2.1.0
2.2.0
2.3.1 APP
BRW
3RI | 3DS protocol version identifier. |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI | Identifies whether this is a payment or non-payment 3DS authentication. For example, a non-payment 3DS authentication may be used when a customer adds a card to their account, but does not make a purchase. Options:01 | Payment authentication (PA) | 02 | Non-payment authentication (NPA) |
|
threeDSServerTransID
string
2.1.0
2.2.0
2.3.1 APP
BRW
3RI | The unique identifier (UUID) for tracking the transaction throughout the 3DS process. Example: "c5584543-b67e-5117-bb34-3567ac6a1123" |
2.1.0
2.2.0
2.3.1 APP | Universally unique transaction identifier assigned by the 3DS SDK to identify a single transaction. Example: "a3384543-b67e-5117-bb34-4567ac6a1123" |
2.3.1 APP
BRW
3RI | The unique identifier (UUID) used by the ACS for tracking the transaction throughout the 3DS process. Must be provided in the Challenge Request. May be provided in the threeDSReqPriorRef
field in order to identify a prior authentication. Example: "214a549e-2310-4359-b590-c53a20adcc78" |
2.3.1 APP
BRW
3RI | The unique identifier (UUID) used by the directory server for tracking the transaction throughout the 3DS process.
Provided for information only. Example: "a3384543-b67e-5117-bb34-4567ac6a1123" |
2.3.1 APP | Indicates whether the ACS will use decoupled authentication. Show definition
|
2.1.0
2.2.0
2.3.1 | The user interface type which the ACS will use to present the challenge. Options:01 | Native UI | 2.1.0
2.2.0
2.3.1 | 02 | HTML UI | 2.1.0
2.2.0
2.3.1 |
| 2.1.0
2.2.0
2.3.1 | The user interface template which the ACS will present to the cardholder. Options:01 | Text field | 2.1.0
2.2.0
2.3.1 | 02 | Single select field (e.g. dropdown field) | 2.1.0
2.2.0
2.3.1 | 03 | Multi select field (e.g. checkbox fields) | 2.1.0
2.2.0
2.3.1 | 04 | Out-of-Band (OOB) (e.g. using the issuing bank's mobile app) | 05 | HTML other | 2.1.0
2.2.0
2.3.1 | 06 | HTML OOB | 2.3.1 | 07 | Information | 2.3.1 |
|
|
2.3.1 APP
BRW
3RI | Information about the cardholder. Show definition
|
| Text provided by the issuer to be displayed to the cardholder. | | The URL of the issuer's logo or image to be displayed to the cardholder. | paymentSystemImage
string
| The URL of the payment system's logo or image to be displayed to the cardholder. |
|
authenticationType
string
2.1.0
2.2.0
2.3.1 APP
BRW | DEPRECATED Deprecated in favour of authenticationMethod . For 2.3.1 requests, the first authenticationMethod is values are mapped an equivalent value in this field. Options:01 | Static, for example, a password or passcode | 02 | Dynamic, for example, a one time password (OTP) | 03 | Out-of-Band (OOB), for example, using the issuing bank's mobile app | 04 | Decoupled Authentication |
|
authenticationMethod
array
2.3.1 | Indicates the list of authentication types used by the ACS to challenge the Cardholder, when in what was used by the ACS. Options:01 | Static Passcode | 02 | SMS OTP | 03 | Key fob or EMV card reader OTP | 04 | App OTP | 05 | OTP Other | 06 | KBA | 07 | OOB Biometrics | 08 | OOB Login | 09 | OOB Other | 10 | Other | 11 | Push Confirmation | 12 | Decoupled | 13 | WebAuthn | 14 | SPC | 15 | Behavioural biometrics | 16 | Electronic ID |
|
authenticationValue
string
2.1.0
2.2.0
2.3.1 APP
BRW
3RI | The card scheme specific value to be used for authorising the transaction.
