Fail /three-ds-authentication on get verification token

Hello Square!
I am experiencing problems with the 3D(SCA) verification of some cards. I can’t get the challenge to verify the card to come out, and consequently I can’t store it. What can it be?

Development environment: IONIC 7 + Angular 16
Test in: W11 Chrome 116 (DEV - localhost)
In PRO with Android and IOS the same problem also occurs

APP ID: sq0idp–xTGk6WqlqOgDjOd2bwFFg

PUT REQUEST*****/three-ds-authentication

STATUS CODE: 400 (Bad Request)


    "errors": [
            "category": "INVALID_REQUEST_ERROR",
            "code": "BAD_REQUEST",
            "detail": "Error authenticating with 3DS Server"

And another request:

PUT REQUEST:********
But in response…

    "token": "**********",
    "status": "COMPLETED",
    "challenges": [
            "type": "SQUARE_THREEDS",
            "status": "COMPLETED",
            "square_three_ds_verification": {
                "status": "ERROR",
                "three_ds_server_transaction_id": "********",
                "directory_server_id": "A000000004",
                "message_version": "2.2.0"

Those aren’t documented base path URLs. Is there a reason your calling them directly? :slight_smile:

I don’t call them directly, it’s what I’ve seen debugging from the browser. In code, follow the steps indicated in the square web documentation:

  1. Tokenize card
  2. Call payments.verifyBuyer
  3. Call store card


Okay, is there a particular card that your seeing this issue with every time? Or is this sporadic. :slight_smile:

It happens with some cards, mainly with MasterCard but I haven’t detected a pattern yet

I also think it may depend on the device, in IOS some cards won’t let me add them, but in the web version of my app it does…

Hi Bryan!!

I’d like to address this matter again. I’ve already pinpointed the issue of failing card validation. It’s causing problems when I’m on http://localhost:4200 (My development server), as well as when I deploy the hybrid applications on Android and iOS. Is HTTPS necessary to enable card validation? In hybrid technology-based apps like Ionic, I don’t have control over this since they run on the client’s device.

Looking forward to your response. Thank you very much.

I attach more information

With this test card:
Mastercard 5248 4800 0021 0026 111 Modal with Verification Code 123456

Yes, HTTPS is required for all API calls to Square endpoints. Make sure your website is served using HTTPS and that you’re making HTTPS calls to Square APIs. :slight_smile:

1 Like

Due to technical limitations we cannot change to HTTPS, IONIC uses the file protocol for the server part and since IOS it cannot be changed to HTTPS.
Attached is a screenshot of the official IONIC documentation

And post talk this → Cordova Webview Schemes/Protocols

Do you have no cases of implementation of the WEB SQUARE SDK in applications with hybrid technologies?

On Android the solution has been this:


  "appId": "es.appid",
  "appName": "appname",
  "webDir": "www",
  "bundledWebRuntime": false,
  "server": {
    "hostname": "app",
    "iosScheme": "https",
    "androidScheme": "https"

On ios with this configuration it keeps failing :pensive: