Authentication Request (Lookup)
To trigger 3DS authentication request. This API will return challenge or frictionless result.
Note:
• Please refer to the step number 5 in the above diagram.
• Please refer to the Appendix B for the 3DSS API authentication.
Request
Required data in this request:
Browser Request Fields format and description
Header
Field Name | Data type | Format | Example | Description | Requirement |
---|---|---|---|---|---|
Authorization | String | Bearer xxxx | Required | ||
Content-Type | String | application/json | Required |
Body
Field Name | Data type | Format | Example | Description | Requirement |
---|---|---|---|---|---|
externalReferenceId | String | 50 digits | Unique Id for this authentication transaction (MerchantReferenceNumber) | Required | |
ddcId | String | 50 digits | Same value in DDC request | Required | |
threeDsRequestorAuthInd | String | 2 digits | PaymentTransaction = "01" RecurringTransaction = "02" InstalmentTransaction = "03" AddCard = "04" MaintainCard = "05" CardholderVerification = "06" | Indicates the type of Authentication request | Required |
session | String | 1024 chars | 3DS Requestor session data that is returned by the ACS in the final CRes | Optional | |
browserInfo | Object | table "Browser" | See Browser Fields format and description | Information about cardholder browser | Required |
notificationUrl | String | Uri | Url where will send final CRes at end of challenge. If null, 3DS Server will receive final CRes | Optional | |
challengeWindowSize | Int | 1 digit | 250 X 400 =1, 390 X 400 =2, 500 X 600 =3, 600 X 400 = 4, Full Screen = 5 | Dimensions of the challenge window that has been displayed to the Cardholder, in pixels | Optional Default = 3 |
acquirerCode | String | max 15 chars | BANK CODE | Code of Acquirer - Provided by 2c2p for each partner/merchant/acquirer. For 3DS Requestor this is always will be “3DS Requestor” | Required |
acquirerBIN | Override the acquiring institution identification code (the Acquirer BIN) that is currently configured in the 2C2P profile. | Required | |||
merchantCode | String | max 35 chars | Override the Acquirer Merchant identifier configured in the Merchant's profile. Same as the merchantId. | Required | |
deviceChannel | Int | 1 digit | 2 | Device Channel, valid value follows: 1- App (App-based) 2 - BRW (Browser-based) 3 - 3RI | Required |
messageCategory | String | 2 digits | "01" | "01" - Payment "02" - Non payment | Required |
threeDsRequestorChallengeInd | Int | 1 digit | NoPreference = 1, NoChallengeRequested = 2, ChallengeRequested = 3, ChallengeRequired = 4 No challenge requested (strong consumer authentication is already performed) = 7 | Indicates whether a challenge is requested for this transaction Default = 1 | Optional |
messageVersion | String | 8 digits | Values active: 2.0.0 Deprecated 2.1.0 Active 2.2.0 Active 2.3.0 Pending | Protocol version identifier This shall be the Protocol Version Number of the specification utilized by the system creating this message. | Optional |
requestFeatures | integer | Values accepted: 0 to 99 | Indicates whether the 3DS Requestor requests the ACS to utilize Visa DAF, Decoupled Authentication, Merchants WhiteList. (for 2.2.0 protocol) "0" - No Features - Enable only this feature - 0(0000), "1" - DAF Feature - Enable only this feature - 1(0001), "2" - Merchant WhiteList - Enable only this feature - 2(0010), "3" - Decouple Authentication - Enable only this feature - 4(0100) | Optional | |
threeDsRequestorDecMaxTime | integer | 5 digits | Values accepted: 1-10080 (default=15) | Indicates the maximum amount of time that the 3DS Requestor will wait for an ACS to provide the results of a Decoupled Authentication transaction (in minutes). | Optional |
threeDsRequestorAuthenticationInfo | Object | table "3DS Requestor Authentication Information" | See 3DS Requestor Authentication Information Fields format and description | Require if threeDsRequestorChallengeInd = 7 | |
