activemerchant 1.125.0 → 1.126.0

data/lib/active_merchant/billing/gateways/decidir.rb

@@ -117,11 +117,11 @@ module ActiveMerchant #:nodoc:
         post[:establishment_name] = options[:establishment_name] if options[:establishment_name]
         post[:fraud_detection] = add_fraud_detection(options[:fraud_detection]) if options[:fraud_detection].present?
         post[:site_id] = options[:site_id] if options[:site_id]
-        post[:sub_payments] = []
 
         add_invoice(post, money, options)
         add_payment(post, credit_card, options)
         add_aggregate_data(post, options) if options[:aggregate_data]
+        add_sub_payments(post, options)
       end
 
       def add_payment_method_id(credit_card, options)
@@ -210,6 +210,22 @@ module ActiveMerchant #:nodoc:
         post[:aggregate_data] = aggregate_data
       end
 
+      def add_sub_payments(post, options)
+        # sub_payments field is required for purchase transactions, even if empty
+        post[:sub_payments] = []
+
+        return unless sub_payments = options[:sub_payments]
+
+        sub_payments.each do |sub_payment|
+          sub_payment_hash = {
+            site_id: sub_payment[:site_id],
+            installments: sub_payment[:installments].to_i,
+            amount: sub_payment[:amount].to_i
+          }
+          post[:sub_payments] << sub_payment_hash
+        end
+      end
+
       def add_fraud_detection(options = {})
         {}.tap do |hsh|
           hsh[:send_to_cs] = options[:send_to_cs] if valid_fraud_detection_option?(options[:send_to_cs]) # true/false

data/lib/active_merchant/billing/gateways/decidir_plus.rb

@@ -6,7 +6,7 @@ module ActiveMerchant #:nodoc:
 
       self.supported_countries = ['AR']
       self.default_currency = 'ARS'
-      self.supported_cardtypes = %i[visa master american_express discover]
+      self.supported_cardtypes = %i[visa master american_express discover diners_club naranja cabal]
 
       self.homepage_url = 'http://decidir.com.ar/home'
       self.display_name = 'Decidir Plus'
@@ -18,20 +18,44 @@ module ActiveMerchant #:nodoc:
 
       def purchase(money, payment, options = {})
         post = {}
+        build_purchase_authorize_request(post, money, payment, options)
 
-        add_payment(post, payment, options)
-        add_purchase_data(post, money, payment, options)
+        commit(:post, 'payments', post)
+      end
+
+      def authorize(money, payment, options = {})
+        post = {}
+        build_purchase_authorize_request(post, money, payment, options)
 
         commit(:post, 'payments', post)
       end
 
+      def capture(money, authorization, options = {})
+        post = {}
+        post[:amount] = money
+
+        commit(:put, "payments/#{add_reference(authorization)}", post)
+      end
+
       def refund(money, authorization, options = {})
         post = {}
         post[:amount] = money
 
+        commit(:post, "payments/#{add_reference(authorization)}/refunds", post)
+      end
+
+      def void(authorization, options = {})
         commit(:post, "payments/#{add_reference(authorization)}/refunds")
       end
 
+      def verify(credit_card, options = {})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { store(credit_card, options) }
+          r.process { authorize(100, r.authorization, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
       def store(payment, options = {})
         post = {}
         add_payment(post, payment, options)
@@ -39,6 +63,10 @@ module ActiveMerchant #:nodoc:
         commit(:post, 'tokens', post)
       end
 
+      def unstore(customer_token)
+        commit(:delete, "cardtokens/#{customer_token}")
+      end
+
       def supports_scrubbing?
         true
       end
@@ -52,6 +80,13 @@ module ActiveMerchant #:nodoc:
 
       private
 
+      def build_purchase_authorize_request(post, money, payment, options)
+        add_customer_data(post, options)
+        add_payment(post, payment, options)
+        add_purchase_data(post, money, payment, options)
+        add_fraud_detection(post, options)
+      end
+
       def add_reference(authorization)
         return unless authorization
 
