Skip to content

Automated SCA soft decline retry

Last updated: October 18, 2022

Due to Strong Customer Authentication (SCA) requirements across the European Economic Area (EEA) and UK regions, non-3D Secure (3DS) or frictionless 3DS payments may be declined with a 20154 response code if authorization was presented without SCA, or a valid exemption.

If this happens, we automatically upgrade the payment to 3DS and send a 202 payment response with an "upgrade_reason": "sca_retry" field in the 3ds object. The response also contains a 3DS redirection URL that you should redirect the cardholder to for 3DS authentication.

After the cardholder completes authentication, the subsequent authorization request will be sent with 3DS data.

To retrieve the payment status after authentication, you can use the GET payment details endpoint or subscribe to the payment webhooks.


Opt out of automated SCA soft decline retry

By default, the retry feature is enabled for all impacted payments.

You can disable the automated retry by passing "3ds.allow_upgrade": false in the payment request.

Alternatively, if you'd prefer to have this feature disabled by default, reach out to your Customer Success Manager.

Endpoints

You can find the full list, as well as complete request and response examples, in our API reference.

    post

    https://api.checkout.com/payments

    Copied!

    Request example

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    {
    "source": {
    "type": "card",
    "number": "4500622868341387",
    "expiry_month": 12,
    "expiry_year": 2025,
    "cvv": 257
    },
    "amount": 100,
    "currency": "GBP",
    "3ds": {
    "enabled": false,
    "allow_upgrade": false
    },
    "processing_channel_id": "id"
    }

    Out-of-scope transactions

    Only customer-initiated transactions (CITs) are eligible for the SCA retry solution, as the cardholder must be present or in session to complete the authentication.

    If your merchant-initiated transactions (MITs) are receiving 20154 declines, it’s likely that:

    • The initial CIT to set up the MIT agreement was not authenticated with SCA (challenge)
    • The subsequent MITs were not flagged correctly for issuers to identify them as out of scope for SCA

    Refer to our SCA compliance guide for information on how to correctly flag the initial CIT and subsequent MITs.


    Test the automated SCA soft decline retry

    To test the flow in the sandbox environment, you can use the following 'magic card number': 4500622868341387.

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    {
    "source": {
    "type": "card",
    "number": "4500622868341387",
    "expiry_month": 12,
    "expiry_year": 2025,
    "cvv": 257
    },
    "3ds":{
    "enabled": false,
    "allow_upgrade": true
    },
    "amount": 6510,
    "currency": "USD",
    "capture": false
    }