card | Object | table "Card" | See Card Fields format and description | Required | |
merchantName | String | maximum 50 chars | “MERCHANT COMP1” | This is 3DS Requestor merchant name which will be displayed on OTP Challenge page to customer | Optional |
purchase | Object | table "Purchase" | See Purchase Fields format and description | Purchase information. Can't use for 3RI | Required if messageCategory is "01" |
recurring | Object | table "Recurring" | See Recurring Fields format and description | Recurring information. Can't use for 3RI | Optional |
instalmentData | Int | Indicates the maximum number of authorizations permitted for instalment payments. Can't use for 3RI | Required, if "threeDsRequestorAuthInd " is "03" | ||
requestor | Object | table "Requestor" | See Requestor Fields format and description | Information about initiator of 3DS flow | Optional. If null - 3DS Server becomes Requestor. |
billingAddress | Object | table "Address" | See Address Fields format and description | Information about billing address of cardholder | Optional. Some ACS may require it. |
shippingAddress | Object | table "Address" | See Address Fields format and description | Information about shipping address of cardholder | Optional. Some ACS may require it. |
String | maximum 254 characters | [email protected] | Cardholder email | Optional. Some ACS may require it. | |
homePhone | Object | table "Phone" | See Phone Fields format and description | Cardholder home phone number | Optional. Some ACS may require it. |
mobilePhone | Object | table "Phone" | See Phone Fields format and description | Cardholder mobile phone number | Optional. Some ACS may require it. |
workPhone | Object | table "Phone" | See Phone Fields format and description | Cardholder work phone number | Optional. Some ACS may require it. |
accountInfo | Object | table "AccountInfo" | See AccountInfo Fields format and description | Information about the Cardholder’s account provided by the 3DS Requestor | Optional |
additionalAccountInfo | Object | table "AdditionalInfo" | See AdditionalInfo Fields format and description | Additional information about the Cardholder’s account provided by the 3DS Requestor | Optional |
merchantRiskInfo | Object | table "MerchantRiskIndicator" | See MerchantRiskIndicator Fields format and description | Merchant’s assessment of the level of fraud risk for the specific authentication | Optional |
Browser Fields format and description
Field Name | Data Type | Format | Example | Description | Requirement |
---|---|---|---|---|---|
acceptHeader | String | max 2048 chars | "image/webp,image/apng,image/,/*;q=0.8" | Exact content of the HTTP accepts headers as sent to the 3DS Requestor from the Cardholder’s | Required |
ip | String | max 45 chars | "192.168.123.123" "2001:0db8:85a3:0000:0000:8a2e:0370:7334" | IP address of the cardholder browser. | Optional |
javascriptEnabled | Bool | true/false | true | Value is returned from the navigator.javascriptEnabled property | Required |
javaEnabled | Bool | true/false | true | Value is returned from the navigator.javaEnabled property | Required |
language | String | 1-8 chars | "en-GB" | Value is returned from the navigator.language property | Required |
colorDepth | String | 1-2 chars | "24" | Value is returned from the screen.colorDepth property | Required |
screenHeight | String | 1-6 chars | "782" | Value is returned from the screen.height property | Required |
screenWidth | String | 1-6 chars | "1452" | Value is returned from the screen.width property | Required |
timeZone | String | 1-5 chars | "-420" | Value is returned from the "new Date().getTimezoneOffset()" method | Required |
userAgent | String | max 2048 chars | "Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Mobile Safari/537.36" | Exact content of the HTTP user-agent header | Required |
3DS Requestor Authentication Information Fields format and description
Field Name | Data Type | Format | Description | Requirement |
---|---|---|---|---|