Also referred to as "CAVV" (Cardholder Authentication Verification Value) by Visa,
AAV (Accountholder Authentication Value) by Mastercard
and AEVV (American Express Verification Value) by American Express. There are limitations on when and for how long the authenticationValue can be stored. Please refer to the Payment Card Industry 3-D Secure (PCI 3DS)
guide for further details. |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI | Indicates the outcome of the authenticate request, and how to proceed. Options:Y | Authentication Successful | The authentication was successful, continue to authorisation using the authenticationValue from the Result Response. | 2.1.0
2.2.0
2.3.1 | A | Authentication Attempted | 3DS was attempted but was not possible. However the card scheme granted a successful authentication on the issuer's behalf. | 2.1.0
2.2.0
2.3.1 | N | Authentication Failed | The authentication failed, stop processing the transaction. | 2.1.0
2.2.0
2.3.1 | U | Authentication Unavailable | Authentication could not be performed. You may attempt to proceed to authorisation without an authenticationValue. | 2.1.0
2.2.0
2.3.1 | R | Authentication Rejected | The issuer rejected the authentication attempt and requests that authorisation is not attempted. | 2.1.0
2.2.0
2.3.1 | S | Challenge using SPC | Challenge using SPC | 2.3.1 |
|
2.1.0
2.2.0
2.3.1 APP
BRW
3RI | Provides information on the transStatus value. Options:01 | Card authentication failed | 2.1.0
2.2.0
2.3.1 | 02 | Unknown device | 2.1.0
2.2.0
2.3.1 | 03 | Unsupported device | 2.1.0
2.2.0
2.3.1 | 04 | Exceeds authentication frequency limit | 2.1.0
2.2.0
2.3.1 | 05 | Expired card | 2.1.0
2.2.0
2.3.1 | 06 | Invalid card number | 2.1.0
2.2.0
2.3.1 | 07 | Invalid transaction | 2.1.0
2.2.0
2.3.1 | 08 | No card record | 2.1.0
2.2.0
2.3.1 | 09 | Security failure | 2.1.0
2.2.0
2.3.1 | 10 | Stolen card | 2.1.0
2.2.0
2.3.1 | 11 | Suspected fraud | 2.1.0
2.2.0
2.3.1 | 12 | Transaction not permitted to cardholder | 2.1.0
2.2.0
2.3.1 | 13 | Cardholder not enrolled in service | 2.1.0
2.2.0
2.3.1 | 14 | Transaction timed out at the ACS | 2.1.0
2.2.0
2.3.1 | 15 | Low confidence | 2.1.0
2.2.0
2.3.1 | 16 | Medium confidence | 2.1.0
2.2.0
2.3.1 | 17 | High confidence | 2.1.0
2.2.0
2.3.1 | 18 | Very high confidence | 2.1.0
2.2.0
2.3.1 | 19 | Exceeds ACS maximum challenges | 2.1.0
2.2.0
2.3.1 | 20 | Non-payment (NPA) transaction not supported | 2.1.0
2.2.0
2.3.1 | 21 | 3RI transaction not supported | 2.1.0
2.2.0
2.3.1 | 22 | ACS technical issue | 2.1.0
2.2.0
2.3.1 | 23 | Decoupled authentication required by ACS but not requested by 3DS Requestor | 2.1.0
2.2.0
2.3.1 | 24 | 3DS Requestor decoupled authentication max expiry time exceeded | 2.1.0
2.2.0
2.3.1 | 25 | Insufficient time provided for decoupled authentication to authenticate cardholder. ACS will not attempt authentication | 2.1.0
2.2.0
2.3.1 | 26 | Authentication attempted but not performed by the cardholder | 2.1.0
2.2.0
2.3.1 | 27 | Preferred Authentication Method not supported | 2.3.1 | 28 | Validation of content security policy failed | 2.3.1 | 29 | Authentication attempted but not completed by the Cardholder. Fall back to Decoupled Authentication | 2.3.1 | 30 | Authentication completed successfully but additional authentication of the Cardholder required. Reinitiate as Decoupled Authentication | 2.3.1 | 80 | Identity Check Insights | Mastercard | 2.1.0
2.2.0
2.3.1 | 80 | Error connecting to ACS | Visa | 2.1.0
2.2.0
2.3.1 | 81 | ACS Timed Out | Visa | 2.1.0
2.2.0
2.3.1 | 82 | Invalid Response from ACS | Visa | 2.1.0
2.2.0
2.3.1 | 83 | System Error Response from ACS | Visa | 2.1.0
2.2.0
2.3.1 | 84 | Transaction not processed by Smart Authentication Stand-In due to challenge cancellation | Mastercard | 2.1.0
