Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.In 7.x-1.0 when 3D Secure is enabled, the incorrect ECI is send to Realex for payments by VISA cards not enrolled in 3D Secure.
So following advice I upgraded to the latest dev version of the module. While this solves the ECI problem, it introduces a host of new problems. Of the 9 Scenario's that Realex supply test numbers for - most are not working as they should.
Scenario 01 - Cardholder Not Enrolled - on click of Place Order on the Review Order page, 3D Secure is called. It shouldn't be as the card type is not enrolled with 3D Secure. When I click Submit in the 3D Secure window, it displays the following error:
3D Secure verification failed. Payment could not be processed: Incorrect PARes Root Element Name (Should be ThreeDSecure).
Notice: Undefined variable: log in _commerce_realex_process_3dsecure_verifysig_response() (line 336 of /var/www/vhosts/mydomain.com/sites/all/modules/commerce_realex/includes/commerce_realex_remote_3dsecure.inc).
Notice: Undefined index: instance_id in commerce_realex_remote_transaction_save() (line 760 of /var/www/vhosts/mydomain.com/sites/all/modules/commerce_realex/includes/commerce_realex_remote.inc).
Notice: Undefined index: orderid in commerce_realex_remote_transaction_save() (line 761 of /var/www/vhosts/mydomain.com/sites/all/modules/commerce_realex/includes/commerce_realex_re'
But having said that, the payment does go through and the correct ECI now displays in Realex's Merchant Pay & Shop even though my website reloads the Review Order page and the order is not listed in the Orders page.
Scenario 02 (Unable to Verify Enrollment) and Scenario 03 (Invalid response from Enrollment Server) - in both of these situations the 3D Secure window was not called (although it should). And in both cases, the transaction appears to have been completed on my website, but no payment went through. In the relevant Order listed on my website, the relevant correct error is listed in the payments tab.
Scenario 04 (Enrolled but invalid response from ACS), Scenario 07 (Incorrect password entered), Scenario 08 (Authentication Unavailable), Scenario 09 (Invalid response from ACS), in all these cases, the 3D Secure window is correctly called, and in all cases, the payments are rejected. But along with the relevant correct error there are an additional errors displayed:
Notice: Undefined variable: log in _commerce_realex_process_3dsecure_verifysig_response() (line 336 of /var/www/vhosts/mydomain.com/sites/all/modules/commerce_realex/includes/commerce_realex_remote_3dsecure.inc).
Notice: Undefined index: instance_id in commerce_realex_remote_transaction_save() (line 760 of /var/www/vhosts/mydomain.com/sites/all/modules/commerce_realex/includes/commerce_realex_remote.inc).
And for Scenario 09 there is the following additional error
Notice: Undefined index: orderid in commerce_realex_remote_transaction_save() (line 761 of /var/www/vhosts/mydomain.com/sites/all/modules/commerce_realex/includes/commerce_realex_re
Scenario 05 (Successful authentication) and Scenario 06 (Issuing bank with Attempt server) both worked as they should.
Sorry for long email, but this is over my head I'm afraid. So, I thought it was best to send all info.
Any ideas?
F
| Comment | File | Size | Author |
|---|---|---|---|
| #3 | settings.jpg | 160.45 KB | frankdesign |
Comments
Comment #1
stella commented@frankdesign what's the setting you've given "Require liability shift where possible" in the settings?
Comment #2
stella commented@frankdesign I can't reproduce the issues locally, but then my code base is slightly different because of redirect functionality that I'm in the final stages of testing with Realex on. I've committed all my code (which should get rid of those undefined variable warnings) so if you could attempt it again I'd appreciate it. However, just don't use the redirect payment method in production yet :)
If you can send me more info on your configuration settings that'd be useful too.
Comment #3
frankdesign commentedStella
Apologies for the delay in getting back to you - I was moving office so I was up to my neck sorting that.
I tried uninstalling the Realex Payment module and deleting the Enabled payment method rule. I then deleted the old module from the server and copied over the new dev module. Installed it and ran update.php. I re-configured the Enabled payment method rule using the setting supplied from Realex and I'm afraid the same errors exist. I also tried the above again but installing v1.0 of the module instead and all worked correctly except for the ECI on the Cardholder not enrolled scenario.
