Use 3-D Secure for e-commerce transactions

United States

3-D Secure (3DS) is a protocol that provides an additional security layer for online credit and debit card-not-present (CNP) transactions. Clover uses the EMV® 3DS to authenticate customers and safeguard against CNP fraud. 3D stands for three domains:

  1. The card issuer.
  2. The merchant receiving the payment.
  3. The 3DS infrastructure platform that is a secure go-between for the customer and the merchant.

Enable 3DS

3DS is required for apps intended for use in the European region. It is optional in other regions, but you can still use it as a tool to reduce fraud.

To create an additional security layer for CNP transactions, add the 3DS authentication method while using the Create a charge endpoint. When you turn on 3D Secure, the cardholder must validate every transaction with a secure personal identification number (PIN) sent to their phone or associated devices from their card issuer.

All major card issuers offer 3DS by a different brand name. Example:

Card issuer3DS
American Express®SafeKey®
Visa®Visa Secure

3DS parameter requirement

Add the 3DS object to your charge request to initiate the 3DS authentication.

sourceStringSource of the 3DS authentication, for example NON_CLOVER.Required
authentication_resultObject3DS authentication result. 3DS is a protocol that provides an additional security layer for online credit and debit card-not-present (CNP) transactions.Required
- authentication_statusStringAuthentication status of 3DS transaction.
- Success
- Failed
- Attempted
- Unavailable
- Rejected
- transaction_id String3DS transaction identifier.Optional
- cryptogramString3DS cryptogram is an authentication method associated with the cards stored as Android device tokens. Returned payment data includes a (3DS) cryptogram generated on the device.Required for non-Clover 3DS
- threeds_versionString3DS authentication version.
Note: Clover supports 3DS version 2.0 only. Upgrade your version to 2.0, as 1.0 is no longer supported

Request and response examples

curl --request POST \
   --url '' \
   --header 'accept: application/json' \
   --header 'authorization: Bearer ab86a5e8-48f3-b3bd-8c45-d415e9867833' \
   --header 'content-type: application/json' \
   --data '
 "ecomind": "ecom",
 "metadata": {
  "existingDebtIndicator": false
 "threeds": {
  "authentication_result": {
   "authentication_status": "SUCCESS",
   "transaction_id": "CAACCVVUlwCXUyhQNlSXAAAAAAA",
   "cryptogram": "11B5 2345 49C3 C4DD 931A 27BD 8CA3 CD82",
   "threeds_version": "2"
  "source": "NON_CLOVER"
 "source": "clv_1ABCDefgHI23jKL4m5nOPQrS",
 "amount": 100,
 "currency": "USD",
 "description": "test"
 "id": "3NTR8H89C1D8M", 
 "amount": 100,
 "payment_method_details": "card",
 "amount_refunded": 0,
 "currency": "USD",
 "created": 1234567891234,
 "description": "test",
 "captured": true,
 "ref_num": "1234567891",
 "auth_code": "121212",
 "outcome": {
  "network_status": "approved_by_network",
  "type": "authorized"
 "paid": true,
 "status": "succeeded",
 "source": {
  "id": "clv_1ABCDefgHI23jKL4m5nOPQrS",
  "brand": "DISCOVER",
  "exp_month": "01",
  "exp_year": "2030",
  "first6": "123456",
  "last4": "4321"
 "ecomind": "ecom",
 "threeds": {
  "validation_result": "AUTHENTICATION_STATUS_UNKNOWN",
  "liability_protection_status": "NOT_PROTECTED"