@@ -65,26 +100,64 @@ module ActiveMerchant #:nodoc:
           post[:bin] = bin
         else
           post[:card_number] = payment.number
-          post[:card_expiration_month] = payment.month.to_s.rjust(2, '0')
-          post[:card_expiration_year] = payment.year.to_s[-2..-1]
+          post[:card_expiration_month] = format(payment.month, :two_digits)
+          post[:card_expiration_year] = format(payment.year, :two_digits)
           post[:security_code] = payment.verification_value.to_s
-          post[:card_holder_name] = payment.name
+          post[:card_holder_name] = payment.name.empty? ? options[:name_override] : payment.name
           post[:card_holder_identification] = {}
-          post[:card_holder_identification][:type] = options[:dni]
-          post[:card_holder_identification][:number] = options[:card_holder_identification_number]
+          post[:card_holder_identification][:type] = options[:card_holder_identification_type] if options[:card_holder_identification_type]
+          post[:card_holder_identification][:number] = options[:card_holder_identification_number] if options[:card_holder_identification_number]
+
+          # additional data used for Visa transactions
+          post[:card_holder_door_number] = options[:card_holder_door_number].to_i if options[:card_holder_door_number]
+          post[:card_holder_birthday] = options[:card_holder_birthday] if options[:card_holder_birthday]
         end
       end
 
+      def add_customer_data(post, options = {})
+        return unless customer = options[:customer]
+
+        post[:customer] = {}
+        post[:customer][:id] = customer[:id] if customer[:id]
+        post[:customer][:email] = customer[:email] if customer[:email]
+      end
+
       def add_purchase_data(post, money, payment, options = {})
         post[:site_transaction_id] = options[:site_transaction_id] || SecureRandom.hex
-        post[:payment_method_id] = 1
+        post[:payment_method_id] = add_payment_method_id(options)
         post[:amount] = money
         post[:currency] = options[:currency] || self.default_currency
         post[:installments] = options[:installments] || 1
         post[:payment_type] = options[:payment_type] || 'single'
+        post[:establishment_name] = options[:establishment_name] if options[:establishment_name]
+
+        add_aggregate_data(post, options) if options[:aggregate_data]
         add_sub_payments(post, options)
       end
 
+      def add_aggregate_data(post, options)
+        aggregate_data = {}
+        data = options[:aggregate_data]
+        aggregate_data[:indicator] = data[:indicator] if data[:indicator]
+        aggregate_data[:identification_number] = data[:identification_number] if data[:identification_number]
+        aggregate_data[:bill_to_pay] = data[:bill_to_pay] if data[:bill_to_pay]
+        aggregate_data[:bill_to_refund] = data[:bill_to_refund] if data[:bill_to_refund]
+        aggregate_data[:merchant_name] = data[:merchant_name] if data[:merchant_name]
+        aggregate_data[:street] = data[:street] if data[:street]
+        aggregate_data[:number] = data[:number] if data[:number]
+        aggregate_data[:postal_code] = data[:postal_code] if data[:postal_code]
+        aggregate_data[:category] = data[:category] if data[:category]
+        aggregate_data[:channel] = data[:channel] if data[:channel]
+        aggregate_data[:geographic_code] = data[:geographic_code] if data[:geographic_code]
+        aggregate_data[:city] = data[:city] if data[:city]
+        aggregate_data[:merchant_id] = data[:merchant_id] if data[:merchant_id]
+        aggregate_data[:province] = data[:province] if data[:province]
+        aggregate_data[:country] = data[:country] if data[:country]
+        aggregate_data[:merchant_email] = data[:merchant_email] if data[:merchant_email]
+        aggregate_data[:merchant_phone] = data[:merchant_phone] if data[:merchant_phone]
+        post[:aggregate_data] = aggregate_data
+      end
+
       def add_sub_payments(post, options)
         # sub_payments field is required for purchase transactions, even if empty
         post[:sub_payments] = []
@@ -94,14 +167,78 @@ module ActiveMerchant #:nodoc:
         sub_payments.each do |sub_payment|
           sub_payment_hash = {
             site_id: sub_payment[:site_id],
-            installments: sub_payment[:installments],
-            amount: sub_payment[:amount]
+            installments: sub_payment[:installments].to_i,
+            amount: sub_payment[:amount].to_i
           }
           post[:sub_payments] << sub_payment_hash
         end
       end
 
