Implement Braintree 3D Secure 2 via the client-side threeDSecureVerifyCard flow combined with server-side verification before nonce submission

Verified steps

1. Initialize the Braintree client SDK with a client token obtained from your server via the Braintree server SDK's ClientToken.generate() method
2. Create a 3D Secure component using braintree.threeDSecure.create() and call verifyCard() with the nonce from the card fields component, the amount, and the billing address; the SDK handles AReq/ARes and the challenge UI internally
3. verifyCard() returns a payload containing a new nonce and a liabilityShifted boolean; only proceed to server-side charge if liabilityShifted is true or your business rules permit proceeding without it
4. Submit the new 3DS-wrapped nonce to your server; on the server, use the Braintree server SDK to call transaction.sale() with the nonce and pass threeDSecurePassThrough data if needed
5. Before completing the sale, optionally retrieve the payment method nonce details from Braintree and verify the threeDSecureInfo.liabilityShiftPossible and liabilityShifted fields server-side as a second check
6. Handle the case where the issuer cannot perform 3DS (e.g., card not enrolled); decide based on your policy whether to proceed with liabilityShifted=false or decline