There are no any controls to proceed with on an AlphaHPP 3D Secure page

[dmitrii-fediuk]

Step 1

Step 2

AlphaCommerceHub's merchant interface

The payment transaction is marked as «Request successful»

Step 1 details

General

Request URL: https://hubuat.alphacommercehub.com.au/pp/ac580978-81f0-4716-bfc3-3bc46eab8603
Request Method: POST
Status Code: 200 OK
Remote Address: 76.12.61.237:443
Referrer Policy: no-referrer-when-downgrade

Response headers

HTTP/1.1 200 OK
Date: Wed, 15 Nov 2017 05:17:00 GMT
Server: Microsoft-IIS/8.5
Cache-Control: private
Content-Type: text/html; charset=utf-8
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7060
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

Request headers

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,ru;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1280
Content-Type: application/x-www-form-urlencoded
Cookie: __RequestVerificationToken=n-B5epNpZExPBpdLRWY_IOg_zxlnxkKjL1utioq1JrxE6rgCQN9BJ480lFpp8mWnGdzLeRMhjjnUk-PHF_BJBywBGWw7qNJYr6zSdMzZPcjvYobCiCRY5Eyc2vjI9cd0Pdv0_Q2; _timeZoneOffset=180; _ga=GA1.3.685466192.1508711293; ASP.NET_SessionId=gam2fam11wnk5cryudsqbxps; email=seb%40anterior.com.au; .ASPXAUTH=E04E6D975771299F3233F33775FED12EF96290AA1962FF11454F0F70E5CCF660211EA103D71352D1319699078E3CAFC056CCDF1AA9DD2FAFDD3A9A0C2959416F85E2987CCB6D97CFA1EB09EE8DA4AC46D4D7FDD2040BFA0B26B4AA085AD9D7C4CF03661404BAA5DD114360D483DAF0667B27384E1EEC76C4787C00EB901A177C1A5DB1F8ECA046A6ABC42EFF20038FB2F1FEB310FE7E3B30166B4326658CA9D11064E766E24307D9F66D4350C0A79C05B8B482B0
Host: hubuat.alphacommercehub.com.au
Origin: https://localhost.com:900
Pragma: no-cache
Referer: https://localhost.com:900/store/checkout/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.89 Safari/537.36

Form data

Amount:161000
CancelURL: https://mage2.pro/sandbox/dfe-alphacommercehub/customerReturn
Capture: Y
City: Sydney
Country: AU
Currency: AUD
CustomerID: dfediuk@gmail.com
EmailAddress: dfediuk@gmail.com
FraudCheckBypass: N
IPAddress: 92.243.166.8
Language: en
MerchantDescriptor: Mage2PRO
MerchantID: ANTERIOR001
MerchantTxnID: 1104L741
Method: CC
OrderDetails[0][ItemAmount]: 46000
OrderDetails[0][ItemName]: Alligator Briefcase
OrderDetails[0][ItemQuantity]: 2
OrderDetails[0][ItemTaxExempt]: TRUE
OrderDetails[1][ItemAmount]: 57000
OrderDetails[1][ItemName]: New Very Prive 41 Black
OrderDetails[1][ItemQuantity]: 1
OrderDetails[1][ItemTaxExempt]: TRUE
OrderDetails[2][ItemAmount]: 13000
OrderDetails[2][ItemName]: Shipping
OrderDetails[2][ItemQuantity]: 1
OrderDetails[2][ItemTaxExempt]: TRUE
OrderDetails[3][ItemAmount]: -1000
OrderDetails[3][ItemName]: Adjustment
OrderDetails[3][ItemQuantity]: 1
OrderDetails[3][ItemTaxExempt]: TRUE
SocialID: 74041803683
State: Mage2PRO
Street1: 72 Liverpool St
SuccessURL: https://mage2.pro/sandbox/dfe-alphacommercehub/customerReturn
TelNo: 61282688888
TxnDetails: Alligator Briefcase 2 New Very Prive
UserId: 123
Zip: 2000

Step 2 details

General

Request URL: https://hubuat.alphacommercehub.com.au/pp/3dsecure
Request Method: POST
Status Code: 200 OK
Remote Address: 76.12.61.237:443
Referrer Policy: no-referrer-when-downgrade

Response headers

HTTP/1.1 200 OK
Date: Wed, 15 Nov 2017 05:17:53 GMT
Server: Microsoft-IIS/8.5
Cache-Control: private
Content-Type: application/json; charset=utf-8
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 1914
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

