2.1.0
2.2.0
2.3.1 APP
BRW
3RI optional | The 3DS protocol version to be used for the 3DS authentication. If the version is not provided we default to the versionRecommendation returned
in the Version Response.
You should populate fields according to the selected messageVersion. See the guidance here
for 3DS protocol versions supported by different card schemes. Minimum length: 4 Maximum length: 8 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI required | Identifies whether this is a payment or non-payment 3DS authentication. For example, a non-payment 3DS authentication may be used when a customer adds a card to their account, but does not make a purchase. Options:01 | Payment authentication (PA) | 02 | Non-payment authentication (NPA) |
|
2.1.0
2.2.0
2.3.1 APP
BRW
3RI required | Indicates the channel being used to initiate the authentication. Options:01 | App-based (APP) | 02 | Browser (BRW) | 03 | 3DS Requestor Initiated (3RI) |
|
threeDSServerTransID
string
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Universally unique transaction identifier assigned by the 3DS Server to identify a single transaction. Example: "c5584543-b67e-5117-bb34-3567ac6a1123" Conditions:Required when deviceChannel is Browser, and a threeDSServerTransID has already been returned in the Version Response. In this case the same threeDSServerTransID should be used. Length: 36 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Purchase amount in minor units of currency with all punctuation removed. Example: "10000" Conditions:Required for Payment Authentications (PA). Required for Non-Payment Authentications (NPA) when threeDSRequestorAuthenticationInd is Recurring transaction (02 ) or Instalment transaction (03 ). |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Currency in which purchaseAmount is expressed (ISO 4217 three-digit
numeric currency code). Must be "036" (AUD) when cardScheme is eftpos . Example: "826" Conditions:Required for Payment Authentications (PA). Required for Non-Payment Authentications (NPA) when threeDSRequestorAuthenticationInd is Recurring transaction (02 ) or Instalment transaction (03 ). |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Minor units of currency as specified in the ISO 4217 currency exponent. Example: "2" Conditions:Required for Payment Authentications (PA). Required for Non-Payment Authentications (NPA) when threeDSRequestorAuthenticationInd is Recurring transaction (02 ) or Instalment transaction (03 ). |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Date and time of the purchase expressed in UTC. Format: YYYYMMDDhhmmss Conditions:Required for Payment Authentications (PA). Required for Non-Payment Authentications (NPA) when threeDSRequestorAuthenticationInd is Recurring transaction (02 ) or Instalment transaction (03 ). |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | The Primary Account Number (PAN) of the card being used for the transaction.
If EMV Tokenisation is supported, this may be an EMV Payment Token instead of a PAN. This field is cardholder data. Submission of this field requires PCI DSS SAQ-D certification. Please see our PCI DSS documentation for more information. Example: "4900000000001234" Conditions:Either a pan or a client side encrypted payment method must be provided |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI optional | Expiry date of the PAN or token. Format: YYMM Example: "2105" Length: 4 |
2.1.0
2.2.0
2.3.1 BRW required | Indicates whether the 3DS Method
successfully completed. This should be set to N if the method request has not completed
after 10 seconds. Options:Y | Successfully completed | N | Did not successfully complete | U | Unavailable - the 3DS Method URL was not present in the Version Response |
|
2.3.1 BRW conditional | Contains the 3DS Server Transaction ID used during the previous execution of the 3DS Method. Conditions:Required if 3DS Requestor reuses previous 3DS Method execution. Maximum length: 36 |
threeDSRequestorID
string
2.1.0
2.2.0
2.3.1 APP
BRW
3RI required | The 3DS requestor identifier assigned by the card scheme. See the
guidance here
for the requirements of different card schemes. For testing in sandbox account, send any string up to 26 characters long. Example: "example-requestor-id" |
threeDSRequestorName
string
2.1.0
2.2.0
2.3.1 APP
BRW
3RI required | 3DS Requestor name assigned by the card scheme. See the
guidance here
for the requirements of different card schemes. Example: "Example Requestor Name" Maximum length: 40 |
threeDSRequestorURL
string
2.1.0
2.2.0
2.3.1 APP
BRW
3RI required | Fully qualified URL of 3DS Requestor website or customer support website. Example: "https://www.example-requestor.com" |
threeDSRequestorAuthenticationInd
string
2.1.0
2.2.0
2.3.1 APP
BRW required | Indicates the type of 3DS authentication request. Options:01 | Payment transaction | 2.1.0
2.2.0
2.3.1 | 02 | Recurring transaction | 2.1.0
2.2.0
2.3.1 | 03 | Instalment transaction | 2.1.0
2.2.0
2.3.1 | 04 | Add card | 2.1.0
2.2.0
2.3.1 | 05 | Maintain card | 2.1.0
2.2.0
