Platform-managed 3DS authentication

Learn how to test your Assisted 3DS integration in our staging environment. This guide covers how to simulate different authentication challenge scenarios and outcomes without impacting real users.

In this model, the MatchMove banking platform takes direct ownership of the 3D Secure (3DS) authentication process. It acts as the control server that generates One-Time Passwords (OTPs) and delivers the OTPs directly to its cardholders via its own communication infrastructure (SMS or email).

How It Works

1. Trigger: A transaction initiates 3DS verification.
2. Generation: The MatchMove banking platform generates the secure OTP internally.
3. Delivery: The platform transmits the OTP using its own integrated notification gateways (e.g., direct SMS integration or internal email servers).
4. Verification: The cardholder inputs the code in the 3DS challenge page, and the platform validates it to authorize the transaction.

Cardholder delivery

This model places the delivery liability squarely on the MatchMove. MatchMove will be responsible for maintaining high-availability SMS and email gateways. It also ensures its own customer profile data (mobile numbers/emails) is the single source of truth for delivery. Because OTP will only be delivered to the registered mobile and email of the cardholder.

By default, OTP will be delivered to the cardholder's mobile number. When configured and enabled, email OTP will also be delivered alongside SMS.