You're viewing documentation for our latest API. This will not impact your integration, but you will need the documentation relevant to you. If you have an account with Checkout.com you have received an email confirming which version to use.
The Standalone (Sessions) API is a standalone solution to authenticate online transactions with the EMV 3D Secure (3DS) protocol, allowing you to implement smarter 3DS authentication flows. The solution also:
gives you greater visibility of the issuers' authentication decisions
provides a smoother experience for your customers, while helping you fulfil the Strong Customer Authentication (SCA) requirements of the second Payment Services Directive (PSD2)
provides a fallback to 3DS version 1.0, if the issuer does not support the latest version of 3DS
Once you have completed the authentication via Standalone (Sessions), you can then authorize the payment using one of the following methods:
You can choose from two solutions: non-hosted or hosted.
Standalone (Sessions) currently supports Visa (Verified by Visa / Visa Secure) and Mastercard (Identity Check). We will soon add support for additional schemes, including American Express (SafeKey).
Non-hosted sessions are designed for those who want full control over their authentication flow.
Initiate an authentication through the Standalone (Sessions) API using a card or a network token, set completion.type to non-hosted and provide completion.callback_url to receive the authentication result.
You will then need to collect channel (either browser or mobile app) and additional authentication data, perform a challenge (if required), and handle the authentication result. You can then proceed to authorize the payment, either through our payment gateway or another PSP.
This is the simplest solution, where we manage the authentication flow for you.
Initiate an authentication through the Standalone (Sessions) API, set completion.type to hosted, provide completion.success_url and completion.failure_url, and redirect the customer using the link in the response. We'll then gather the necessary payment, device and cardholder data and take care of the rest.