3d-secure

I'm wondering what's the best way of accepting payments from credit cards that require 3-D Secure verification. Currently the checkout flow is like this: Customer submits payment Payment gateway returns an error stating that the card requires 3-D secure code processing. Returns the ACS URL in the response I redirect user to the issuing bank's verification site and I pass a callback URL for the ACS to redirect after completion of verification Customer enters verification code and ACS redirects to the callback URL with an authorization token indicating successful verification To complete the

The documentation for Protocol 4.00 could be more helpful. For everyone struggling to get 3DSV2 working, I'd like the basics spelled out by anyone who has managed to get it working. I'll summarise the flow as I understand it, please everyone, help by correcting where necessary and by adding in any issues such as removing the {} braces from VPSTx_Id. Make your request to SagePay to register the transaction, include ThreeDSNotificationURL which is the url where the ACS will redirect your customer if successful, or not. If the response from SagePay is 3DAUTH, build a form to show to the customer