authenticationData | string | JSON (maximum 20,000 characters) | Data that documents and supports a specific authentication process. In the current version of the specification, this data element is not defined in detail, however the intention is that for each 3DS Requestor Authentication Method, this field carry data that the ACS can use to verify the authentication process. For example, if the 3DS Requestor Authentication Method is: • 03, then this element can carry information about the provider of the federated ID and related information. • 06, then this element can carry the FIDO attestation data (including the signature). • 07, then this element can carry FIDO Attestation data with the FIDO assurance data signed. • 08, then this element can carry the SRC assurance data. | Required |
authenticationTimestamp | string | YYYYMMDDHHMM (12 characters) | Date and time in UTC of the customer authentication | Required |
Card Fields format and description
Field Name | Data Type | Format | Description | Requirement |
---|---|---|---|---|
expiryDate | string | YYMM | Expiry Date of the PAN or token supplied to the 3DS Requestor by the Cardholder | Optional |
cardNumber | string | 13–19 chars | Account number that will be used in the authorization request for payment transactions. May be represented by PAN, token | Required |
cardholderName | string | 2-45 chars | Name of the Cardholder Alphanumeric special characters(English language and special characters only), listed in EMV Book 4, “Appendix B”. | Optional |
Requestor Fields format and description
Field Name | Data Type | Format | Description | Requirement |
---|---|---|---|---|
id | string | max 35 chars | DS assigned 3DS Requestor identifierRequestor identifier | Required |
name | string | max 40 chars | DS assigned 3DS Requestor Name | Required |
url | string | max 2048 chars | Fully qualified URL of 3DS Requestor website or customer care site | Required |
cardholderAccountId | string | max 64 chars | Additional account id of cardholder in requestor environment | Optional |
Address Fields format and description
Field Name | Data Type | Format | Example | Description | Requirement |
---|---|---|---|---|---|
countryCode | string | ISO 3166-13 chars | "THA" | numeric three letter country code | Required |
city | string | max 50 chars | "Bangkok" | name of city | Optional |
postCode | string | max 16 chars | "10310" | ZIP or other postal code | Optional |
line1 | string | max 50 chars | "Ratchadapisek" | street address of cardholder | Optional |
line2 | string | max 50 chars | "12/124 New Condo" | street address of cardholder | Optional |
line3 | string | max 50 chars | street address of cardholder | Optional | |
state | string | ISO 3166-2 max 3 chars | "10" | The state or province of cardholder | Optional |
Purchase Fields format and description
Field Name | Data Type | Format | Example | Description | Requirement |
---|---|---|---|---|---|
date | string | yyyy-MM-dd HH:mm:ss | "2020-06-08 22:11:44" | UTC datetime of purchase | Required |
instalData | int | Example values accepted: • 2 • 02 • 002 | Maximum 3 characters Values accepted: Value shall be greater than 1 | Indicates the maximum number of authorisations permitted for instalment payments. | Optional - Essential if 3DS Requestor Authentication Indicator = 03. Omitted if not an instalment payment authentication |
amount | decimal | decimal value | 120.10 | amount of purchase | Required |
currencyCode | string | 3 digit ISO 4217 | "THB" | currency code | Required |
Recurring Fields format and description
Field Name | Data Type | Format | Example | Description | Requirement |
---|---|---|---|---|---|
expiry | string | YYYYMMDD | “20210501” | Date after which no further authorizations shall be performed | Required, if "threeDsRequestorAuthInd" is "02" or "03" |
frequency | int | 1 - 9999 | 10 | Indicates the minimum number of days between authorizations | Required, if "threeDsRequestorAuthInd" is "02" or "03" |
Phone Fields format and description
