mSIGNIA provides a Customer Testing platform to help customers integrate the uSDKs. It is a fully-featured 3DS v.2 infrastructure that simulates all the participants of the 3DS flow.
The platform is used to execute most of the 2.1 and 2.2 3DS flows.
An mSIGNIA issued “uSDK license key” and “threeDSRequestorID” are required to use the testing platform. |
The platform is comprised of multiple participants depicted on the diagram below along with a number attached to each of them:
The participants of the Customer Testing platform can be split into two logical groups - merchant components and 3DS infrastructure components. Merchant components are grey colored in the diagram above while the 3DS infrastructure components are white.
The 3DS infrastructure components are hosted by mSIGNIA while the merchant components are run locally by the customers. The connection details for the 3DS infrastructure components are documented later on this page. |
iOS sample application (6.4 docs)
Android sample application (6.4 docs)
Browser sample application (6.4 docs)
Merchant Backend Sample application - (docs)
uMPI 3.0 plugin for Merchant Backed - (docs)
Transaction Details - a web application where 3DS transaction details can be reviewed (https://transaction-details.ct.msignia.com/transactions)
3DS Server - a certified 3DS server implementation deployed
DS Servers - two instances of a DS server
ACS Server - an implementation of an ACS server
Scenarios repository - a database that holds the scenarios for the components to perform based on acctNumber
used in a transaction.
The customer obtains a uSDK and bundles it into one of the sample applications provided - iOS, Android, or Browser. Afterwards, the customer launches the Merchant Backend Sample app pointing it to the 3DS Server.
Once the preparatory is done, the customer launches the sample app and performs a transaction. The request comes from the mobile or browser app to the sample backend, 3DS Server, DS and ACS. The ACS then responds and the data gets back to the sample application.
The data received back by the application is a 3DS message that has a field called threeDSServerTransID
The threeDSServerTransID
is used to look up the transaction details in the next step.
Once threeDSServerTransID
is known, the customer launches a web browser and navigates to the Transaction Details application (callout 5
on the diagram above), pastes the transaction identifier, and reviews the details.
Under the hood, the Customer Testing Platform uses the Scenarios Repository. The repository stores account numbers associated with the corresponding 3DS scenario to perform.
It is actually a table with the first column representing an account number, while the rest of the columns describe the scenario the Customer Testing Platform would execute if a transaction is executed for the account number.
Let’s review an example:
So above, sending a transaction with the 3400200000001000010
account number to the Customer Testing platform will make the ACS return transStatus=Y
given it is set so in the Final TransStatus column.
In the example above it is important to take the other properties into account - it has to be a mobile app transaction (given there's APP in the Device Channel column), it has to be a 2.1 transaction version (because of the value in the Spec Version column) and a payment authentication transaction (because of the PA
in the Message Category column).
Similarly, the Scenarios repository configures more complex scenarios - challenge flows, decoupled authentication, and others.
The scenarios repository can be visited online - the Scenarios Repository.
The 3DS components deployed as the Customer Testing Platform support 2.1 and 2.2 3DS specifications. The following subsections document each of the components.
This is a single page web application that allows seeing 3DS transaction details. To get started the user pastes an AReq.threeDSServerTransID
value in the search box at the top of the page and presses Enter.
To access the application, open https://transaction-details.ct.msignia.com in the browser.
You can access Scenarios Repository by clicking the “Scenarios” link in the top right corner of the Transaction Details App. |
A fully-featured and certified 3DS Server is deployed to the Customer Testing Platform:
Reference Number: 3DSSERVREF00000001
Auth URL: https://3ds-server.ct.msignia.com/api/v2/authenticate
Supported Versions URL: https://3ds-server.ct.msignia.com/api/v2/supportedVersions
The 3DS Server does not require mutual TLS setup |
The platform has two DS servers available. The two are actually the same but they have different reference numbers and use different type of public keys to decrypt deviceInfo with - RSA and EC. Having two DS servers in the platforms let’s the customers to exercise dual-branded cards scenarios.
This is a mock DS server that complies with 2.1 and 2.2 specifications.
Reference Number: MSIGNIA_MOCK_DS_RSA
Preparation URL: https://ds-server-rsa.ct.msignia.com/api/v2/process
Auth URL: https://ds-server-rsa.ct.msignia.com/api/v2/process
This is the RSA key used by the 3DS SDK to encrypt device information:
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Uko+Z2ESFV5IUXunK08 ouSziFz/OfuRR9H4woBdMbAeyAq0+V5o36tCtiNVYgF2Oi1jBgmEIxIMH9y+W/Mn 0OoiwzV7eQj4tc0q5RM9RzYEMoRCK+0YU4nFzRlDSFQOIPEkEWihPHujyY32qBDy Msl0ctlq5EN+F77u9wCvoxU9OLM3dlAE42dNrbrHWOnpeWg41kk63AUowZlA7QE5 2Tgd/hyaHAy4oQtgp1/+l+SPIAKIoAF+5Ibiss4Y1Wah1RSvDz69UMgHoqc/cvWG 9kTPMtkFoIwW8ta2jhGzvhoNf2X1o2excBLKlWT3hIwGfnw8oYRDlINTZIuTGLc0 cwIDAQAB -----END PUBLIC KEY----- |
The same RSA key but JWK encoded:
{ "kty":"RSA", "e":"AQAB", "kid":"de7655be-3d6f-4802-9d68-c36a9d23e71c", "n":"4Uko-Z2ESFV5IUXunK08ouSziFz_OfuRR9H4woBdMbAeyAq0-V5o36tCtiNVYgF2Oi1jBgmEIxIMH9y-W_Mn0OoiwzV7eQj4tc0q5RM9RzYEMoRCK-0YU4nFzRlDSFQOIPEkEWihPHujyY32qBDyMsl0ctlq5EN-F77u9wCvoxU9OLM3dlAE42dNrbrHWOnpeWg41kk63AUowZlA7QE52Tgd_hyaHAy4oQtgp1_-l-SPIAKIoAF-5Ibiss4Y1Wah1RSvDz69UMgHoqc_cvWG9kTPMtkFoIwW8ta2jhGzvhoNf2X1o2excBLKlWT3hIwGfnw8oYRDlINTZIuTGLc0cw" } |
This is a mock DS server that complies with 2.1 and 2.2 specifications.
