Links

Building payment workflows

Learn how to create SCA-compliant workflows using Drop-in payments or DigitalRiver.js with elements.
You can create Strong Customer Authentication (SCA) compliant workflows for both purchase transactions and account management.
When building workflows that use Drop-in payments, you first need to perform some common, initial steps before proceeding to the workflow specific steps.‌ For workflows using DigitalRiver.js with elements, you also need to complete some prerequisites.
Each purchase and account management workflow has some key settings and methods.
Whether you're using Drop-in payments or DigitalRiver.js with elements, all SCA requirements are automatically managed by Digital River. Two-factor authentication is handled by our authenticate source method. And our card acquirers use the 3-D Secure protocol to communicate with issuing banks. This protocol operates "behind-the-scenes" and requires no developer interaction.

Key settings and methods

The following chart lists some of the key settings and methods you should use when building purchase and account management flows. It's meant to be read from left-to-right and top-to-bottom. For example:
For a more complete description of how to build each flow, refer to the appropriate section on this page.
Click to enlarge image

Common Drop-in payments steps

For any workflow that uses Drop-in payments, whether it's built for purchases or account management, you first need to perform the following steps:
Once you've completed these initial steps, you can perform those specific to your desired purchase or account management scenario.

Elements prerequisites

When using DigitalRiver.js with elements to build workflows, you need to be using payment sessions. So ensure you've completed the necessary migration. We also assume you are familiar with creating and styling elements as well as the basics of capturing payment details.
Once you've completed these prerequisites, you can perform the steps specific to your desired purchase or account management scenario.

Purchase flows

For almost all one-off, subscription, and mail-order/telephone-order (MOTO) transactions, Digital River supports SCA-compliant workflows that use either Drop-in payments or DigitalRiver.js with elements.‌

One-off

‌You can develop workflows that allow customers to enter, save, and retrieve their payment information while making one-off purchases.

Customers enter their credit card information

‌In this flow, customers supply their credit card information during a one-off transaction, but don't save it to their account.
SCA required?
Drop-in payments supported?
Elements supported?
Yes
Yes
Yes
Drop-in payments
Elements
Prerequisites: Perform the common Drop-in payments steps.
Step one: Build a checkout with all tax, shipping, duty and fee amounts in a final state and a chargeType that is customer_initiated.
Step two: Retrieve the checkout's payment session identifier, and use it to set sessionId in the Drop-in payments' configuration object. In options, set flow to checkout and usage to convenience.
let configuration = {
sessionId: "d3941a36-6821-4d93-be23-6190226ae5f7",
options: {
flow: "checkout",
usage: "convenience"
}
...
}
Step three: Use the configuration object to instantiate Drop-in payments.
let dropin = digitalriver.createDropin(configuration);
Step four: On your checkout page, specify a container to place Drop-in payments.
The modal window renders in the specified container.
Customers enter their credit card information and click the configurable pay now button.
If the customer completes the necessary SCA, then the onSuccess method is called and Digital River returns a unique source in a chargeable state.
...
onSuccess: function (data) { doSometingWithTheSource(data) },
...
Prerequisites: Refer to the Elements prerequisites section.
Step one: Build a checkout with all tax, shipping, duty and fee amounts in a final state and a chargeType that is customer_initiated.
Step two: Retrieve the payment session identifier, and use it to configure the createSource() method. The configuration object should also set futureUse to false and usage to convenience.
let payload = {
"sessionId": "ea03bf6f-84ef-4993-b1e7-b7d5ecf71d1f",
"futureUse": false,
"usage": "convenience",
...
}
digitalriver.createSource(payload).then(function(result) {
if(result.state === "chargeable") {
sendToBackEnd(result);
} else {
doErrorScenario();
}
});
Once the method is called and the customer provides the required SCA, a unique Source in a chargeable state is returned.