I have a tick in the box for Require liability shift where possible as directed by Realex. I've attached a screen grab of the Payment Rule settings. If you need anymore info, please let me know.
Thanks
F
Comment #4
stella commentedFrank - I still can't reproduce. If you're still getting errors, can you paste them in here? Because the errors should have changed line number at the very least, if not some disappeared.
Comment #5
frankdesign commentedStella
Sorry only getting back to this now!
I've updated to the latest dev version and I am getting the following errors on the 3D Secure Card Numbers from Realex
Scenario 1 - Cardholder Not Enrolled
On clicking Place Order on the Review Order page, 3D Secure is called. It shouldn't be as the card type is not enrolled with 3D Secure. When I click Submit in the 3D Secure window that is displayed, the website goes back to the Review Order page and displays the following error:
3D Secure verification failed. Payment could not be processed: Authentication Failed.
Notice: Undefined variable: log in _commerce_realex_process_3dsecure_verifysig_response() (line 336 of /var/www/vhosts/onhealthcare.ie/dev.onhealthcare.ie/sites/all/modules/commerce_realex/includes/commerce_realex_remote_3dsecure.inc).
Notice: Undefined index: instance_id in commerce_realex_remote_transaction_save() (line 763 of /var/www/vhosts/onhealthcare.ie/dev.onhealthcare.ie/sites/all/modules/commerce_realex/includes/commerce_realex_remote.inc).
Scenario 02 (Unable to Verify Enrollment)
The 3D Secure window was not called (although it should). And the transaction appears to have been completed on my website, it displays the Thanks for Placing the Order page and emails are issued to the customer and to the store admin of the order. But no payment went through.
In the payments tab, the following error is displayed:
Status 110, Not Enrolled.
Order ID: 84-20150325174436,
Timestamp: 20150325174439
XID: zz38PtM5WpV9IHMM7Nq3JJtM8j0=
In the recent log messages there is one PHP error and one Commerce Realex error
PHP:
Notice: Undefined variable: log in commerce_realex_remote_do_3dsecure_verify_enrolled_request() (line 141 of /var/www/vhosts/onhealthcare.ie/dev.onhealthcare.ie/sites/all/modules/commerce_realex/includes/commerce_realex_remote_3dsecure.inc).
Commerce Payment:
Payment failed: Not Enrolled
Scenario 03 (Invalid response from Enrollment Server)
This is the same as Scenario 2 - 3D Secure was not called and the website displays the Thanks for Placing the Order page and emails are issued to the customer and to the store admin of the order. But no payment went through.
In the Payments tab, the following error is displayed:
Status 520, Incorrect Root Element Name (Should be ThreeDSecure).
Order ID: ,
Timestamp: 20150325175105
In the Recent Log Messages, there are two PHP errors and one Commerce Realex error:
PHP 1:
Notice: Undefined variable: log in commerce_realex_remote_do_3dsecure_verify_enrolled_request() (line 141 of /var/www/vhosts/onhealthcare.ie/dev.onhealthcare.ie/sites/all/modules/commerce_realex/includes/commerce_realex_remote_3dsecure.inc).
PHP 2:
Notice: Undefined index: orderid in commerce_realex_remote_transaction_save() (line 764 of /var/www/vhosts/onhealthcare.ie/dev.onhealthcare.ie/sites/all/modules/commerce_realex/includes/commerce_realex_remote.inc).
Commerce Realex:
Payment failed: Incorrect Root Element Name (Should be ThreeDSecure)
Scenario 04 (Enrolled but invalid response from ACS)
In this case, the 3D Secure window is correctly called, and the transaction is correctly rejected. But extra errors appear on screen:
3D Secure verification failed. Payment could not be processed: Authentication Failed.
Notice: Undefined variable: log in _commerce_realex_process_3dsecure_verifysig_response() (line 336 of /var/www/vhosts/onhealthcare.ie/dev.onhealthcare.ie/sites/all/modules/commerce_realex/includes/commerce_realex_remote_3dsecure.inc).
Notice: Undefined index: instance_id in commerce_realex_remote_transaction_save() (line 763 of /var/www/vhosts/onhealthcare.ie/dev.onhealthcare.ie/sites/all/modules/commerce_realex/includes/commerce_realex_remote.inc).