Field Name | Data Type | Format | Example | Description | Requirement |
---|---|---|---|---|---|
countryCode | String | 1–3 chars | "1" | country code of phone number | Required |
subscriber | String | max 15 chars | "1234567899" | phone number | Required |
AccountInfo Fields format and description
Field Name | Data Type | Format | Example | Description | Requirement |
---|---|---|---|---|---|
chAccAgeInd | String | 2 digit string | NoAccount = "01", CreatedDuringThisTransaction = "02", LessThan30Days = "03", From30To60Days = "04", MoreThan60Days = "05" | Length of time that the cardholder has had the account with the 3DS Requestor | Optional |
chAccChange | String | "yyyyMMdd" | 20201224 | Date that the cardholder’s account with the 3DS Requestor was last changed | Optional |
chAccChangeInd | String | 2 digit string | DuringThisTransaction = "01", LessThan30Days = "02", From30To60Days = "03", MoreThan60Days = "04" | Length of time since the cardholder’s account information with the 3DS Requestor was last changed | Optional |
chAccDate | String | "yyyyMMdd" | "20201224" | Date that the cardholder opened the account with the 3DS Requestor | Optional |
chAccPwChange | String | "yyyyMMdd" | "20201224" | Date that cardholder’s account with the 3DS Requestor had a password change or account reset | Optional |
chAccPwChangeInd | String | 2 digit string | NoChange = "01", ChangedDuringThisTransaction ="02", LessThan30Days = "03", From30To60Days = "04", MoreThan60Days = "05" | Indicates the length of time since the cardholder’s account with the 3DS Requestor had a password change | Optional |
nbPurchaseAccount | String | max 4 chars | "1234" | Number of purchases with this cardholder account during the previous six months | Optional |
provisionAttemptsDay | String | max 3 chars | "123" | Number of Add Card attempts in the last 24 hours | Optional |
txnActivityDay | String | max 3 chars | "123" | Number of transactions (successful and abandoned) for this cardholder account with the 3DS Requestor across all payment accounts in the previous 24 hours | Optional |
txnActivityYear | String | max 3 chars | "123" | Number of transactions (successful and abandoned) for this cardholder account with the 3DS Requestor across all payment accounts in the previous year | Optional |
paymentAccAge | String | yyyyMMdd | "20201224" | Date that the payment account was enrolled in the cardholder’s account with the 3DS Requestor | Optional |
paymentAccInd | String | 2 digit string | NoAccount = "01", CreatedDuringThisTransaction = "02", LessThan30Days = "03", From30To60Days = "04", MoreThan60Days = "05" | Indicates the length of time that the payment account was enrolled in the cardholder’s account with the 3DS Requestor | Optional |
shipAddressUsage | String | yyyyMMdd | "20201224" | Date when the shipping address used for this transaction was first used with the 3DS Requestor | Optional |
shipAddressUsageInd | String | 2 digit string | DuringThisTransaction = "01", LessThan30Days = "02", From30To60Days = "03", MoreThan60Days = "04" | Indicates when the shipping address used for this transaction was first used with the 3DS Requestor | Optional |
shipNameIndicator | String | 2 digit string | AccountNameIdenticalToShippingName = "01", AccountNameDifferentToShippingName = "02" | Indicates if the Cardholder Name on the account is identical to the shipping Name used for this transaction | Optional |
suspiciousAccActivity | String | 2 digit string | NoSuspiciousActivityObserved = "01", SuspiciousActivityHasBeenObserved = "02" | Indicates whether the 3DS Requestor has experienced suspicious activity (including previous fraud) on the cardholder account | Optional |
AdditionalInfo Fields format and description
Field Name | Data Type | Format | Example | Description | Requirement |
---|---|---|---|---|---|
accountType | Number | 1 digit | NotApplicable = 1, Credit = 2, Debit = 3 | Indicates the type of account. For example, for a multi-account card product | Optional |