Customers save their credit card information

In this flow, customers enter credit card information and save it to their account during a one-off transaction.
SCA required?
Drop-in payments supported?
Elements supported?
Yes
Yes
Yes
Drop-in payments
Elements
Prerequisites: Perform the common Drop-in payments steps.
Step one: Build a checkout with a registered customer and all tax, shipping, duty and fee amounts in a final state. The chargeType should be customer_initiated.
Step two: Retrieve the checkout's payment session identifier, and use it to set sessionId in the Drop-in payments' configuration object. In options, set flow to checkout, usage to convenience, and (to prompt Drop-in payments to display the save payment option) showSavePaymentAgreement to true.
let configuration = {
sessionId: "d3941a36-6821-4d93-be23-6190226ae5f7",
options: {
"flow": "checkout",
"showSavePaymentAgreement": true,
"usage": "convenience"
},
...
}
Step three: Use the configuration object to instantiate Drop-in payments.
let dropin = digitalriver.createDropIn(configuration);
Step four: On your checkout page, specify a container to place Drop-in payments.
The modal window renders in the specified container.
Customers enter their credit card information, actively accept the save payment agreement and click the configurable pay now button.
If the customer completes the necessary SCA, then the onSuccess method is called and Digital River returns a unique source in a chargeable state that is readyForStorage.
...
onSuccess: function (data) { doSometingWithTheSource(data) },
...
Prerequisites: Refer to the Elements prerequisites section. Your flow also needs to display the storage terms and provide customers the option of saving their payment information.
Step one: Build a checkout with a registered customer and all tax, shipping, duty and fee amounts in a final state. The chargeType should be customer_initiated.
Step two: Retrieve the payment session identifier, and use it to configure the createSource() method. The configuration object should also set futureUse to true and usage to convenience. Use mandate.terms to pass the save payment agreement that the customer accepts.
var payload = {
"type": "creditCard",
"sessionId": "ea03bf6f-84ef-4993-b1e7-b7d5ecf71d1f",
"futureUse": true,
"usage": "convenience",
...
"mandate": {
"terms": "Yes, please save this account and payment information for future purchases."
}
}
digitalriver.createSource(payload).then(function(result) {
if (result.error) {
//handle errors
} else {
var source = result.source;
//send source to back end
sendToBackend(source);
}
});
Once the method is called and the customer provides the required SCA, a unique Source in a chargeable state is returned.

Customers retrieve their credit card information

In this one-off purchase flow, customers select a credit card that they previously saved to their account. The key step is to call the authenticate source method.
SCA required?
Drop-in payments supported?
Elements supported?
Yes
No
Yes
Drop-in payments
Elements
Drop-in payments does not currently support retrieving saved payment methods. In order to handle this flow, use Elements.
Prerequisites: Refer to the Elements prerequisites section.
Step one: Build a checkout with a registered customer and all tax, shipping, duty and fee amounts in a final state. The chargeType should be customer_initiated.
Step two: Retrieve the customer's payment sources and display them to the customer during the checkout process.
Step three: If the customer opts to use a saved payment method, you'll need to determine whether SCA is required. To do this, configure and call the authenticateSource() method.
...
digitalriver.authenticateSource({
"sessionId": "65b1e2c2-632c-4240-8897-195ca22ce108",
"sourceId": "ee90c07c-5549-4a6b-aa5f-aabe29b1e97a",
"sourceClientSecret": "ee90c07c-5549-4a6b-aa5f-aabe29b1e97a_51afe818-0e7f-46d7-8257-b209b20f4d8",
"returnUrl": "https://returnurl.com"
}).then(function(data) {
});
...
After the method is invoked, Digital River automatically handles any required SCA. Once authentication is complete or is determined not to be necessary, the method resolves, allowing the checkout flow to continue.
If authentication is successful, Digital River returns the Source in a chargeable state.

Subscription

You can create SCA-compliant workflows that allow customers to either save or retrieve a recurring payment method during subscription acquisitions. You can also set up workflows for merchant-initiated autorenewals.
SCA is required for subscription acquisitions but not merchant-initiated auto-renewals.

Customers enter and save their payment information during a subscription acquisition

