3DS token OTP notification

Here in below description, ‘Client’ means the organization which is implementing Contis API.

Contis API service notifies the client about 3DS OTP for consumer to authenticate online card transaction. Client should notify consumer via consumer’s preferred delivery option email or SMS.

The client must integrate the call back URL in the Contis API service to receive notifications. If client does not prefer to configure URL then Contis could send 3DS OTP to consumer directly on behalf of client.

3DS token OTP notification parameters

Parameters Type Description Default value
NotificationType string Three-digit unique identifier of notification. Numeric value “059” denotes the 3DS token OTP for online card transactions. Blank
CardHolderID integer Unique identifier of the consumer. 0
CardID integer Unique identifier of the card. 0
OTPType string Indicates token type, value will be fixed “3DS Token”. Blank
OTPCode string Unique 6-digit, time-limited, one-time-use password needs to be sent on the registered mobile or email. Blank
OTPDeliveryType string Notification delivery option selected by card holder while doing online card transaction. Values can be either “Email” or “SMS”. Blank
Mobile string Mobile Number of the consumer. (includes country code) Blank
Email string Email Address of consumer. Blank
MerchantName string Name of merchant through whom online transaction is initiated. Blank
TransactionAmount string Transaction amount. Blank
TransactionCurrency string Currency code associated to transaction amount. e.g. GBP, USD, EUR etc. Blank
TransactionID string Transaction identifier for reference, this can be used if need to do inquiry related the OTP notification in Contis. Blank
SecurityHash string String value generated through hash logic with all the above parameters (To verify the values posted on URL) Blank

Example of 3DS OTP notification

The table shows an example of a 3DS OTP notification sent to the consumers.

Parameter name Value
NotificationType 059
CardHolderID 60039
CardID 14023
OTPType 3DS Token
OTPCode 323767
OTPDeliveryType SMS
Mobile 449537585838
Email xyz@gmail.com
MerchantName amazone.com
TransactionAmount 100
TransactionCurrency USD
TransactionID 15342422
SecurityHash 006d192316c215bac566dba2696fa4b7e2efdc93cc465fc982001c163b7b6f03

To generate the Security Hash:

Hash sequence : NotificationType&CardHolderID&CardID&OTPType&OTPCode&OTPDeliveryType&Mobile&Email&MerchantName&TransactionAmount&TransactionCurrency&TransactionID&HashPAN Key

HashDataString :059&60039&14023&3DS Token&323767&SMS&449537585838&xyz@gmail.com&amazone.com&100.00&USD&15342422&
SecurityKey : abcdefghijklmnop
HashGenerationData : HashDataString + SecurityKey
Hash : 006d192316c215bac566dba2696fa4b7e2efdc93cc465fc982001c163b7b6f03

Note: In this example, the SecurityKey = is the “Hash PAN Key” provided to the client in the API configuration file.

JSON Example

   "NotificationType": "059",
   "CardHolderID": "60039",
   "CardID": "14023",
   "OTPType": "3DS Token",
   "OTPCode": "323767",
   "OTPDeliveryType": "SMS",
   "Mobile": "449537585838",
   "Email": "xyz@gmail.com",
   "MerchantName" : "amazone.com",
   "TransactionAmount" : "100",
   "TransactionCurrency" : "USD",
   "TransactionID" : "15342422",
   "SecurityHash" : "006d192316c215bac566dba2696fa4b7e2efdc93cc465fc982001c163b7b6f03"