to complete the challenge. You can poll the checkoutByCartID query to see if the challenge has been completed.

Tips

  1. We recommend opening the redirect url in a new tab or window, so that the buyer can easily return to your site after completing the challenge.
  2. After completing the challenge, the buyer will be taken to a page that has a loading spinner on it. This indicates that the challenge has been completed or rejected by the buyer and Rye is in the process of updating the order status. We recommend closing the window so that the page does not confuse the buyer. You can do this by polling the checkoutByCartID query to see if the challenge has been completed or rejected and close the window based on the status of the order that required the challenge.