In this flow, customers save payment information to their account and use that payment source to acquire an auto-renewing subscription.
SCA required?
Drop-in payments supported?
Elements supported?
Yes
Yes
Yes
Drop-in payments
Elements
Prerequisites: Perform the common drop-in steps.
Step one: Build a checkout with a registered customer and all tax, shipping, duty and fee amounts in a final state. Set chargeType to customer_initiated and autoRenewal to true.
Step two: Retrieve the checkout's payment session identifier, and use it to set sessionId in the Drop-in payments' configuration object. In options, set flow to checkout, usage to subscription, and (to prompt Drop-in payments to display the combined subscription terms and save payment agreement) showTermsOfSaleDisclosure to true.
let configuration = {
sessionId: "d3941a36-6821-4d93-be23-6190226ae5f7",
options: {
"flow": "checkout",
"showTermsOfSaleDisclosure": true,
"usage": "subscription"
},
...
}
Step three: Use the configuration object to instantiate Drop-in payments.
let dropin = digitalriver.createDropIn(configuration);
Step four: On your checkout page, specify a container to place Drop-in payments.
The modal window renders in the specified container.
Customers must enter their credit card information, actively accept the terms and click the configurable pay now button.
If the customer completes the necessary SCA steps, then the onSuccess method is called and Digital River returns a unique source in a chargeable state that is readyForStorage.
...
onSuccess: function (data) { doSometingWithTheSource(data) },
...
Prerequisites: Refer to the Elements prerequisites section. At some point during the flow, you also need to display the subscription's terms and save payment agreement and acquire the customer's active acceptance of them.
Step one: Build a checkout with a registered customer and all tax, shipping, duty and fee amounts in a final state. Set chargeType to customer_initiated and autoRenewal to true.
Step two: Once the customer selects the option to save the payment method and agrees to the displayed terms, retrieve the payment session identifier, and use it to configure the createSource() method. The configuration object should also set futureUse to true and usage to subscription. Use mandate.terms to pass the save payment agreement that the customer accepts.
Once the customer provides the required SCA, a unique Source in a chargeable state is returned.
var payload = {
"type": "creditCard",
"sessionId": "ea03bf6f-84ef-4993-b1e7-b7d5ecf71d1f",
"futureUse": true,
"usage": "subscription",
...
"mandate": {
"terms": "Yes, please save this account and payment information for future purchases."
}
}
digitalriver.createSource(payload).then(function(result) {
if (result.error) {
//handle errors
} else {
var source = result.source;
//send source to back end
sendToBackend(source);
}
});

Customers retrieve credit card details during a subscription acquisition

In this flow, customers select a credit card they previously saved to their account and use it to acquire an auto-renewing subscription.
‌The key step is to call the authenticate source method.
SCA required?
Drop-in payments supported?
Elements supported?
Yes
No
Yes
Drop-in payments
Elements
Drop-in payments does not currently support retrieving stored payment methods. In order to handle this flow, use Elements.
Prerequisites: Refer to the Elements prerequisites section.
Step one: Build a checkout with a registered customer and all tax, shipping, duty and fee amounts in a final state. Set chargeType to customer_initiated and autoRenewal to true.
Step two: Retrieve the customer's payment sources and display them to the customer during the checkout process.
Step three: If the customer opts to use a saved payment method, you'll need to determine whether SCA is required. To do this, configure and call the authenticateSource() method.
...
digitalriver.authenticateSource({
"sessionId": "65b1e2c2-632c-4240-8897-195ca22ce108",
"sourceId": "ee90c07c-5549-4a6b-aa5f-aabe29b1e97a",
"sourceClientSecret": "ee90c07c-5549-4a6b-aa5f-aabe29b1e97a_51afe818-0e7f-46d7-8257-b209b20f4d8",
"returnUrl": "https://returnurl.com"
}).then(function(data) {
});
...
After invoking this method, Digital River automatically handles any required SCA. Once authentication is complete or is determined not to be necessary, the method resolves, allowing the checkout flow to continue.
Digital River returns a unique Source in a chargeable state.

Merchant-initiated auto renewals

In this workflow, a merchant initiates the auto-renewal of a subscription. Although this type of workflow doesn't require SCA, you should ensure you're correctly handling auto-renewing subscriptions.
SCA required?
Drop-in payments supported?
Elements supported?
No
N/A
N/A