Scenario 05 (Successful authentication)
This works as expected - 3D Secure is called and transaction is competed and payment is transferred.
Scenario 06 (Issuing bank with Attempt server)
This works as expected - 3D Secure is called and transaction is competed and payment is transferred.
Scenario 07 (Incorrect password entered)
In this case, the 3D Secure window is correctly called, and the transaction is correctly rejected. But extra errors appear on screen:
3D Secure verification failed. Payment could not be processed: Authentication failed. Please check your password and try again..
Notice: Undefined variable: log in _commerce_realex_process_3dsecure_verifysig_response() (line 336 of /var/www/vhosts/onhealthcare.ie/dev.onhealthcare.ie/sites/all/modules/commerce_realex/includes/commerce_realex_remote_3dsecure.inc).
Notice: Undefined index: instance_id in commerce_realex_remote_transaction_save() (line 763 of /var/www/vhosts/onhealthcare.ie/dev.onhealthcare.ie/sites/all/modules/commerce_realex/includes/commerce_realex_remote.inc).
Scenario 08 (Authentication Unavailable)
In this case, the 3D Secure window is correctly called, and the transaction is correctly rejected. But extra errors appear on screen:
3D Secure verification failed. Payment could not be processed: Authentication failed, service temporarily unavailable. Please try again later..
Notice: Undefined variable: log in _commerce_realex_process_3dsecure_verifysig_response() (line 336 of /var/www/vhosts/onhealthcare.ie/dev.onhealthcare.ie/sites/all/modules/commerce_realex/includes/commerce_realex_remote_3dsecure.inc).
Notice: Undefined index: instance_id in commerce_realex_remote_transaction_save() (line 763 of /var/www/vhosts/onhealthcare.ie/dev.onhealthcare.ie/sites/all/modules/commerce_realex/includes/commerce_realex_remote.inc).
Scenario 09 (Invalid response from ACS)
In this case, the 3D Secure window is correctly called, and the transaction is correctly rejected. But extra errors appear on screen:
3D Secure verification failed. Payment could not be processed: Incorrect PARes Root Element Name (Should be ThreeDSecure).
Notice: Undefined variable: log in _commerce_realex_process_3dsecure_verifysig_response() (line 336 of /var/www/vhosts/onhealthcare.ie/dev.onhealthcare.ie/sites/all/modules/commerce_realex/includes/commerce_realex_remote_3dsecure.inc).
Notice: Undefined index: instance_id in commerce_realex_remote_transaction_save() (line 763 of /var/www/vhosts/onhealthcare.ie/dev.onhealthcare.ie/sites/all/modules/commerce_realex/includes/commerce_realex_remote.inc).
Notice: Undefined index: orderid in commerce_realex_remote_transaction_save() (line 764 of /var/www/vhosts/onhealthcare.ie/dev.onhealthcare.ie/sites/all/modules/commerce_realex/includes/commerce_realex_remote.inc).
In all cases above, I was logged in as user1 and using Commerce Realex 7.x-1.0+11-dev and Drupal Commerce 3D Secure Support 7.x-1.0-beta+0-dev
If you need any other info, please let me know
Thanks
Frank
Comment #6
stella commentedHi Frank,
So I've committed more code now and a new dev version (dated today) has been created. The changes include fixes for the undefined variable warnings you included above (though these were just warnings and weren't related to the problems you were having) as well as logging of the verifyenrolled and verifysig api calls to the payment section of the order. These logs show the eci, xid, enrolled, etc values _returned_ by Realex, as well as any error message received. I also fixed error handling - where errors received weren't being printed to the screen.
While implementing the logging I noticed something weird happening to me. For example, for the successful auth scenario, the eci returned in the verifysig step should be 7, whereas it's returning 6. I also noticed other intermittent errors being returned, even when testing the same scenario multiple times. So I contacted Realex and they've told me that there is an issue with the 3D secure test pit at the moment and will get back to me as soon as they hear from Visa that it is resolved.
Unfortunately, I can't dig in any further to the issues you're describing as a result, and it may be that you're encountering the same issues too. We just have to wait and see.
Comment #7
stella commentedClosing (outdated)