Web SDK FAQs

The Web SDK is in the frontend – why doesn’t it impact UI/UX?

The Web SDK is a set of methods; it does not intervene with your UI except in two cases:

  • If you are using the Web SDK Fields feature for PCI descoping.
    To be descoped, you need us to retrieve the cardholder details. In this case, the Web SDK plants the card fields in your form. However, you have full control of customizing these fields using your code.
  • If you are performing the 3D Challenge.
    In this case, the Web SDK opens the 3D-Secure challenge dialog. You can control some styling parameters of the challenge dialog box directly from your code.

How do I get control over what the Web SDK is doing “inside”?

The Web SDK reflects each step of the progress of the payment by submitting JavaScript events. You can abort the process at any time (or let the customer abort the process) and you will receive the relevant nominations.

What control do I gain by using direct API rather than the Web SDK?

There are no significant benefits to using API instead of Web SDK. API allows you to manually set up a full payment flow, but this takes time and is quite complex.
The Web SDK methods already optimize the entire payment flow, reduces complexity, and saves you lots of implementation time. As for user experience, you have the same control over your UI/UX using Web SDK or API. Web SDK even allows you to authenticate payments using the authenticate3d() method, and subsequently, if necessary, route them to other acquirers/PSPs to complete the processing.

Can I work with the Web SDK and process with other acquirers/PSPs?

Yes, the Web SDK can work with other acquirers/PSPs. The authenticate3d() Web SDK method performs an end-to-end 3Dv2-only authorization, but instead of completing the transaction, it returns a 3DS result (cavv and eci, etc.). You can either:

  • Sent these results to another acquirer/PSP to complete the processing, with no need to call their SDKs as well.
  • Use Nuvei to complete the transaction using REST API or the legacy Gateway.

What if I want to do it differently from the way the Web SDK does it?

Theoretically, with enough expertise, testing, and budget, you could perform all the payment flow steps and sub-steps using the Direct APIs.
However, for your convenience, we have already coded the “industry proven” process and our best practices into easy-to-use Web SDK methods.

What’s so complicated about the 3D-Secure v2 flow and how does the Web SDK simplify it?

(For more information regarding the full implementation guide for 3D-Secure v2, please contact the Nuvei Integration Team.)

3D-Secure v2 is mandatory for all transactions in the EEA (European Economic Area).

In short, you have to implement the following (relevant to any provider not just Nuvei):

  1. Authenticate with the provider /getSessionToken.
  2. Send a request to determine the cardholder 3D-Secure version /initPayment.
  3. Perform fingerprinting according to the 3D-Secure definition (done by you).
  4. Perform a 3D-Secure authorization request /initPayment:

If Version 1.0 (done by you):
a. Analyze the response and, if needed, perform 3D-Secure v1 redirection.
b. Analyze the 3D-Secure v1 response.
c. Handle non-enrolled users and walkaways.

If Version 2.0 (done by you):
a. Handle exemptions.
b. Handle the frictionless scenario.
c. Handle the challenge scenario.

  1. Perform the payment request /payment.
  2. Handle response.

Instead, what you need to do with the Web SDK is:

  1. Authenticate.
  2. Call the Web SDK createPayment() or authenticate3d() methods.
  3. Handle the response.

What happens if the 3D-Secure standard changes? Do other standards apply?

This is completely seamless to you as long as you are using the Web SDK. However, if you have implemented the API, you may need to make changes.

What is the quickest way to migrate to 3D-Secure v2?

The quickest way to migrate is by using the Web SDK authenticate3d method, not only for an existing Nuvei integration, but for any integration that you have with any provider. This method performs the end-to-end 3D 2.0 flow, but instead of directly continuing to process the transaction, it returns the 3D result and authentication information (cavv and eci). You just need to add these result fields to your existing API integration, either with Nuvei or with another provider.

I am PCI compliant. Is there any benefit to using the Web SDK?

Yes. There is still a big advantage in using the Web SDK, since besides performing PCI descoping, it significantly simplifies any payment flow.

The Web SDK can receive clear text cardholder information and in this way the cardholder information is not prevented or hidden (descoped) from you.

I am PCI compliant. Am I allowed to use the Web SDK?

Yes. Since our code is hosted in our servers, the PCI is preserved even though the Web SDK is used by your page. You can choose to either use it by sending clear text cardholder information or using our tokenization solution.

Do I need the Web SDK for a tokenized transaction (using userPaymentOptionId)

Yes. The Web SDK can receive userPaymentOptionId as an input.