+      def add_payment_method_id(options)
+        return options[:payment_method_id].to_i if options[:payment_method_id]
+
+        if options[:debit]
+          case options[:card_brand]
+          when 'visa'
+            31
+          when 'master'
+            105
+          when 'maestro'
+            106
+          when 'cabal'
+            108
+          else
+            31
+          end
+        else
+          case options[:card_brand]
+          when 'visa'
+            1
+          when 'master'
+            104
+          when 'american_express'
+            65
+          when 'american_express_prisma'
+            111
+          when 'cabal'
+            63
+          when 'diners_club'
+            8
+          else
+            1
+          end
+        end
+      end
+
+      def add_fraud_detection(post, options)
+        return unless fraud_detection = options[:fraud_detection]
+
+        {}.tap do |hsh|
+          hsh[:send_to_cs] = fraud_detection[:send_to_cs] == 'true' # true/false
+          hsh[:channel] = fraud_detection[:channel] if fraud_detection[:channel]
+          hsh[:dispatch_method] = fraud_detection[:dispatch_method] if fraud_detection[:dispatch_method]
+          add_csmdds(hsh, fraud_detection)
+
+          post[:fraud_detection] = hsh
+        end
+      end
+
+      def add_csmdds(hsh, fraud_detection)
+        return unless fraud_detection[:csmdds]
+
+        csmdds_arr = []
+        fraud_detection[:csmdds].each do |csmdds|
+          csmdds_hsh = {}
+          csmdds_hsh[:code] = csmdds[:code].to_i
+          csmdds_hsh[:description] = csmdds[:description]
+          csmdds_arr.append(csmdds_hsh)
+        end
+        hsh[:csmdds] = csmdds_arr unless csmdds_arr.empty?
+      end
+
       def parse(body)
+        return {} if body.nil?
+
         JSON.parse(body)
       end
 
@@ -140,11 +277,13 @@ module ActiveMerchant #:nodoc:
       end
 
       def success_from(response)
-        response.dig('status') == 'approved' || response.dig('status') == 'active'
+        response.dig('status') == 'approved' || response.dig('status') == 'active' || response.dig('status') == 'pre_approved' || response.empty?
       end
 
       def message_from(response)
-        response.dig('status') || error_message(response) || response.dig('message')
+        return '' if response.empty?
+
+        rejected?(response) ? message_from_status_details(response) : response.dig('status') || error_message(response) || response.dig('message')
       end
 
       def authorization_from(response)
@@ -158,7 +297,24 @@ module ActiveMerchant #:nodoc:
       end
 
       def error_code_from(response)
-        response.dig('error_type') unless success_from(response)
+        return if success_from(response)
+
+        error_code = nil
+        if error = response.dig('status_details', 'error')
+          error_code = error.dig('reason', 'id') || error['type']
+        elsif response['error_type']
+          error_code = response['error_type']
+        elsif response.dig('error', 'validation_errors')
+          error = response.dig('error')
+          validation_errors = error.dig('validation_errors', 0)
+          code = validation_errors['code'] if validation_errors && validation_errors['code']
+          param = validation_errors['param'] if validation_errors && validation_errors['param']
+          error_code = "#{error['error_type']} | #{code} | #{param}" if error['error_type']
+        elsif error = response.dig('error')
+          error_code = error.dig('reason', 'id')
+        end
+
+        error_code
       end
 
       def error_message(response)
@@ -168,6 +324,21 @@ module ActiveMerchant #:nodoc:
 
