Due to an update to the Visa Secure Program, two new fields are now required in the 3DS authentication request message:
Going forward, merchants who fail to provide these two fields will receive the following error response and, consequently, cannot submit a valid 3DS transaction via our API.
Error Response
{
"id":"50038136-37ec-4635-8638-e46e7e2b90d8",
"errorCode":100005,
"generalMessage":"Validation failed.",
"url":"/threeds/authenticate",
"timestamp":"2024-05-23T11:37:21.883090165Z",
"validationErrors":[
{
"field":"cardHolderName",
"message":"must not be null"
},
{
"field":"email",
"message":"must not be null"
}
]
}To comply with the new requirements, follow these steps:
Update the CCBill Payment Widget to version 1.12.2 by modifying your preload link.
Use the following code snippet for convenience:
<link rel="preload" href="https://js.ccbill.com/v1.12.2/ccbill-advanced-widget.js" as="script"/>
<script type="text/javascript" src="https://js.ccbill.com/v1.12.2/ccbill-advanced-widget.js"></script>Depending on your integration, the required fields can be provided in two ways:
1. Using the data-ccbill HTML element attribute.
Example
<form id="payment-form">
<input data-ccbill="email" />
<input data-ccbill="nameOnCard" />
<!— other fields skipped for brevity -->
</form> You must also include hidden or non-hidden HTML input fields for the new data fields in your forms.
2. Utilizing default _ccbillId_FieldName ID attributes or custom ID attributes.
Example
<form id="payment-form">
<input id="_ccbillId_email" />
<input id="_ccbillId_nameOnCard" />
<!— other fields skipped for brevity -->
</form>If you are using custom ID attributes, the IDs must also be mapped to the corresponding HTML input by passing it through the customIds parameter in the MCN Widget constructor.
Example
<form id="payment-form">
<input id="customEmailId" />
<input id="customNameOnCardId" />
<!— other fields skipped for brevity -->
</form>
<script>
const customIds = {
email: "customEmailId",
nameOnCard: "customNameOnCardId"
};
const widget = new ccbill.CCBillAdvancedWidget("application_id", customIds);
widget
.authenticateCustomer(
"oauth_token",
"client_accnum",
"client_subacc",
'#formId',
'ccbillIframe'
)
.then(
(response) => console.log(`SCA status: ${response.status}`),
(error) => console.log(`error: ${JSON.stringify(error)}`)
);
</script>Ensure you add hidden or visible HTML input fields to your forms for the new data fields.
In addition to the required fields mentioned above, CCBill will start validating Consumer Info, Billing, and Shipping Address fields if they are present in the request.
The following validation constraints will be applied if the fields are present:
| FIELD | CONSTRAINT |
|---|---|
| nameOnCard | 2-45 Characters |
| 254 Characters (Max). Must comply with RFC 5322 specification. | |
| address1 | 50 Characters (Max) |
| city | 50 Characters (Max) |
| country | 2 Characters (Expecting ISO 3166-1 two-letter country code) |
| postalCode | 16 Characters (Max) |
| state | 3 characters (Expecting country subdivision code defined in ISO 3166-2) |
To ensure a smooth transition and avoid disruptions in your payment processing, we encourage all merchants to review their current setups and make any necessary adjustments to meet these updated requirements.