Reference Number: MSIGNIA_MOCK_DS_EC
Preparation URL: https://ds-server-ec.ct.msignia.com/api/v2/process
Auth URL: https://ds-server-ec.ct.msignia.com/api/v2/process
This is the EC key used by the 3DS SDK to encrypt device information:
-----BEGIN EC PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE7YTOG/nT8NtzC7sgQDEEsbkFX6VE XdzXgpoU0FD7gRZOHV6PocXQr3JWDcMzQrrNCvEREFKhfn3supp2Uirvug== -----END EC PUBLIC KEY----- |
The certificate is used by the mock ACS to sign acsVersionContent
data:
-----BEGIN CERTIFICATE----- MIID4zCCAsugAwIBAgIBATANBgkqhkiG9w0BAQsFADB7MQswCQYDVQQGEwJVUzEL MAkGA1UECBMCVE4xEDAOBgNVBAoTB01TSUdOSUExDDAKBgNVBAsTA1JORDEXMBUG A1UEAxMOTVNJR05JQSBSTkQgQ0ExJjAkBgkqhkiG9w0BCQEWF3BhdmxvLmx5c292 QG1zaWduaWEuY29tMB4XDTE5MTExMzA3MzYwMFoXDTI5MTExMzA3MzYwMFowezEL MAkGA1UEBhMCVVMxCzAJBgNVBAgTAlROMRAwDgYDVQQKEwdNU0lHTklBMQwwCgYD VQQLEwNSTkQxFzAVBgNVBAMTDk1TSUdOSUEgUk5EIENBMSYwJAYJKoZIhvcNAQkB FhdwYXZsby5seXNvdkBtc2lnbmlhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAPSn+PdwUVXYq5IQN+vrcxM3WfR5Xpgb3OpIRkka863duH0j3Uh/ poaFxnp/j0dGbefYaKaXGZSFX/E3FWaAFGKHV2Lbt4uxYkJx4Fa2gXsBxqdOd4Li aqSRSZXPtYMqoMbCOQj4lqtthBNe5BDX6/1HDJELLo8sxnIyfwxgbome3s9e6Rpz p+M9XgOtfyuSzPhzY0bWeBrHDzPcKkxQgKZeywlgApCPPfoYEvBDfzGbNns4yA+v sqYGDcctplQceUG6EFN68qbmy3CzV8zQMHFkHqIJ/l1V5RlGT9b5QhNVhu4MJo// W8LaA6vdyyqPnS7Hbvp6JklkMVxJJhWl0t8CAwEAAaNyMHAwDwYDVR0TAQH/BAUw AwEB/zAdBgNVHQ4EFgQU443mM7cesLlNiq01jfVfyJ7Rh1gwCwYDVR0PBAQDAgEG MBEGCWCGSAGG+EIBAQQEAwIABzAeBglghkgBhvhCAQ0EERYPeGNhIGNlcnRpZmlj YXRlMA0GCSqGSIb3DQEBCwUAA4IBAQBOY7ETJ0MyrQ44MYNbkGI7fIij5oxM0In0 Z4ZT5NCA1p3fJP/PV8oxONE+7ix1GlCw8RR59L2VQGkg4I2vSj0DHqpuPf3u86Fm gZtkhcF41dlWSic1B5oaA610iglITgu/gyZrC+r6RHGIKfyLX+u8YGc6WfI8g/ED aVQcnq/PZAEeZtBGiZdYxnIQhIOxV04nFmtOjSyyMt5NXMHFLHRnewSI6tojcFm2 lm6WMZQXFqGyvkxjmPQXFFBCupAAPIkm0lIIvZqtvLOOqmU7et4Oy5pihyaHjg67 cdmlv/p990e7YYfzdQSKezWrdwXW4EAGBTyuAZ67a5XCOUi17JZU -----END CERTIFICATE----- |
The DS Server does not require mutual TLS setup |
This is a mock ACS server that complies with 2.1 and 2.2 specifications.
Reference Number: 00001ACS00001
3DS Method URL: https://acs-server.ct.msignia.com/api/v1/3ds_method
The ACS Server does not require mutual TLS setup |
In order to trigger DECOUPLED AUTH flow, the merchant backend sample application needs to be updated/recompiled to include AReq.threeDSRequestorDecReqInd
to be Y
.
The Customer Testing platform does not set this data element.
To run a 3RI transaction, the AReq.deviceChannel
should be set to 03
in the sample merchant backend. The sample backend needs to be recompiled and restarted.
The Customer Testing platform sets this data element to be 01(APP)
when request comes from the mobile sample app and 02(BRW)
when it comes from the browser.
To run a Non Payment Authentication flow (NPA) the merchant backend sample application needs to be updated/recompiled to include AReq.messageCategory
to be 02
.
The Customer Testing platform sets this data element to be 01(PA)
.