Braintree Integration Error: Detected a 3DS 1.0 Form POST to a 3DS 2.0 Endpoint

1.2k views Asked by At

I am trying to implement 3DS with braintree recurrent payments and I am using drop-in UI. I do the following steps:

  1. I make a braintree.dropin.create in order to obtain a dropin instance.
  2. I make a braintree.threeDSecure.create (version: 2) in order to obtain a threeDSecure instance.
  3. I make a requestPaymentMethod call on the dropin instance using { threeDSecure: { amount: "AMOUNT", email: "EMAIL" }} object.
  4. I use the nonce obtained from requestPaymentMethod to make a customer->create call.
  5. I create a new nonce based on the token obtained from the new customer, using paymentMethodNonce()->create.
  6. I make a verifyCard call on the threeDSecure instance, with the obtained nonce, in order to get a new nonce upgraded with 3DS.
  7. I make a subscription()->create call using the upgraded nonce.

For testing, I'm using their cards (https://developers.braintreepayments.com/guides/3d-secure/testing-go-live/php). The problem is that when I'm testing the cards related to Challenge, after making the Challenge (entering the code) and submitting, a popup with the error "Integration Error: Detected a 3DS 1.0 Form POST to a 3DS 2.0 Endpoint" appears. If I use any of the other cards, everything works fine, the subscriptions are made in sandbox and the transactions appear to be realised using 3DS. Does somebody have any idea what is that error?

Thanks

2

There are 2 answers

0
pawelbylina On

The problem is connected to window.postMessage() messaging. If your application, or like in the example above browser extension, use this kind of communication, it affects Braintree. This is because Braintree doesn't filter messages in this channel, and they treat all the messages like internal Braintree communication. Because of that, if any message doesn't fit into the internal Braintree format exception occurs, and 3DS will fail.

Support is not helpful at all here. They ignored me ;)

0
John Winstanley On

We had the same issue with Braintree Hosted fields (latest .NET and JavaScript APIs) when integrating with their sandbox.

In our case we were using the Night Eye chrome extension. Removing the extension resolved the issue.

We discussed the issue with Braintree directly (before finding out about the extension fix) and they noted with us

"That error message comes from our MPI provider, Cardinal Commerce. Historically, this error message has occurred as the result of a temporary outage or during one of their sandbox maintenance windows."

We saw errors in the development console in files from https://songbirdstag.cardinalcommerce.com failing to parse JSON so it matches what they are saying.

If you do get this error then Braintree suggest getting in touch with their support so they can examine your specific case.

You can submit a support ticket to Braintree [email protected]. Its also worth looking at the transactions in the payment portal to see what type of 3DS is being used.