Demo Enviroment Redirect checkout 3D Secure

[ngoun]

On Demo environment redirect checkout using 4111 1111 1111 1111 Card Pops up 3D Secure and cannot proceed Example https://demo.vivapayments.com/web/checkout?ref=8601582655172600&lang=el-GR

[matthewrgourd]

Hi there, try 4016000000040000012 as the card number. You can use any future date as the card expiration date and any CVV. Let me know how you get on!

[ngoun]

Does not seem to work... Did you tried it with the link above? If yes did it work for you? I also checked other cards from #899 with no luck. It seems to have some instability on the demo environment. Sometimes it pops up blank modal and sometimes returns Transaction Cancelled by Merchant...

[ngoun]

As for the demo environment is for testing purposes only, should Viva disable 3DS , or having an option from merchant back end account to do so?

[ngoun]

As referenced also at #1040 by @ggamvetas87, it must be a developer bug. After digging a little more I managed to reach the 3DS modal page and after entering the credentials, then the Modirum Server (https://3ds-acs.test.modirum.com) sends a POST to http://demo.vivapayments.com/web/checkout/threedsecurevalidation with PaRes and MD Parameters having the succes code. After that Viva Sends a 301 Response Moved Permanently and redirects to (secure) https://demo.vivapayments.com/web/checkout/threedsecurevalidation but with missing the previous POST parameters. So the modal window freezes and shows nothing. Please @matthewrgourd pass this to Dev Team to look into this...

[matthewrgourd]

Hi @ngoun many thanks for this, I've raised with our dev team and will get back to you with an update shortly.

[stevestavropoulos]

When the 3DS modal is shown, there is a form inside, with action="http://demo.vivapayments.com/web/checkout/threedsecurevalidation", which is never submitted and produces the following error in the console:

Mixed Content: The page at 'https://demo.vivapayments.com/web/checkout?ref=myrefcode' was loaded over HTTPS, but requested an insecure form action 'http://demo.vivapayments.com/web/checkout/threedsecurevalidation'. This request has been blocked; the content must be served over HTTPS.

The obvious solution seems to be a change of the action protocol from http to https.

As it is, demo environment is unusable, as no payment can be completed.

[matthewrgourd]

Hi @ngoun @stevestavropoulos one of our developers has responded to a number of queries in one post. Please see https://github.com/VivaPayments/API/issues/1073#issuecomment-532243393 . Hope this clarifies things!

[stevestavropoulos]

@matthewrgourd the issue you reference is for the Native Checkout method and is not applicable here. There seems to be no solution or workaround for completing a payment in the demo environment with redirect checkout.

Issue should be opened again.

[matthewrgourd]

@stevestavropoulos Ok, looks like there could be a problem here, I'm raising with our senior developer.

[matthewrgourd]

Hi @stevestavropoulos, we think the issue may be due to some of our code samples being out of date and still using including http. I will adjust these as soon as possible but in the meantime if you could replace any instances of http://demo.vivapayments.com with https://demo.vivapayments.com ? Thank you!

[stevestavropoulos]

@matthewrgourd We use the https version and that's how the "mixed content" error occurs. Plain http wouldn't have any such problems.

As I understand it, there are at least two issues here which prevent a successful payment from being made in the demo environment:

1) In demo's payment interface, when 3DS auth tries to start, it fails as it tries to submit a form to a plain http url. This should change to https and we (the outside developers) don't have any kind of access there.

2) Even if the form url is changed to https, payment will still fail, as 3ds auth will not be able to succeed with any test card! You need a 3DS emulator, or a way to disable 3ds in the demo altogether.

Please reopen the issue.

[matthewrgourd]

Hi @stevestavropoulos in the example that you gave, I believe http://demo.vivapayments.com/web/checkout/threedsecurevalidation needs to be replaced with http://demo.vivapayments.com/web/checkout/threedsecurevalidation in the code

[stevestavropoulos]

Sorry @matthewrgourd, but this dialog doesn't seem to work, so I will have to stop responding. Please fix it as soon as you can.

[xiaoyao929]

I have the same problem with Redirect Checkout

[devnullsolutions]

The problem may be reproduced in JSBin example (link provided in docs).

Step 1. Open JSBin example Step 2. Click "Pay" button Step 3. Open "Pay with card" block Step 4. Paste 4111111111111111 into card number field Step 5. Paste 01/22 into expiration date field Step 6. Paste 111 into CVV field Step 7. Paste Jon into First name field Step 8. Paste Snow into Last name field Step 9. Paste some@email.com into email field` Step 10. Click "Pay €10.00" button Step 11. 3DS emulator will be visible for a second and then will be hidden (because of http blocked on https website). Safari will also ask confirmation of sending data to unsecure form.

PS. I took JSBin link from the docs, no changes in example were made by me.

[Talagozis]

The same problem here too, the Redirect procedure does not work on demo. Any other way to test it except going on Live ? Same as #1119

[matthewrgourd]

Hi all, our development team has come back with this response:

We've finished the implementation for the fix and expect it to reach demo environment within the next week. Thank you for your patience

[dpnevmatikos]

Hello everyone, Issue with mixed content is fixed. Can you please try again ? Apologies for any inconvenience caused.

[devnullsolutions]

I'm always getting "This order has been cancelled. Payment order has been canceled by the merchant" message right after I click "Charge €100.00". No 3d secure check. You can try it here https://demo.vivapayments.com/web/checkout?ref=1112939753608869

API response for order with code 1112939753608869:

{ 
  OrderCode: 1112939753608869,
  SourceCode: '9989',
  Tags: [ 'test' ],
  TipAmount: 0,
  RequestLang: 'en-GB',
  MerchantTrns: 'ORDER',
  CustomerTrns: 'PAYMENT',
  MaxInstallments: 0,
  RequestAmount: 100,
  ExpirationDate: null,
  StateId: 0 
}

StateId is 0 that means pending.

@matthewrgourd @dpnevmatikos may you check it for me please?

[ngoun]

@devnullsolutions I think that this message is shown when multiple attempts have been made for that order code. Do the developers confirm this behaviour?

I think the initial Issue is now fixed.. @matthewrgourd @dpnevmatikos If not any more requests can now be closed?

[dpnevmatikos]

Hello everyone, As of yesterday we've released a dummy 3DSecure window which behaves exactly like those found into the production environment, yet allows you to decide the cardholder's authentication outcome :)

We hope that you'll find it useful and more helpful when integrating with our payments platform. Make sure that you let us know if you encounter any issues!

[EuroStreet]

So, are the codes updated now?, Do we need to install again the plugin or what's the solution on this?, Thank you. Also, this issue for me that it keep saying payment failed, it's in live version, not demo. Iam using open cart 2.3.2, and the right plugin from Viva wallet. @matthewrgourd @dpnevmatikos

[HumayunE]

Hi @dpnevmatikos I tried it yesterday but it does not redirect back to website and shows message: "This card does not support electronic transactions. In order to complete this payment please use a different card, or add funds to your Viva Wallet."

I updated it yesterday on #1135 .

Hi @matthewrgourd I have just tried it and it seems the old problem of redirecting is back. Now it is not redirecting back to the website again.

See screenshots:

After clicking on confirm payment it shows the old message again..