authenticationMethod | int | 1 digit | NoAuth = 1, LoginUsingOwnCredentials = 2, LoginUsingFederatedId = 3, LoginUsingIssuerCredentials = 4, LoginUsingThirdParty = 5, LoginUsingFido = 6 | Mechanism used by the Cardholder to authenticate to the 3DS Requestor | Optional |
authenticationTimeStamp | String | yyyyMMddHHmmss | "20200608221144" | Date and time in UTC of the cardholder authentication | Optional |
MerchantRiskIndicator Fields format and description
Field Name | Data Type | Format | Example | Description | Requirement |
---|---|---|---|---|---|
deliveryEmailAddress | String | "[email protected]" | For Electronic delivery, the email address to which the merchandise was delivered | Optional | |
deliveryTimeframe | String | 2 digit | ElectronicDelivery = "01", SameDayShipping = "02", OvernightShipping = "03", TwoDayOrMoreShipping = "04" | Indicates the merchandise delivery timeframe | Optional |
giftCardAmount | String | max 15 chars | "1234" | For prepaid or gift card purchase, the purchase amount total of prepaid or gift card(s) in major units. (for example, USD 123.45 is 123) | Optional |
giftCardCount | String | 2 chars | "12" | For prepaid or gift card purchase, total count of individual prepaid or gift cards/codes purchased | Optional |
giftCardCurr | String | 3 chars | "840" | For prepaid or gift card purchase, the currency code of the card as defined in ISO 4217. | Optional |
preOrderDate | String | "yyyyMMdd" | "20201224" | For a pre-ordered purchase, the expected date that the merchandise will be available | Optional |
preOrderPurchaseInd | String | 2 digit | MerchandiseAvailable = "01", FutureAvailability = "02" | Indicates whether Cardholder is placing an order for merchandise with a future availability or release | Optional |
reorderItemsInd | String | 2 digit | FirstTimeOrdered = "01", Reordered = "02" | Indicates whether the cardholder is reordering previously purchased merchandise | Optional |
shipIndicator | String | 2 digit | ToCardholderBillingAddress = "01", ToAnotherVerifiedAddressOnFileWithMerchant = "02", ToAddressThatDifferentThanBillingAddress = "03", ShipToStore = "04", DigitalGoods = "05", TravelAndEventTickets = "06", Other = "07" | Indicates shipping method chosen for the transaction | Optional |
Full Request example
Request Header
POST /authentication/brw
Content-Type: application/json
Authorization: Bearer xxx
Request Body
BrowserThreeDomainMessage
{
"externalReferenceId" : "9555559a72ad4-cae1-4da7-d96d3deaf",
"ddcId" : "333399a72ad4-cae1-879c-258d96d3deaf",
"acquirerCode": "3DS Requestor",
"acquirerBin": "4444411",
"session": "99a72ad4-cae1-4da7-879c-258d96d3deaf",
"threeDsRequestorAuthInd": "01",
"notificationUrl": "{URL}",
"threeDsRequestorChallengeInd": 1,
"messageVersion":"2.1.0",
"requestFeatures": 0,
"browserInfo": {
"acceptHeader": "gzip, deflate, br;en-US,en;q=0.9",
"ip": "49.49.248.202",
"javascriptEnabled": true,
"javaEnabled": false,
"language": "en-US",
"colorDepth": "24",
"screenHeight": "720",
"screenWidth": "1280",
"timeZone": -420,
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67"
},
"deviceChannel": 2,
"messageCategory": "01",
"merchantCode": "EBAY",
"merchantName": "EBAY Company 1",
"requestor": {
"id": "az0123456789",
"name": "2C2P Pte Ltd",
"url": "https://www.2c2p.com",
"cardholderAccountId": "04"
},
"billingAddress": {
"countryCode": "785",
"city": "43",
"postCode": "123321",
"line1": "3",
"line2": "4",
"line3": "4",
"state": "esf"
},
"shippingAddress": {
"countryCode": "785",
"city": "43",
"postCode": "123321",
"line1": "3",
"line2": "4",
"line3": "4",
"state": "esf"
},
"purchase": {
"date": "2021-08-07 10:29:19 ",
"amount": 100,
"currencyCode": "THB"
},
"card": {
"expiryDate": "2106",
"cardNumber": "4646470000000064",
"cardholderName": "Visa4646"
},
"email": "string",
"homePhone": {
"countryCode": "123",
"subscriber": "123456789"
},
"mobilePhone": {
"countryCode": "123",
"subscriber": "123456789"
},
"workPhone": {
"countryCode": "123",
"subscriber": "123456789"
},
"accountInfo": {
"accountAgeIndicator": "05",