Request headers

Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,ru;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 3066
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cookie: __RequestVerificationToken=n-B5epNpZExPBpdLRWY_IOg_zxlnxkKjL1utioq1JrxE6rgCQN9BJ480lFpp8mWnGdzLeRMhjjnUk-PHF_BJBywBGWw7qNJYr6zSdMzZPcjvYobCiCRY5Eyc2vjI9cd0Pdv0_Q2; _timeZoneOffset=180; _ga=GA1.3.685466192.1508711293; ASP.NET_SessionId=gam2fam11wnk5cryudsqbxps; email=seb%40anterior.com.au; .ASPXAUTH=E04E6D975771299F3233F33775FED12EF96290AA1962FF11454F0F70E5CCF660211EA103D71352D1319699078E3CAFC056CCDF1AA9DD2FAFDD3A9A0C2959416F85E2987CCB6D97CFA1EB09EE8DA4AC46D4D7FDD2040BFA0B26B4AA085AD9D7C4CF03661404BAA5DD114360D483DAF0667B27384E1EEC76C4787C00EB901A177C1A5DB1F8ECA046A6ABC42EFF20038FB2F1FEB310FE7E3B30166B4326658CA9D11064E766E24307D9F66D4350C0A79C05B8B482B0
Host: hubuat.alphacommercehub.com.au
Origin: https://hubuat.alphacommercehub.com.au
Pragma: no-cache
Referer: https://hubuat.alphacommercehub.com.au/pp/ac580978-81f0-4716-bfc3-3bc46eab8603
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.89 Safari/537.36
X-APC-MerchantTxnID: 1104L741
X-APC-PPSessionId: 93fe6a0e-0127-448e-9117-80a2f4467627
X-Requested-With:XMLHttpRequest

