> ## Documentation Index
> Fetch the complete documentation index at: https://docs.gr4vy.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Pass-through External 3-D Secure data

3-D Secure can be handled by a third party server,
allowing you to pass through 3DS authentication data from that service to a preferred
payment service.

To use 3-D Secure with a separate server, it is assumed that 3-D Secure has been handled
separately and the relevant data received at the end of the
flow has been collected.

The transaction API supports directly passing 3-D Secure data [as part
of the transaction request](/reference/transactions/new-transaction#body-three-d-secure-data).
This data is passed along to the payment service
assuming it supports this data via their API.

```json POST /transactions theme={"system"}
{
  "amount": 1299,
  "currency": "AUD",
  "payment_method": {
    "method": "card",
    "number": "4111111111111111",
    "expiration_date": "11/25",
    "security_code": "123",
    "redirect_url": "https://example.com/callback"
  },
  "three_d_secure_data": {
    "cavv": "3q2+78r+ur7erb7vyv66vv8=",
    "eci": "05",
    "version": "2.1.0",
    "directory_response": "C",
    "caav_algorithm": "1",
    "xid": "ODgxNDc2MDg2MDExODk5MAAAAAA=",
    "authentication_response": "Y"
  }
}
```

<Warning>
  **Payment service compatibility**

  Not all payment services support external 3-D Secure data, and therefore even
  when this data is provided a `redirect_url` is still expected as well. If none of
  the selected payment services support the pass-through of 3-D Secure data the
  API might [return a pending transaction](./hosted) with an `approval_url` in
  the response.
</Warning>