To simplify 3D Secure integration using XML payments, Nuvei provides a simple MPI redirect. To allow 3D Secure transactions for a terminal it should be configured and registered with the card schemes, please contact the Nuvei support team for details.
The following resources are the same for all the requests and responses you find in this page:
TYPE | URL |
---|---|
Request URL | https://testpayments.nuvei.com/merchant/mpi |
This URL should be used in test mode only. Please contact the Nuvei support team to receive the live URL.
The Card Holder will have to pass the 3D Secure check, and the check result will be sent back to the Merchant's application as a GET request. Processing result response will return the MPIREF parameter, which should be included in the XML payment request.
After the merchant application receives the 3D Secure check result, it should send an XML payment request. If the 3D Secure check was successful (‘A’ Result) the payment request should contain the fields MPIREF, Order ID and Terminal ID and they should be the same as in the 3D Secure request.
If the 3D Secure check was not successful (‘D’ Result) the application can send a non-3D Secure transaction (MPIREF will not be available in such case) or don’t send payment transaction at all.
We recommend that the transaction should be marked as declined in your system if our MPI rejects the transaction.
Use the Request URL and the Request Body Fields to perform a request for this feature, then prepare your integration to receive the response, as defined by the Response Body Fields.
FIELD | REQUIRED | DESCRIPTION |
---|---|---|
TERMINALID | Y | A Terminal ID provided by Nuvei. NB - Please contact Nuvei to be issued with a test terminal ID. |
CARDNUMBER | Y | The payment card number. |
CARDEXPIRY | Y | 4 digit expiry field (MMYY). |
CARDTYPE | Y | See Card Types section. |
AMOUNT | Y | The amount of the transaction as a 2 digit decimal or an Integer value for JPY amounts. |
CURRENCY | Y | A 3 character currency code of the transaction. |
ORDERID | Y | A unique identifier for the order created by the merchant (Max 24 characters). |
CVV | N | The security code entered by the card holder. |
DATETIME | Y | Request date and time. Format: DD-MM-YYYY:HH:MM:SS:SSS. |
HASH | Y | A HASH code formed by part of the request fields. The formation rule is given at the ND001 - Hash Formation, in the next section. |
ND001 - Hash Formation
The general rule to build HASH field is given at the Special Fields and Parameters page, under the Special Fields and Parameters section. For this specific feature, you should use the following formats:
TERMINALID:ORDERID:CARDNUMBER:CARDEXPIRY:CARDTYPE:AMOUNT:DATETIME:SECRET
ND002 - Data Encoding for Requests
All data sent to us should be correctly encoded using UTF-8 as the character encoding.
The response body fields will be:
FIELD | DESCRIPTION |
---|---|
RESULT | MPI processing result: A: Approved. D: Declined. |
MPIREF | MPI reference, this value should be sent in the XML payment request if received from the Nuvei MPI. |
ORDERID | Original order identifier. |
STATUS | A: An attempt at authentication was performed (ECI: 06). N: Authentication attempt not performed (ECI: 06). U: Unable to authenticate (ECI: 07 or 06). Y: Authentication attempted and succeeded (ECI: 05). |
ECI | 05: Full 3D Secure authentication. 06: Issuer and/or cardholder are not enrolled for 3D Secure. 07: 3D Secure authentication attempt failed - numerous possible reasons (Visa only). |
DATETIME | Response date and time. Format: DD-MM-YYYY:HH:MM:SS:SSS. |
HASH | A HASH code formed by part of the request fields. The formation rule is given at the ND001 - Hash Formation, in the next section. |
ND001 - Hash Formation
The general rule to build HASH field is given at the Special Fields and Parameters page, under the Special Fields and Parameters section. For this specific feature, you should use the following formats:
RESULT:MPIREF:ORDERID:DATETIME:SECRET