Security Flows

When using the API to create payments in an online store, you can implement any of the following security-related flows according to your requirements:

• Tokenization operations: Processes associated with exposing card data;
• 3D Secure authentication operations: Processes associated with validating the customer’s payment method authorization. When using simple payments you can take advantage of the Combine Payments and Pre-authorization features.
  

1. Tokenization operations
   • Simple payments without tokenization: It will create a payment without tokenizing the customer’s card, by sending the card data open.
   • Simple payments with tokenization: It will create a payment using a previously tokenized card.
2. 3D Secure authentication operations
   • Using 3DS GetNet Solution: The 3DS 2.X protocol has two flow types based on whether the card issuer decides to challenge the customer to authenticate or not: Frictionless flow: The customer is not challenged and is considered authenticated without needing to be redirected. Challenge flow: The customer is challenged and must authenticate with the card issuer.
   • Using third-party 3DS solution: In this scenario, 3DS authentication is managed outside the GetNet API using an external solution, and authentication is completed before the payment authorization.