"accountChangeDate": "20210809",
"accountChangeDateIndicator": "04",
"accountDate": "20210809",
"accountPasswordChangeDate": "20210809",
"accountPasswordChangeDateIndicator": "05",
"accountPurchaseNumber": "1",
"provisionAttemptsDay": "1",
"txnActivityDay": "1",
"txnActivityYear": "1",
"paymentAccountAge": "20210809",
"paymentAccountAgeIndicator": "string",
"shippingAddressUsageDate": "20210809",
"shippingAddressUsageDateIndicator": "04",
"shipNameIndicator": "01",
"suspiciousAccountActivity": "01"
},
"additionalAccountInfo": {
"accountType": "00",
"authenticationMethod": "04",
"authenticationTimeStamp": "202108090235"
},
"merchantRiskInfo": {
"deliveryEmailAddress": "[email protected]",
"deliveryTimeframe": "02",
"giftCardAmount": "1",
"giftCardCount": "01",
"giftCardCurr": "840",
"preOrderDate": "20210809",
"preOrderPurchaseInd": "02",
"reorderItemsInd": "01",
"shipIndicator": "01"
}
}
Response
Field Name | Data Type | Required | Format | Example | Description |
---|---|---|---|---|---|
challengeHtml | String | HTML | <form name='creqForm' method='POST' action='{URL} Please click here to continue | HTML with form, which contains Base64Url encoded initial CReq. This is optional for 3DS Requestor. 3DS Requestor will use only the hostedChallengeUrl field. | |
version | String | 10 chars | This field contains the 3DS version that was used to process the transaction. Possible Values: 1.0.2 2.1.0 2.2.0 Note: Required for Mastercard Identity Check transactions in Authorization | Message Protocol version | |
hostedChallengeUrl | String | Y | The fully qualified URL that the client uses to post the cardholder in order to complete the Consumer Authentication transaction for 2c2p 3dss challenge page API integration. Note: This is only for a 2c2p challenge page Integration 3DS Requestor called this one as “stepUpUrl” | ||
dsTransId | String | UUID 36 characters | "91147cb8-d836-44e0-a1cc-b8e25040297f", | DS transaction id | |
acsTransId | String | Y | UUID 36 characters | "f38f4639-b820-4dbb-91af-6643f997bd69", | ACS transaction id |
threeDsServerTransId | String | Y | UUID 36 characters | "3dc1a061-ca59-4c87-b104-3d2bd04ed3e5" | 3DS Server transaction id |
status | String | Y | 1 char | Transactions status result identifier. Possible Values: Y - Successful Authentication N - Failed Authentication / Account Not Verified / Transaction Denied U - Unable to Complete Authentication A - Successful Attempts Transaction C** - Challenge Required for Authentication R** - Authentication Rejected (Merchant must not submit for authorization) D - Challenge Required; Decoupled Authentication confirmed. I - Informational Only; 3DS Requestor challenge preference acknowledged. NOTE:Statuses of C and R only apply to Consumer authentication 2.0. Decoupled authentication is not supported at this time. | Status of the authentication. If the status is “C”, 3DS Requestor should redirect to the hosted challenge URL. |
authenticationValue | String | 28 chars | "xgTukdwAAAAAAAAAAAAAAAAAAAA=" | Proof of authentication - Only when the Transactions Status is “A” or “Y” | |
eci | String | Y | 2 chars | “05” | Electronic Commerce Indicator (ECI) - Not available when the Transaction Status is “C” Electronic Commerce Indicator (ECI). The ECI value is part of the 2 data elements that indicate the transaction was processed electronically. This should be passed on the authorization transaction to the Gateway/Processor.Possible Values: 02 or 05 - Fully Authenticated Transaction01 or 06 - Attempted Authentication Transaction 00 or 07 - Non 3-D Secure Transaction Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS CLUB - 05, 06, 07 Union Pay International: 05, 06, 07 |
cardScheme | String | Card brand that the transaction was processed for authentication. Possible Values: AMEX DISCOVER JCB MASTERCARD VISA UNKNOWN UPI ITMX TPN | |||
cardBin | String | Card bin represents the first six numbers of the CardNumber field passed in on the cmpi_lookup request. | |||
