Skip to main content
Version: Beta

3-D Secure with external MPI

Gr4vy's Universal 3-D Secure can also be used with your own, external, 3-D Secure MPI.


To use 3-D Secure with your own MPI, we assume you have handled the 3-D Secure on your end and have collected the relevant data received at the end of the flow.

The POST /transactions API supports directly passing 3-D Secure data as part of the transaction request. We will pass this data along to the payment service assuming it this data via their API.

curl -i -X POST "https://api.{gr4vyId}" \
-H "Authorization: Bearer [JWT_TOKEN]" \
-H "Content-Type: application/json" \
-d '{
"amount": 1299,
"currency": "USD",
"payment_method": {
"method": "card",
"number": "4111111111111111",
"expiration_date": "11/25",
"security_code": "123",
"redirect_url": ""
"three_d_secure_data": {
"cavv": "3q2+78r+ur7erb7vyv66vv8=",
"eci": "05",
"version": "2.1.0",
"directory_response": "C",
"caav_algorithm": "1",
"xid": "ODgxNDc2MDg2MDExODk5MAAAAAA=",
"authentication_response": "Y"
Payment service compatibility

Not all payment services support external 3-D Secure data, and therefore even when this data is provided we still expect a redirect_url as well. If none of the selected payment services support the pass-through of 3-D Secure data the Gr4vy API might return a pending transaction with an approval_url in the response.