         "#{validation_errors.dig('code')}: #{validation_errors.dig('param')}"
       end
+
+      def rejected?(response)
+        return response.dig('status') == 'rejected'
+      end
+
+      def message_from_status_details(response)
+        return unless error = response.dig('status_details', 'error')
+        return message_from_fraud_detection(response) if error.dig('type') == 'cybersource_error'
+
+        "#{error.dig('type')}: #{error.dig('reason', 'description')}"
+      end
+
+      def message_from_fraud_detection(response)
+        return error_message(response.dig('fraud_detection', 'status', 'details'))
+      end
     end
   end
 end

data/lib/active_merchant/billing/gateways/ebanx.rb

@@ -42,8 +42,8 @@ module ActiveMerchant #:nodoc:
         'ar' => 100,
         'co' => 100,
         'pe' => 300,
-        'mx' => 300,
-        'cl' => 5000
+        'mx' => 2000,
+        'cl' => 80000
       }
 
       def initialize(options = {})
@@ -183,6 +183,7 @@ module ActiveMerchant #:nodoc:
         post[:payment][:currency_code] = (options[:currency] || currency(money))
         post[:payment][:merchant_payment_code] = Digest::MD5.hexdigest(options[:order_id])
         post[:payment][:instalments] = options[:instalments] || 1
+        post[:payment][:order_number] = options[:order_id][0..39] if options[:order_id]
       end
 
       def add_card_or_token(post, payment)

data/lib/active_merchant/billing/gateways/global_collect.rb

@@ -87,7 +87,9 @@ module ActiveMerchant #:nodoc:
         'master' => '3',
         'discover' => '128',
         'jcb' => '125',
-        'diners_club' => '132'
+        'diners_club' => '132',
+        'cabal' => '135',
+        'naranja' => '136'
       }
 
       def add_order(post, money, options, capture: false)
@@ -248,7 +250,6 @@ module ActiveMerchant #:nodoc:
         month = format(payment.month, :two_digits)
         expirydate = "#{month}#{year}"
         pre_authorization = options[:pre_authorization] ? 'PRE_AUTHORIZATION' : 'FINAL_AUTHORIZATION'
-
         post['cardPaymentMethodSpecificInput'] = {
           'paymentProductId' => BRAND_MAP[payment.brand],
           'skipAuthentication' => 'true', # refers to 3DSecure
@@ -386,12 +387,12 @@ module ActiveMerchant #:nodoc:
           response = json_error(raw_response)
         end
 
-        succeeded = success_from(response)
+        succeeded = success_from(action, response)
         Response.new(
           succeeded,
           message_from(succeeded, response),
           response,
-          authorization: authorization_from(succeeded, response),
+          authorization: authorization_from(response),
           error_code: error_code_from(succeeded, response),
           test: test?
         )
@@ -400,8 +401,7 @@ module ActiveMerchant #:nodoc:
       def json_error(raw_response)
         {
           'error_message' => 'Invalid response received from the Ingenico ePayments (formerly GlobalCollect) API.  Please contact Ingenico ePayments if you continue to receive this message.' \
-            "  (The raw response returned by the API was #{raw_response.inspect})",
-          'status' => 'REJECTED'
+            "  (The raw response returned by the API was #{raw_response.inspect})"
         }
       end
 
@@ -438,8 +438,24 @@ module ActiveMerchant #:nodoc:
         'application/json'
       end
 
-      def success_from(response)
-        !response['errorId'] && response['status'] != 'REJECTED'
+      def success_from(action, response)
+        return false if response['errorId'] || response['error_message']
+
+        case action
+        when :authorize
+          response.dig('payment', 'statusOutput', 'isAuthorized')
+        when :capture
+          capture_status = response.dig('status') || response.dig('payment', 'status')
+          %w(CAPTURED CAPTURE_REQUESTED).include?(capture_status)
+        when :void
+          void_response_id = response.dig('cardPaymentMethodSpecificOutput', 'voidResponseId') || response.dig('mobilePaymentMethodSpecificOutput', 'voidResponseId')
+          %w(00 0 8 11).include?(void_response_id) || response.dig('payment', 'status') == 'CANCELLED'
+        when :refund
+          refund_status = response.dig('status') || response.dig('payment', 'status')
+          %w(REFUNDED REFUND_REQUESTED).include?(refund_status)
+        else
+          response['status'] != 'REJECTED'
+        end
       end
 
       def message_from(succeeded, response)
@@ -456,14 +472,8 @@ module ActiveMerchant #:nodoc:
         end
       end
 