externalReferenceId | String | Y | Unique ID from the merchant level. Merchant Reference Number. | ||
StatusReason | String | Y | Provides additional information as to why the PAResStatus has the specific value. NOTE: Required for Payment (e.g. Authentication Indicator equals 01 on Lookup Request) transactions when PAResStatus is equal to N, U, or R in the Lookup Response. Please refer to "EMV 3-D Secure Protocol and Core Functions Specification v2.2.0" for a list of Reason Codes. | ||
acsReferenceNumber | String | Y | Unique identifier assigned by the EMVCo Secretariat upon Testing and Approval. | ||
acsOperatorId | String | Y | DS assigned ACS identifier. Each DS can provide a unique ID to each ACS on an individual basis. | ||
authenticationType | String | 2 digit | Indicates the type of authentication that will be used to challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out of Band) 04 - Decoupled NOTE: EMV® 3-D Secure version 2.1.0 supports values 01-03. Version 2.2.0 supports values 01-04. Decoupled authentication is not supported at this time. | Optional |
BrowserThreeDomainMessage – Challenge
{
"challengeHtml": "<iframe id="ChallengeResponse" srcdoc="<html><head></head><body>
<form name='creqForm' method='POST' action='{URL}'>
<input type='hidden' name='creq'
value='eyJtZXNzYWdlVHlwZSI6IkNSZXEiLCJjaGFsbGVuZ2VXaW5kb3dTaXplIjoiMDUiLCJ0aHJlZURT
U2VydmVyVHJhbnNJRCI6IjBmYzI4ZmJiLWYwM2EtNGJhMS05YmZjLWJmMmEzMzgwNWJkYSIsImFj
c1RyYW5zSUQiOiIxOTY5ZmJiZi1jMDQ5LTRhNTItYWQyZS1iYTA3MTZjNTIxMTgiLCJtZXNzYW
dlVmVyc2lvbiI6IjIuMS4wIn0' />
</form>
<script type='text/javascript'>document.creqForm.submit();</script>
</body></html>" style="width:600px; height: 400px; border:none; box-shadow: rgba(0, 0, 0, 0.21) 0 0 10px 0px">
</iframe>",
"hostedChallengeUrl":"{URL}",
"status": "C",
"acsTransId":"91147cb8-d836-44e0-a1cc-b8e25040297f",
"dsTransId":"f38f4639-b820-4dbb-91af-6643f997bd69",
"threeDsServerTransId": "3dc1a061-ca59-4c87-b104-3d2bd04ed3e5",
"version": "2.1.0",
"cardScheme" : " ",
"cardBin" : " ",
"externalReferenceId" : " ",
"statusReason" : " ",
"acsReferenceNumber" : " ",
"acsOperatorId" : " "
}
BrowserThreeDomainMessage - Frictionless
{
"status": "Y",
"authenticationValue": "AJkBAZcCNgAAD0JAdkI5dJYnSBk=",
"dsTransId": "7acc0f07-67dd-4e7a-b914-f84c58f4d77c",
"acsTransId": "681b9e9f-04bc-4a99-9947-6b1c31ad1b30",
"threeDsServerTransId": "77372bf8-a8ea-48b9-9459-7b20790a98a5",
"version": "2.1.0",
"eci":"05",
"cardScheme" : " ",
"cardBin" : " ",
"externalReferenceId" : " ",
"statusReason" : " ",
"acsReferenceNumber" : " ",
"acsOperatorId" : " "
}
Response (if transaction is in error)
Field Name | Data Type | Format | Example | Description |
---|---|---|---|---|
status | String | 1 char | "U" - authentication failed | Transactions status result identifier. Possible Values: N - Failed Authentication / Account Not Verified / Transaction Denied U - Unable to Complete Authentication A - Successful Attempts Transaction C** - Challenge Required for Authentication R** - Authentication Rejected (Merchant must not submit for authorization) |
error | String | 255 varchar | "2.0 is not supported for this card" | Error Description |
errorCode | String | 4 chars | "A002" | Error code |
emvErrorCode | String | 3 characters | Code indicating the type of problem identified in the message. | Required in Message Error |
emvErrorComponent | String | 1 character | Code indicating the 3-D Secure component that identified the error. | Required in Message Error |
emvErrorDescription | String | 2048 characters | Text describing the problem identified in the message. | Required in Message Error |
emvErrorDetail | String | 2048 characters | Additional detail regarding the problem identified in the message. | Required in Message Error |
BrowserThreeDomainMessage
{
"status": "string",
"error": "string",
"errorCode": "string",
"emvError": {
"emvErrorCode": "string",
"emvErrorComponent": "string",
"emvErrorDescription": "string",
"emvErrorDetail": "string"}
}
Updated 3 months ago