Mail order/telephone order

SCA is not required for transactions where customers provide their payment details by regular mail, fax, or telephone. But both Drop-in payments and Elements support building workflows for mail order and telephone order (MOTO) transactions.
SCA required?
Drop-in payments supported?
Elements supported?
No
Yes
Yes
Drop-in payments
Elements
Prerequisites: Perform the common Drop-in payments steps.
Step one: Build a checkout with a chargeType of moto and all tax, shipping, duty and fee amounts in a final state. This configures Drop-in payments to display only payment methods that are supported in MOTO transactions.
Step two: Retrieve the checkout's payment session identifier, and use it to set sessionId in the Drop-in payments' configuration object. In options, set flow to checkout and usage to convenience.
let configuration = {
sessionId: "d3941a36-6821-4d93-be23-6190226ae5f7",
options: {
flow: "checkout",
usage: "convenience"
}
...
}
Step three: Use the configuration object to instantiate Drop-in payments.
let dropin = digitalriver.createDropin(configuration);
Step four: On the checkout page, specify a container to place Drop-in payments.
The modal window renders in the specified container.
The merchant's representative enters the customer's credit card information and clicks the configurable pay now button. If the payment is authorized, then the onSuccess method is called and Digital River returns a unique source in a chargeable state.
...
onSuccess: function (data) { doSometingWithTheSource(data) },
...
Prerequisites: Refer to the Elements prerequisites section.
Step one: Build a checkout with a charge type of moto and all tax, shipping, duty and fee amounts in a final state.
Step two: Retrieve the payment session identifier, and use it to configure the createSource() method. The configuration object should also set futureUse to false and usage to convenience.
Once the method is invoked and payment is authorized, a unique Source is returned in a chargeable state.
let payload = {
"sessionId": "ea03bf6f-84ef-4993-b1e7-b7d5ecf71d1f",
"futureUse": false,
"usage": "convenience",
...
}
digitalriver.createSource(payload).then(function(result) {
if(result.state === "chargeable") {
sendToBackEnd(result);
} else {
doErrorScenario();
}
});

Account management flows

You can create flows that allow customers to manage recurring payment methods through their account portal.
In these account management flows, you only need to adhere to SCA regulations when saving a customer's credit card for future use. While storing a card, make sure you identify the future use of the source. This increases the probability that future transactions will be approved.
You're not required to provide SCA when updating a credit card's expiration date or billing address.

Saving a credit card for future use

In this flow, customers use their account portal to save credit card information for use in future transactions.
SCA required?
Drop-in payments supported?
Elements supported?
Yes
Yes
Yes
Drop-in payments
Elements
Prerequisites: Perform the common drop-in steps.
Step one: Go to a page in your integration where customers manage their payment methods.
Step two: In the configuration object's options, set flow to managePaymentMethods and specify a value for usage that identifies the likely future use of the payment source.
If customers are replacing an active subscription's recurring billing instrument, make sure you set usage to subscription and showTermsofSaleDisclosure to true. This prompts Drop-in payments to display a recurring billing agreement and forces customers to accept it.
Because this is a managePaymentMethods flow, and there's no payment session to reference, you shouldn't provide a sessionId. As a result, you'll need to pass the billing information you collect from customers in billingAddress.
Step three: Use the configuration object to instantiate Drop-in payments.
let dropin = digitalriver.createDropIn(configuration);
Step four: On the account management page, specify a container to place Drop-in payments.
The modal window renders in the specified container.
Customers enter their credit card information, select the save payment agreement option and click the configurable add payment method button.
If the customer completes the necessary SCA, then the onSuccess method is called and a chargeable source is returned that is readyForStorage.
...
onSuccess: function (data) { doSometingWithTheSource(data) },
...
Prerequisites: Refer to the Elements prerequisites section. You also need to display the save payment agreement and acquire the customer's active acceptance.
Step one: Once a customer selects the option to save a payment method and agrees to the displayed terms, the configuration object should set futureUse to true, configure usage to identify the future use of the payment source, and provide the mandate.terms that the customer agreed to on your storefront.
var payload = {
"type": "creditCard",
"futureUse": true,
"usage": "subscription",
...
"mandate": {
"terms": "Yes, please save this account and payment information for future purchases."
}
}
digitalriver.createSource(payload).then(function(result) {
if (result.error) {
//handle errors
} else {
var source = result.source;
//send source to back end
sendToBackend(source);
}
});
Once the customer provides the required SCA, a Source in a chargeable state is returned.

Updating a credit card's expiration date or billing address

In this flow, customers use their account portal to update the expiration date or billing address on a saved credit card.
SCA required?
Drop-in payments supported?
Elements supported?
No
No
Yes
Drop-in payments
Elements
Drop-in payments does not support interacting directly with saved payment methods‌
Prerequisites: Refer to the Elements prerequisites section.
Step one: Retrieve the customer's payment sources and display them to the customer.
The customer selects the payment method to update.
Step two: Capture the updated expiration date or billing address from the customer and pass it to the update source method.