The Web SDK is a set of methods; it does not intervene with your UI except in two cases:
- If you are using the Web SDK Fields feature for PCI descoping.
To be descoped, you need us to retrieve the cardholder details. In this case, the Web SDK plants the card fields in your form. However, you have full control of customizing these fields using your code.
- If you are performing the 3D Challenge.
In this case, the Web SDK opens the 3D-Secure challenge dialog. You can control some styling parameters of the challenge dialog box directly from your code.
There are no significant benefits to using API instead of Web SDK. API allows you to manually set up a full payment flow, but this takes time and is quite complex.
The Web SDK methods already optimize the entire payment flow, reduces complexity, and saves you lots of implementation time. As for user experience, you have the same control over your UI/UX using Web SDK or API. Web SDK even allows you to authenticate payments using the authenticate3d() method, and subsequently, if necessary, route them to other acquirers/PSPs to complete the processing.
Yes, the Web SDK can work with other acquirers/PSPs. The authenticate3d() Web SDK method performs an end-to-end 3Dv2-only authorization, but instead of completing the transaction, it returns a 3DS result (
eci, etc.). You can either:
- Sent these results to another acquirer/PSP to complete the processing, with no need to call their SDKs as well.
- Use Nuvei to complete the transaction using REST API or the legacy Gateway.
Theoretically, with enough expertise, testing, and budget, you could perform all the payment flow steps and sub-steps using the Direct APIs.
However, for your convenience, we have already coded the “industry proven” process and our best practices into easy-to-use Web SDK methods.
(For more information regarding the full implementation guide for 3D-Secure v2, please contact the Nuvei Integration Team.)
3D-Secure v2 is mandatory for all transactions in the EEA (European Economic Area).
In short, you have to implement the following (relevant to any provider not just Nuvei):
- Authenticate with the provider /getSessionToken.
- Send a request to determine the cardholder 3D-Secure version /initPayment.
- Perform fingerprinting according to the 3D-Secure definition (done by you).
- Perform a 3D-Secure authorization request /initPayment:
If Version 1.0 (done by you):
a. Analyze the response and, if needed, perform 3D-Secure v1 redirection.
b. Analyze the 3D-Secure v1 response.
c. Handle non-enrolled users and walkaways.
If Version 2.0 (done by you):
a. Handle exemptions.
b. Handle the frictionless scenario.
c. Handle the challenge scenario.
- Perform the payment request /payment.
- Handle response.
Instead, what you need to do with the Web SDK is:
This is completely seamless to you as long as you are using the Web SDK. However, if you have implemented the API, you may need to make changes.
The quickest way to migrate is by using the Web SDK authenticate3d method, not only for an existing Nuvei integration, but for any integration that you have with any provider. This method performs the end-to-end 3D 2.0 flow, but instead of directly continuing to process the transaction, it returns the 3D result and authentication information (cavv and eci). You just need to add these result fields to your existing API integration, either with Nuvei or with another provider.
Yes. There is still a big advantage in using the Web SDK, since besides performing PCI descoping, it significantly simplifies any payment flow.
The Web SDK can receive clear text cardholder information and in this way the cardholder information is not prevented or hidden (descoped) from you.
Yes. Since our code is hosted in our servers, the PCI is preserved even though the Web SDK is used by your page. You can choose to either use it by sending clear text cardholder information or using our tokenization solution.
Yes. The Web SDK can receive
userPaymentOptionId as an input.