Form data

cardHolder: DMITRY FEDYUK
cardNumber: 5453 0100 0009 5323
cardExpiryDate: 07 / 21
cardCVV: 123
country: AU
street1: 72 Liverpool St
street2:
city: Sydney
zip: 2000
emailAddress:
token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwYXlsb2FkIjoie1wiVXNlcklkXCI6XCIxMjNcIixcIk1lcmNoYW50SURcIjpcIkFOVEVSSU9SMDAxXCIsXCJNZXJjaGFudFR4bklEXCI6XCIxMTA0TDc0MVwiLFwiQ3VycmVuY3lcIjpcIkFVRFwiLFwiQW1vdW50XCI6XCIxNjEwMDBcIixcIlRyYW5zYWN0aW9uVGltZXN0YW1wXCI6bnVsbCxcIk1ldGhvZFwiOlwiQ0NcIixcIkxhbmd1YWdlXCI6XCJlblwiLFwiVHhuRGV0YWlsc1wiOlwiQWxsaWdhdG9yIEJyaWVmY2FzZSAyIE5ldyBWZXJ5IFByaXZlXCIsXCJDYXB0dXJlXCI6XCJZXCIsXCJFbWFpbEFkZHJlc3NcIjpcImRmZWRpdWtAZ21haWwuY29tXCIsXCJJUEFkZHJlc3NcIjpcIjkyLjI0My4xNjYuOFwiLFwiVGVsTm9cIjpcIjYxMjgyNjg4ODg4XCIsXCJDdXN0b21lcklEXCI6XCJkZmVkaXVrQGdtYWlsLmNvbVwiLFwiU29jaWFsSURcIjpcIjc0MDQxODAzNjgzXCIsXCJTdHJlZXQxXCI6XCI3MiBMaXZlcnBvb2wgU3RcIixcIlN0cmVldDJcIjpudWxsLFwiQ2l0eVwiOlwiU3lkbmV5XCIsXCJaaXBcIjpcIjIwMDBcIixcIlN0YXRlXCI6XCJNYWdlMlBST1wiLFwiQ291bnRyeVwiOlwiQVVcIixcIk1lcmNoYW50RGVzY3JpcHRvclwiOlwiTWFnZTJQUk9cIixcIlN1Y2Nlc3NVUkxcIjpcImh0dHBzOi8vbWFnZTIucHJvL3NhbmRib3gvZGZlLWFscGhhY29tbWVyY2VodWIvY3VzdG9tZXJSZXR1cm5cIixcIlRocmVlRFNlY3VyZUJ5cGFzc1wiOm51bGwsXCJDYXJkVHlwZVwiOlwibWFzdGVyY2FyZCx2aXNhLHZpc2FkZWJpdFwiLFwiRnJhdWRDaGVja0J5cGFzc1wiOlwiTlwiLFwiSW5zdGFsbG1lbnRcIjpudWxsLFwiUGF5TGF0ZXJNb250aHNcIjpudWxsLFwiUGF5TnVtYmVyTW9udGhzXCI6bnVsbCxcIkluc3RhbGxtZW50SURcIjpudWxsLFwiSW5zdGFsbG1lbnRUeXBlXCI6bnVsbCxcIkNhbmNlbFVSTFwiOlwiaHR0cHM6Ly9tYWdlMi5wcm8vc2FuZGJveC9kZmUtYWxwaGFjb21tZXJjZWh1Yi9jdXN0b21lclJldHVyblwiLFwiQ2FyZE51bWJlclwiOm51bGwsXCJDYXJkSG9sZGVyXCI6bnVsbCxcIkNhcmRFeHBpcnlNb250aFwiOm51bGwsXCJDYXJkRXhwaXJ5WWVhclwiOm51bGwsXCJDYXJkQ1ZWXCI6bnVsbCxcIkNoYW5uZWxUeXBlXCI6XCIwNVwiLFwiU2VjdXJlVG9rZW5cIjpudWxsLFwiU2Vzc2lvbklkXCI6bnVsbCxcIlRheEFkZGVkXCI6ZmFsc2UsXCJUYXhSYXRlXCI6MC4wLFwiTm90aWZpY2F0aW9uRW1haWxcIjpudWxsLFwiUmV0dXJuVGV4dFwiOm51bGwsXCJSZXBseVVybFwiOm51bGwsXCJVcGRhdGVVUkxcIjpudWxsLFwiT3JpZ2luXCI6XCJIUFBcIixcIlRyYW5zYWN0aW9uVHlwZVwiOm51bGwsXCJDdXN0b20xXCI6bnVsbCxcIlBheVdpdGhQb2ludHNcIjpudWxsLFwiTWVyY2hhbnREYXRhXCI6bnVsbCxcIlRlcm1pbmFsXCI6bnVsbCxcIlBheW1lbnRQcm9jZXNzb3JBUElJZFwiOm51bGwsXCJPcmRlckRldGFpbHNcIjpbe1wiSXRlbU5hbWVcIjpudWxsLFwiSXRlbVF1YW50aXR5XCI6MCxcIkl0ZW1BbW91bnRcIjpudWxsLFwiSXRlbVByaWNlXCI6bnVsbCxcIkl0ZW1UYXhFeGVtcHRcIjpmYWxzZX0se1wiSXRlbU5hbWVcIjpudWxsLFwiSXRlbVF1YW50aXR5XCI6MCxcIkl0ZW1BbW91bnRcIjpudWxsLFwiSXRlbVByaWNlXCI6bnVsbCxcIkl0ZW1UYXhFeGVtcHRcIjpmYWxzZX0se1wiSXRlbU5hbWVcIjpudWxsLFwiSXRlbVF1YW50aXR5XCI6MCxcIkl0ZW1BbW91bnRcIjpudWxsLFwiSXRlbVByaWNlXCI6bnVsbCxcIkl0ZW1UYXhFeGVtcHRcIjpmYWxzZX0se1wiSXRlbU5hbWVcIjpudWxsLFwiSXRlbVF1YW50aXR5XCI6MCxcIkl0ZW1BbW91bnRcIjpudWxsLFwiSXRlbVByaWNlXCI6bnVsbCxcIkl0ZW1UYXhFeGVtcHRcIjpmYWxzZX1dLFwiQ3VzdG9tRmllbGRzXCI6W10sXCJBY2NlcHQzRFNBdXRoZW50aWNhdGlvblVuYXZhaWxhYmxlXCI6ZmFsc2UsXCJBY2NlcHQzRFNFbnJvbEJ5cGFzc1wiOmZhbHNlLFwiUFBTZXNzaW9uSWRcIjpcIjRmZWUzNTgyLWIwMDItNDkzYi1iMmE3LTc4OTNjODI1ZDA3MlwifSJ9.LXhXM-x-9MtybVscmocbj323zvWPVdIYwr9zUuX3i9E
cardExpiryMonth: 7
cardExpiryYear: 2021
payPageID: ac580978-81f0-4716-bfc3-3bc46eab8603
merchantSequenceNumber:
clientIP: 92.243.166.8

[dmitrii-fediuk]

I have got a response from Rónán Gallagher (AlphaCommerceHub):

For 3D Secure a valid merchant url is required in the merchant config. This wasn't set in your test merchant. Has been added in.

Me:

Which URL have you set exactly?

Rónán Gallagher:

This one on merchant profile:

Me:

What does mean this URL?

Rónán Gallagher:

One of the parameters required when posting 3D Secure request to the schemes is the merchant url. We use the website parameter from merchant profile for this. In production it would be the real website url of the merchant

Me:

So it can be an arbitrary URL like «http://non-existent-website.com», and it will not cause a failure if the merchant moves his website to another domain?