2.2.0
2.3.1 | 84 | Internal Error While Generating CAVV | Visa | 2.1.0
2.2.0
2.3.1 | 85 | VMID not eligible for requested program | Visa | 2.1.0
2.2.0
2.3.1 | 86 | Protocol Version Not Supported by ACS | Visa | 2.1.0
2.2.0
2.3.1 | 87 | Device Channel is 3RI therefore did not route to Smart Authentication Stand-In | Mastercard | 2.1.0
2.2.0
2.3.1 | 87 | Transaction is excluded from Attempts Processing which includes non-reloadable pre-paid cards and non-payment authentications | Visa | 2.1.0
2.2.0
2.3.1 | 88 | 3DS Requestor Prior Transaction Authentication Data was provided but not found by the ACS or it was expired | Mastercard | 2.1.0
2.2.0
2.3.1 | 88 | Requested program not supported by the ACS | Visa | 2.1.0
2.2.0
2.3.1 |
|
transStatusReasonInfo
string
2.3.1 | Transaction Status Reason Information |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI | Electronic Commerce Indicator - a payment system specific value which indicates the result of the attempt to authenticate the cardholder. Options:00 | Authentication Failed | Mastercard | 01 | Authentication attempted, but not completed | Mastercard | 02 | Authentication Successful | Mastercard | 05 | Authentication Successful | Visa, American Express, Discover, JCB, UnionPay | 06 | Authentication attempted, but not completed | Visa, American Express, Discover, JCB, UnionPay | 07 | Authentication Failed | Visa, American Express, Discover, JCB, UnionPay |
|
interactionCounter
string
2.1.0
2.2.0
2.3.1 APP
BRW | The number of authentication attempts by the cardholder, for example, they may attempt a second time if they enter their password incorrectly. |
2.1.0
2.2.0
2.3.1 APP
BRW | Indicates that the authentication was cancelled Options:01 | Cardholder selected "Cancel" | 2.1.0
2.2.0
2.3.1 | 02 | 3DS Requestor cancelled authentication | 2.1.0
2.2.0
2.3.1 | 03 | Transaction abandoned | 2.1.0
2.2.0
2.3.1 | 04 | Transaction timed out at ACS | 2.1.0
2.2.0
2.3.1 | 05 | Transaction timed out at ACS - First Challenge Request (CReq) not received by the ACS | 2.1.0
2.2.0
2.3.1 | 06 | Transaction error | 2.1.0
2.2.0
2.3.1 | 07 | Unknown | 2.1.0
2.2.0
2.3.1 | 08 | Transaction Timed Out 3DS SDK | 2.3.1 | 09 | Error Message in response to the CRes message sent by the ACS | 2.3.1 | 10 | Error Message in response to the CReq message received by the ACS | 2.3.1 |
|
challengeErrorReporting
object
2.3.1 APP
BRW | Copy of the Error Message sent or received by the ACS in case of error in the CReq/CRes messages. Show definition
|
| The 3DS error message type. Will always be the four character, 3DS message type "Erro" . Example: "Erro" | | The 3DS error message protocol version. Note, this is the version of the error message, which may not be the same as the version used by the 3DS transaction. Example: "2.2.0" | threeDSServerTransID
string
| The unique 3DS Server identifier for the 3DS transaction which encountered the error. | | The unique Directory Server identifier for the 3DS transaction which encountered the error. | | The unique ACS identifier for the 3DS transaction which encountered the error. | | The unique 3DS SDK identifier for the 3DS transaction which encountered the error. | | The 3DS component which identified the error. Note, this is not the component where the error originated. If the value is "S" the Ravelin 3DS Server identified an error in the directory server response.
The directory server will have been notified. If the value is "D" or "A" the directory server or ACS identified an error and Ravelin have been notified.
See the errorDescription and errorDetail for more information. If the value is "C" the Ravelin SDK identified an error while validating data received from the ACS during or
before a challenge took place.
