My site is using the following API to process payments for our opayo account

1. The user journey is as follows
2. User goes to purchase and enters card details
3. System redirect to the 3D Secure portal
4. They verify with their bank and we receive the 3DS Response with TransStatus "Y" if authenticated
5. Then we attempt to complete the purchase

The GUIDs used have been altered and created just to highlight what a request would look like

Initial request JSON

{
  "transactionType": "Payment",
  "paymentMethod": {
    "card": {
      "merchantSessionKey": "75F49481-3826-48F8-9035-9C75EBEE9870",
      "cardIdentifier": "BC794F08-F532-41B0-B524-A2AB25CF4C50",
      "save": "false"
    },
    "threeDSServerTransID": null,
    "acsTransID": null
  },
  "vendorTxCode": "efb2131e-694d-487b-8635-8c2c58a1rrews4",
  "merchantSessionId": "efb2131e-694d-487b-8635-8c2c58a1rrews4",
  "amount": 1,
  "currency": "GBP",
  "description": "01 TEST",
  "apply3DSecure": "Force",
  "customerFirstName": "Test",
  "customerLastName": "Payer 1",
  "billingAddress": {
    "address1": "88",
    "city": "test city",
    "postalCode": "412",
    "country": "GB"
  },
  "entryMethod": "Ecommerce",
  "strongCustomerAuthentication": {
    "notificationURL": "url/Basket/HandleThreeDSResponse?MerchantSessionKey=75F49481-3826-48F8-9035-9C75EBEE9870",
    "browserIP": "ipaddress",
    "browserAcceptHeader": "\\*/\\*",
    "browserJavascriptEnabled": true,
    "browserLanguage": "en-GB",
    "browserUserAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0",
    "challengeWindowSize": "Small",
    "transType": "GoodsAndServicePurchase",
    "browserJavaEnabled": true,
    "browserColorDepth": "1",
    "browserScreenHeight": "400",
    "browserScreenWidth": "400",
    "browserTZ": "0",
    "cReq": "",
    "cRes": null,
    "threeDSNotificationURL": "url/Basket/HandleThreeDSResponse?MerchantSessionKey=75F49481-3826-48F8-9035-9C75EBEE9870"
  }
}

3D Response

{
  "threeDSServerTransID": "52b845a5-2dad-4530-8f89-8cca9d9bffff",
  "acsTransID": "b3679ed4-f630-452f-a9f6-38e3fe4rtgd3",
  "messageType": "CRes",
  "messageVersion": "2.2.0",
  "transStatus": "Y"
}

Completion Request JSON

{
  "amount": 1,
  "billingAddress": {
    "address1": "88",
    "city": "test city",
    "country": "GB",
    "postalCode": "412"
  },
  "currency": "GBP",
  "customerFirstName": "Test",
  "customerLastName": "Payer 1",
  "description": "01 - TEST",
  "entryMethod": "Ecommerce",
  "transactionType": "Payment",
  "paymentMethod": {
    "card": {
      "merchantSessionKey": "75F49481-3826-48F8-9035-9C75EBEE9870",
      "cardIdentifier": "BC794F08-F532-41B0-B524-A2AB25CF4C50"
    },
    "threeDSServerTransID": "52b845a5-2dad-4530-8f89-8cca9d9bffff",
    "acsTransID": "b3679ed4-f630-452f-a9f6-38e3fe4rtgd3",
    "transStatus": "Y"
  },
  "vendorTxCode": "efb2131e-694d-487b-8635-8c2c58a1rrews4",
  "merchantSessionId": "efb2131e-694d-487b-8635-8c2c58a1rrews4"
}

Completion Response

{"description":"Merchant session key or card identifier invalid","code":1011}

We are sending the same MerchantSessionKey and CardIdentifier from the initial request and i cant see any of the calls returning new values to use.

Has anyone managed to get around this issue, the original docs for this api seem to have been removed as its changed hands several times.

Any help would be appreciated