-      def authorization_from(succeeded, response)
-        if succeeded
-          response['id'] || response['payment']['id'] || response['paymentResult']['payment']['id']
-        elsif response['errorId']
-          response['errorId']
-        else
-          'GATEWAY ERROR'
-        end
+      def authorization_from(response)
+        response.dig('id') || response.dig('payment', 'id') || response.dig('paymentResult', 'payment', 'id')
       end
 
       def error_code_from(succeeded, response)

data/lib/active_merchant/billing/gateways/ipg.rb

@@ -4,7 +4,7 @@ module ActiveMerchant #:nodoc:
       self.test_url = 'https://test.ipg-online.com/ipgapi/services'
       self.live_url = 'https://www5.ipg-online.com'
 
-      self.supported_countries = %w(UY AR)
+      self.supported_countries = %w(AR)
       self.default_currency = 'ARS'
       self.supported_cardtypes = %i[visa master american_express discover]
 
@@ -12,7 +12,6 @@ module ActiveMerchant #:nodoc:
       self.display_name = 'IPG'
 
       CURRENCY_CODES = {
-        'UYU' => '858',
         'ARS' => '032'
       }
 

data/lib/active_merchant/billing/gateways/litle.rb

@@ -39,6 +39,96 @@ module ActiveMerchant #:nodoc:
         check?(payment_method) ? commit(:echeckSales, request, money) : commit(:sale, request, money)
       end
 
