HostedFields 3d secure 2.2 not work, error_lookup

[CdwCdw1]

General information

• SDK version: 3.84
• Environment: production
• Browser and OS : Chrome 96.0.4664.45 on Windows

Issue description

For a few days, card transactions (visa and mastercard) are rejected due to lack of authorization. This problem we have been detecting since the transactions go through version 2 of 3d secure (with version 1 everything is ok)
After on lookup complete, printing the object we receive the following error message:
threeDSecureInfo: Object {liabilityShifted: false, liabilityShiftPossible: false, status: "lookup_error",…}
and of course it is
acsUrl that pareq are empty

3D Secure Information

Enrolled
Status
Lookup error
3DS Version
2.2.0
Challenge Requested
false
Exemption Requested
false
Liability Shifted
false
Liability Shift Possible
false

The code is ok, we did all the tests imaginable and it always worked when transactions went through with 3d secure 1
In sandobx it works regularly.
What is happening? the error error_lookup is not up to us.
We asked braintree for support several days ago but they still haven't answered us and we are losing several transactions due to this error.
Thanks

[CdwCdw1]

After several attempts we have applied the workaround from this post
#497 (comment)
and now everything works regularly because the transactions go through 3d secure 1.02 as it happened a few weeks ago.
We look forward to a definitive solution, because it is not possible to proceed with the 3d secure 2 version !!!

[jplukarski]

Hey @CdwCdw1, thanks for reaching out. Our support team is currently fielding a high volume of requests and we appreciate your patience while they get to your ticket.

A lookup_error happens when an error occurs when our MPI provider attempts to find the customer's card on their directory server and card issuing bank's ACS. To help us understand what is going on, can you clarify if you receive a lookup_error for every single Visa/Mastercard transaction attempt? Also, are you implementing a CSP?

[CdwCdw1]

Hi, thanks for answering me.
We have been relying on braintree since September of this year and it tells everything well because 3dsecure was running for version 1.02,. but for a few weeks, in Italy, they are adopting version 2.2 and we started to detect the lookup error with visa and mastercard. This error was only detected for 3d secure version 2.
We hadn't set up a Content Security Policy, but in order to make 3d secure version 1.02 work we were forced to do so today by deleting songbird.cardinalcommerce.com from script-src

So it works regularly, at least with our active cards. What can we do?
Our merchant id is w883mkq56tkdjpzs
and we have opened two tickets on Braintree:

3483026 and # 3485904

Thanks

[CdwCdw1]

I confirm that forcing transactions to go through 3d secure 1.02 we have no problems. We are waiting to know how or when the lookup error will be fixed using version 2 of 3d secure.
Thanks!

[CdwCdw1]

It's been 10 days since the first support request and still no one has answered us. We have done all the tests imaginable, even changing servers but we always receive the lookup error when the transactions go through version 2 of 3d secure and therefore we are forced not to insert * .cardinalcommerce.com in our csp in order to force payments to go through version 1.02 of 3d secure.
I don't know if it can be useful but in the Braintree control panel
Business -> merchant account
We read "Card Types Missing Cardinal Config" for amex, visa and mastercard.
Could this be the problem?

[mrbrdo]

I have the same issue. @CdwCdw1 did you find a solution?
We also have the same "Card Types Missing Cardinal Config" in case it matters, and not using CSP.

[mrbrdo]

@jplukarski is there any progress on this? In EU it seems some cards will now fail with 3DS1 and require payment confirmation through bank phone app. In this case we need to use 3DS2, but it's giving us the lookup_error. Pretty urgent for us as we are losing orders.

[cgdibble]

@CdwCdw1 sorry for the delay here. As described in the issue you linked above here: #497 (comment)

The SDK, when version: 2 specified, will fall back to 3DS v1 when possible. CSPs and 3DS (v2 especially) are a real challenge as the bank urls used are innumerable even if the majority come from *.cardinalcommerce.com. We don't currently have a solution for that as it is a challenge baked into the 3DS v2 protocol itself.

Can you provide some more info about your setup with 3DS v2? That will help us better trouble-shoot this. That might mean more specifics snippets of the error, etc.

The challenge is that those lookups are failing from CardinalCommerce. See here for some more explanation on the error itself: #615 (comment)

[cgdibble]

Closing due to inactivity. If more information becomes available, please reopen the issue.

[adamholden1212]

Did anyone find a solution to this?

I am using Braintree with a new account and I am getting the lookup errors. Braintree have been next to useless with their suggestions and support.

I have checked my module on Magento and there are no problems with it. Yet I am getting 3DS lookup errors every time.

[anthony-keller]

We've seen a combo of lookup_error and authentication_unavailable since 2022-10-10 13:30:07 +00:00. We also tried support without success.

We did not make any code changes on our side and it all of a sudden stopped working.

[WebHostingAce]

@adamholden1212 @anthony-keller Did you find a solution for this?

Our UK, DE, IT, FR Braintree account 3DS working as expected.

But the AU and NZ accounts have the lookup_error issue for all transactions since around 2022-10-10

[anthony-keller]

@adamholden1212 @anthony-keller Did you find a solution for this?

Our UK, DE, IT, FR Braintree account 3DS working as expected.

But the AU and NZ accounts have the lookup_error issue for all transactions since around 2022-10-10

We switched to using Stripe because Braintree could not provide a solution. The bank they use in Aus has not implemented 3DS2.