What does this error mean?
The payment_intent.authentication_failed error (also seen as the decline code authentication_required or authentication_failed) occurs when Stripe initiates a 3D Secure (3DS) authentication challenge and it does not complete successfully. A PaymentIntent was created, but the cardholder or their bank did not confirm identity through the additional verification step.
In the Stripe API, this surfaces as a PaymentIntent in status requires_payment_method with last_payment_error.code = "authentication_failed".
Why does this error occur?
- User closed the 3DS window. The bank's pop-up or redirect was dismissed before the OTP was entered.
- Authentication timed out. Most banks allow only 5โ10 minutes to complete 3DS. If that window lapses, the authentication is marked as failed.
- Incorrect OTP entered. The SMS code or app-generated code was wrong.
- Outdated banking app. 3DS version 2 requires an up-to-date mobile banking app.
- Bank-side server issue. The issuer's authentication server was temporarily unavailable.
- Card does not support 3DS. Some older cards cannot complete a 3DS challenge and the bank declines the authentication.
How to fix the error
- Start a new payment. A PaymentIntent that failed authentication cannot be reused โ you must create a new one. This usually happens automatically when you click the pay button again on the merchant's site.
- Do not close the 3DS window. On your next attempt, wait for the bank's authentication page to fully load before doing anything else.
- Check for the SMS and your internet connection. Make sure you're receiving your bank's SMS and that your connection is stable.
- Update your banking app. If your bank uses push notifications instead of SMS, the app must be current.
- Call your bank. Confirm that 3DS is enabled on your card and that there are no temporary service outages.
- Try a different browser or device. Ad blockers and certain browser settings can prevent the 3DS iframe from loading correctly. Try incognito mode or a different browser.
FAQ
Can I reuse a PaymentIntent after authentication_failed? No. You need a new PaymentIntent. On the merchant's site, simply clicking the pay button again will generate a new one automatically.
What if the 3DS window never opens at all? Disable any ad blocker, allow pop-ups for the merchant's site, and try again in an incognito or private browsing window.
Why is 3DS smoother with Marix virtual cards? Marix cards fully support 3DS v2 with a streamlined authentication flow โ no complex bank server chains or unexpected timeouts.
Repeatedly hitting 3DS issues when paying for international services? Marix virtual cards offer a reliable, friction-free payment experience for cross-border transactions.