In such a case, the Ravelin SDK will notify the requestor application and where applicable the ACS itself. Options:S | 3DS Server | D | Directory Server (DS) | A | Access Control Server (ACS) | C | 3DS SDK |
| | A description of the problem which caused the error. | | Additional detail regarding the problem which caused the error. | | The 3DS Error code. This can be used to group 3DS errors into certain categories. Check the errorDescription and errorDetail fields for more information. Note, this is not the HTTP status code. Options:101 | Invalid message | 102 | 3DS message version not supported | 201 | A required field is missing | 202 | Critical message extensions not recognised | 203 | The format of one or more of the fields is invalid | 204 | One or more fields is duplicated | 301 | A transaction ID was invalid (threeDSServerTransID, dsTransID, acsTransID or sdkTransID) | 302 | Data decryption failure | 303 | Access denied | 304 | ISO country or currency code was invalid | 305 | Transaction data was invalid | 306 | Merchant Category Code (MCC) was invalid for the payment system | 308 | Signature Verification Failure | 309 | Validation against content security policies Failure | 310 | Incorrect Cryptographic Algorithm | 311 | Incorrect kid | 312 | Duplicate message | 314 | Multiple CReq messages not supported | 315 | CReq message received after the RReq message | 402 | Transaction timed out | 403 | Transient system failure | 404 | Permanent system failure | 405 | System connection failure |
| | The 3DS message type which was identified as containing an error. |
|
2.2.0
2.3.1 APP
BRW
3RI | DEPRECATED Deprecated in favour of trustListStatus . Options:Y | Merchant is trusted by cardholder | N | Merchant has not yet been trusted by cardholder | E | Not eligible as determined by issuer | P | Pending confirmation by cardholder | R | Cardholder rejected the request to trust the merchant | U | Trusted status unknown, unavailable, or does not apply |
|
2.2.0
2.3.1 APP
BRW
3RI | Indicates whether the cardholder has added the merchant to their list of trusted merchants. A cardholder can typically only choose to trust a merchant after successfully completing a challenge. A cardholder may not be required to complete a challenge with a merchant they have previously trusted. Options:Y | Merchant is trusted by cardholder | N | Merchant has not yet been trusted by cardholder | E | Not eligible as determined by issuer | P | Pending confirmation by cardholder | R | Cardholder rejected the request to trust the merchant | U | Trusted status unknown, unavailable, or does not apply |
|
whiteListStatusSource
string
2.2.0
2.3.1 APP
BRW
3RI | DEPRECATED Deprecated in favour of trustListStatusSource . Options:01 | 3DS Server | 02 | Directory Server (DS) | 03 | Access Control Server (ACS) |
|
trustListStatusSource
string
2.2.0
2.3.1 APP
BRW
3RI | Identifies the system which set the whiteListStatus value. Options:01 | 3DS Server | 02 | Directory Server (DS) | 03 | Access Control Server (ACS) |
|
deviceBindingStatus
string
2.3.1 APP
BRW
3RI | Enables the communication of Device Binding Status between the ACS, the DS and the 3DS Requestor. For bound devices (value = 11–14), Device Binding Status also conveys the type of binding that was performed. Options:01 | Device is not bound by Cardholder | 02 | Not eligible as determined by Issuer | 03 | Pending confirmation by Cardholder | 04 | Cardholder rejected the request | 05 | Device Binding Status unknown, unavailable, or does not apply | 11 | = Device is bound by Cardholder (device is bound using hardware / SIM internal to the Consumer Device. For instance, keys stored in a secure element on the device) | 12 | Device is bound by Cardholder (device is bound using hardware external to the Consumer Device. For example, an external FIDO Authenticator) | 13 | Device is bound by Cardholder (Device is bound using data that includes dynamically generated data and could include a unique device ID) | 14 | Device is bound by Cardholder (Device is bound using static device data that has been obtained from the Consumer Device) | 15 | Device is bound by Cardholder (Other method) |
|
deviceBindingStatusSource
string
2.3.1 APP
BRW
3RI | This data element will be populated by the system setting Device Binding Status. |