Challenge Flow: Step-by-Step Implementation Guide

The Challenge Flow is used when additional customer verification is required. This guide explains how to implement it correctly.

When Challenge Flow is Used

Challenge Flow happens in approximately 5% of transactions when:

• New customers making their first purchase
• Unusually large transaction amounts
• Customers using new devices or browsers
• Purchases from different countries/locations
• Risk patterns detected by the issuer

Customer Experience in Challenge Flow

What Your Customer Sees

1. Starts checkout normally - Enters card details and clicks "Pay"
2. Sees authentication screen - Redirected to secure verification page
3. Completes verification - Enters OTP, uses biometric, or confirms in banking app
4. Returns to your site - Automatically redirected back with transaction result

Authentication Methods Customers May Encounter

• SMS OTP: 6-digit code sent to their phone
• Email OTP: Code sent to registered email address
• Mobile Banking App: Push notification to confirm payment
• Biometric: Fingerprint or face scan through banking app
• PIN Entry: Banking PIN entered on secure page

Common Issues and Solutions

Challenge Iframe Not Loading

• Cause: CORS or content security policy issues
• Solution: Ensure your CSP allows iframe loading from PayNetWorx domains

Customer Abandons Challenge

• Cause: Confusing or slow challenge process
• Solution: Provide clear instructions and progress indicators

---

Remember: The Challenge Flow is your safety net. While it adds a step for customers, it prevents fraud and builds trust in your payment system.