+      def add_level_two_data(doc, payment_method, options = {})
+        level_2_data = options[:level_2_data]
+        if level_2_data
+          doc.enhancedData do
+            case payment_method.brand
+            when 'visa'
+              doc.salesTax(level_2_data[:sales_tax]) if level_2_data[:sales_tax]
+            when 'master'
+              doc.customerReference(level_2_data[:customer_code]) if level_2_data[:customer_code]
+              doc.salesTax(level_2_data[:total_tax_amount]) if level_2_data[:total_tax_amount]
+              doc.detailTax do
+                doc.taxIncludedInTotal(level_2_data[:tax_included_in_total]) if level_2_data[:tax_included_in_total]
+                doc.taxAmount(level_2_data[:tax_amount]) if level_2_data[:tax_amount]
+                doc.cardAcceptorTaxId(level_2_data[:card_acceptor_tax_id]) if level_2_data[:card_acceptor_tax_id]
+              end
+            end
+          end
+        end
+      end
+
+      def add_level_three_data(doc, payment_method, options = {})
+        level_3_data = options[:level_3_data]
+        if level_3_data
+          doc.enhancedData do
+            case payment_method.brand
+            when 'visa'
+              add_level_three_information_tags_visa(doc, payment_method, level_3_data)
+            when 'master'
+              add_level_three_information_tags_master(doc, payment_method, level_3_data)
+            end
+          end
+        end
+      end
+
+      def add_level_three_information_tags_visa(doc, payment_method, level_3_data)
+        doc.discountAmount(level_3_data[:discount_amount]) if level_3_data[:discount_amount]
+        doc.shippingAmount(level_3_data[:shipping_amount]) if level_3_data[:shipping_amount]
+        doc.dutyAmount(level_3_data[:duty_amount]) if level_3_data[:duty_amount]
+        doc.detailTax do
+          doc.taxIncludedInTotal(level_3_data[:tax_included_in_total]) if level_3_data[:tax_included_in_total]
+          doc.taxAmount(level_3_data[:tax_amount]) if level_3_data[:tax_amount]
+          doc.taxRate(level_3_data[:tax_rate]) if level_3_data[:tax_rate]
+          doc.taxTypeIdentifier(level_3_data[:tax_type_identifier]) if level_3_data[:tax_type_identifier]
+          doc.cardAcceptorTaxId(level_3_data[:card_acceptor_tax_id]) if level_3_data[:card_acceptor_tax_id]
+        end
+        add_line_item_information_for_level_three_visa(doc, payment_method, level_3_data)
+      end
+
+      def add_level_three_information_tags_master(doc, payment_method, level_3_data)
+        doc.customerReference :customerReference, level_3_data[:customer_code] if level_3_data[:customer_code]
+        doc.salesTax(level_3_data[:total_tax_amount]) if level_3_data[:total_tax_amount]
+        doc.detailTax do
+          doc.taxIncludedInTotal(level_3_data[:tax_included_in_total]) if level_3_data[:tax_included_in_total]
+          doc.taxAmount(level_3_data[:tax_amount]) if level_3_data[:tax_amount]
+          doc.cardAcceptorTaxId :cardAcceptorTaxId, level_3_data[:card_acceptor_tax_id] if level_3_data[:card_acceptor_tax_id]
+        end
+        doc.lineItemData do
+          level_3_data[:line_items].each do |line_item|
+            doc.itemDescription(line_item[:item_description]) if line_item[:item_description]
+            doc.productCode(line_item[:product_code]) if line_item[:product_code]
+            doc.quantity(line_item[:quantity]) if line_item[:quantity]
+            doc.unitOfMeasure(line_item[:unit_of_measure]) if line_item[:unit_of_measure]
+            doc.lineItemTotal(line_item[:line_item_total]) if line_item[:line_item_total]
+          end
+        end
+      end
+
+      def add_line_item_information_for_level_three_visa(doc, payment_method, level_3_data)
+        doc.lineItemData do
+          level_3_data[:line_items].each do |line_item|
+            doc.itemSequenceNumber(line_item[:item_sequence_number]) if line_item[:item_sequence_number]
+            doc.commodityCode(line_item[:commodity_code]) if line_item[:commodity_code]
+            doc.itemDescription(line_item[:item_description]) if line_item[:item_description]
+            doc.productCode(line_item[:product_code]) if line_item[:product_code]
+            doc.quantity(line_item[:quantity]) if line_item[:quantity]
+            doc.unitOfMeasure(line_item[:unit_of_measure]) if line_item[:unit_of_measure]
+            doc.taxAmount(line_item[:tax_amount]) if line_item[:tax_amount]
+            doc.itemDiscountAmount(line_item[:discount_per_line_item]) unless line_item[:discount_per_line_item] < 0
+            doc.unitCost(line_item[:unit_cost]) unless line_item[:unit_cost] < 0
+            doc.detailTax do
+              doc.taxIncludedInTotal(line_item[:tax_included_in_total]) if line_item[:tax_included_in_total]
+              doc.taxAmount(line_item[:tax_amount]) if line_item[:tax_amount]
+              doc.taxRate(line_item[:tax_rate]) if line_item[:tax_rate]
+              doc.taxTypeIdentifier(line_item[:tax_type_identifier]) if line_item[:tax_type_identifier]
+              doc.cardAcceptorTaxId(line_item[:card_acceptor_tax_id]) if line_item[:card_acceptor_tax_id]
+            end
+          end
+        end
+      end
+
       def authorize(money, payment_method, options = {})
         request = build_xml_request do |doc|
           add_authentication(doc)
@@ -225,6 +315,8 @@ module ActiveMerchant #:nodoc:
         add_payment_method(doc, payment_method, options)
         add_pos(doc, payment_method)
         add_descriptor(doc, options)
+        add_level_two_data(doc, payment_method, options)
+        add_level_three_data(doc, payment_method, options)
         add_merchant_data(doc, options)
         add_debt_repayment(doc, options)
         add_stored_credential_params(doc, options)
@@ -386,7 +478,7 @@ module ActiveMerchant #:nodoc:
           doc.orderSource(order_source)
         elsif payment_method.is_a?(NetworkTokenizationCreditCard) && payment_method.source == :apple_pay
           doc.orderSource('applepay')
-        elsif payment_method.is_a?(NetworkTokenizationCreditCard) && payment_method.source == :android_pay
+        elsif payment_method.is_a?(NetworkTokenizationCreditCard) && %i[google_pay android_pay].include?(payment_method.source)
           doc.orderSource('androidpay')
         elsif payment_method.respond_to?(:track_data) && payment_method.track_data.present?
           doc.orderSource('retail')

data/lib/active_merchant/billing/gateways/moneris.rb

@@ -50,15 +50,16 @@ module ActiveMerchant #:nodoc:
         post[:order_id] = options[:order_id]
         post[:address] = options[:billing_address] || options[:address]
         post[:crypt_type] = options[:crypt_type] || @options[:crypt_type]
+        add_external_mpi_fields(post, options)
         add_stored_credential(post, options)
-        action = if post[:cavv]
+        action = if post[:cavv] || options[:three_d_secure]
                    'cavv_preauth'
                  elsif post[:data_key].blank?
                    'preauth'
                  else
                    'res_preauth_cc'
                  end
-        commit(action, post)
+        commit(action, post, options)
       end
 
       # This action verifies funding on a customer's card and readies them for
@@ -73,15 +74,16 @@ module ActiveMerchant #:nodoc:
         post[:order_id] = options[:order_id]
         post[:address] = options[:billing_address] || options[:address]
         post[:crypt_type] = options[:crypt_type] || @options[:crypt_type]
+        add_external_mpi_fields(post, options)
         add_stored_credential(post, options)
-        action = if post[:cavv]
+        action = if post[:cavv] || options[:three_d_secure]
                    'cavv_purchase'
                  elsif post[:data_key].blank?
                    'purchase'
                  else
                    'res_purchase_cc'
                  end
-        commit(action, post)
+        commit(action, post, options)
       end
 
       # This method retrieves locked funds from a customer's account (from a
@@ -203,6 +205,21 @@ module ActiveMerchant #:nodoc:
         sprintf('%.4i', creditcard.year)[-2..-1] + sprintf('%.2i', creditcard.month)
       end
 
+      def add_external_mpi_fields(post, options)
+        # See these pages:
+        # https://developer.moneris.com/livedemo/3ds2/cavv_purchase/tool/php
+        # https://developer.moneris.com/livedemo/3ds2/cavv_preauth/guide/php
+        return unless options[:three_d_secure]
+
+        three_d_secure_options = options[:three_d_secure]
+
+        post[:threeds_version] = three_d_secure_options[:version]
+        post[:crypt_type] = three_d_secure_options[:eci]
+        post[:cavv] = three_d_secure_options[:cavv]
+        post[:threeds_server_trans_id] = three_d_secure_options[:three_ds_server_trans_id]
+        post[:ds_trans_id] = three_d_secure_options[:ds_transaction_id]
+      end
+
       def add_payment_source(post, payment_method, options)
         if payment_method.is_a?(String)
           post[:data_key] = payment_method
@@ -291,14 +308,16 @@ module ActiveMerchant #:nodoc:
         end
       end
 
-      def commit(action, parameters = {})
+      def commit(action, parameters = {}, options = {})
+        threed_ds_transaction = options[:three_d_secure].present?
+
         data = post_data(action, parameters)
         url = test? ? self.test_url : self.live_url
         raw = ssl_post(url, data)
         response = parse(raw)
 
         Response.new(
-          successful?(response),
+          successful?(action, response, threed_ds_transaction),
           message_from(response[:message]),
           response,
           test: test?,
@@ -314,8 +333,16 @@ module ActiveMerchant #:nodoc:
       end
 
       # Tests for a successful response from Moneris' servers
-      def successful?(response)
-        response[:response_code] &&
+      def successful?(action, response, threed_ds_transaction = false)
+        # See 9.4 CAVV Result Codes in https://developer.moneris.com/livedemo/3ds2/reference/guide/php
+        cavv_accepted = if threed_ds_transaction
+                          response[:cavv_result_code] && response[:cavv_result_code] == '2'
+                        else
+                          true
+                        end
+
+        cavv_accepted &&
+          response[:response_code] &&
           response[:complete] &&
           (0..49).cover?(response[:response_code].to_i)
       end