2.3.1 | 06 | Cardholder verification as part of EMV token ID&V | 2.1.0
2.2.0
2.3.1 | 07 | Billing Agreement | 2.1.0
2.2.0
2.3.1 | 08 | Split shipment | 2.3.1 | 09 | Delayed shipment | 2.3.1 | 10 | Split payment | 2.3.1 |
|
threeDSRequestorAuthenticationInfo
array
2.1.0
2.2.0
2.3.1 APP
BRW optional | Information about how the 3DS Requestor authenticated the cardholder before or during the transaction. For 2.1.0 & 2.2.0 requests only the first element will be accepted. This field is now an array and the single element format is being deprecated. Show definition
Maximum length: 3 |
threeDSReqAuthData
string
2.3.1 optional | Data that documents and supports a specific authentication process. Maximum length: 50000 | threeDSReqAuthMethod
string
optional | Mechanism used by the cardholder to authenticate with the 3DS Requestor. Options:01 | Cardholder did not log in | 2.1.0
2.2.0
2.3.1 | 02 | Cardholder logged in using a username and password | 2.1.0
2.2.0
2.3.1 | 03 | Cardholder logged in using using federated ID | 2.1.0
2.2.0
2.3.1 | 04 | Cardholder logged in using using issuer credentials | 2.1.0
2.2.0
2.3.1 | 05 | Cardholder logged in using using third-party authentication | 2.1.0
2.2.0
2.3.1 | 06 | Cardholder logged in using using FIDO Authenticator | 2.1.0
2.2.0
2.3.1 | 07 | Cardholder logged in using using FIDO Authenticator (FIDO assurance data signed) | 2.2.0
2.3.1 | 08 | SRC Assurance Data | 2.2.0
2.3.1 | 09 | SPC Authentication | 2.3.1 | 10 | Electronic ID Authentication Data | 2.3.1 |
| threeDSReqAuthTimestamp
string
2.3.1 optional | Date and time in UTC of the cardholder authentication. Format: YYYYMMDDHHMM Example: "202004011000" |
|
threeDSRequestorChallengeInd
array
2.1.0
2.2.0
2.3.1 APP
BRW optional | Indicates whether a challenge is requested for this transaction. Note When providing two preferences, the 3DS Requestor ensures that they are in preference order and are not conflicting. For example, 02 = No challenge requested and 04 = Challenge requested (Mandate) For 2.1.0 & 2.2.0 requests only the first value will be accepted. This field is now an array and the single value string format is being deprecated. Options:01 | No preference | 2.1.0
2.2.0
2.3.1 | 02 | No challenge requested | 2.1.0
2.2.0
2.3.1 | 03 | Challenge requested (3DS Requestor preference) | 2.1.0
2.2.0
2.3.1 | 04 | Challenge requested (mandate, e.g. required for PSD2 compliance) | 2.1.0
2.2.0
2.3.1 | 05 | No challenge requested (transactional risk analysis is already performed) | 2.2.0
2.3.1 | 06 | No challenge requested (data share only) | 2.2.0
2.3.1 | 07 | No challenge requested (strong consumer authentication is already performed) | 2.2.0
2.3.1 | 08 | No challenge requested (utilise trustlist exemption if no challenge required) | 2.2.0
2.3.1 | 09 | Challenge requested (trustlist prompt requested if challenge required) | 2.2.0
2.3.1 | 10 | No challenge requested (use low value exemption) | 2.3.1 | 11 | No challenge requested (Secure corporate payment exemption) | 2.3.1 | 12 | Challenge requested (Device Binding prompt requested if challenge required) | 2.3.1 | 13 | Challenge requested (Issuer requested) | 2.3.1 | 14 | Challenge requested (Merchant-initiated transactions) | 2.3.1 | 80-99 | Reserved for Directory Server use | 2.1.0
2.2.0
2.3.1 |
Maximum length: 2 |
threeDSRequestorDecMaxTime
string
2.2.0
2.3.1 APP
BRW
3RI optional | Indicates the maximum amount of time that the 3DS Requestor will wait for an ACS to provide the results of a Decoupled Authentication transaction (in minutes).
Numeric values between 00001 and 10080 are accepted. Example: "00005" Length: 5 |
threeDSRequestorDecReqInd
string
2.2.0
2.3.1 APP
BRW
3RI optional | Indicates whether the 3DS Requestor requests the ACS to utilise Decoupled Authentication and agrees to utilise Decoupled Authentication if the ACS confirms its use.
If the element is not provided, the expected action is for the ACS to default to a value of N (that is, to not use Decoupled Authentication). Options:Y | Decoupled Authentication is supported and preferred if challenge is necessary | 2.1.0
2.2.0
2.3.1 | N | Do not use Decoupled Authentication | 2.1.0
2.2.0
2.3.1 | F | Decoupled Authentication is supported and is to be used only as a fallback challenge method if a challenge is necessary (Transaction Status = D in RReq). | B | Decoupled Authentication is supported and can be used as a primary or fallback challenge method if a challenge is necessary (Transaction Status = D in either ARes or RReq). |
|
threeDSRequestorPriorAuthenticationInfo
array
2.1.0
2.2.0
2.3.1 APP
BRW
3RI optional | Information about how the 3DS Requestor authenticated the cardholder as part of a previous 3DS transaction. For 2.1.0 & 2.2.0 requests only the first element will be accepted. This field is now an array and the single element format is being deprecated. Show definition
Maximum length: 3 |
threeDSReqPriorDsTransId
string
2.3.1 optional | This data element provides the prior DS Transaction ID to the ACS to determine the best approach for handling a request. This data element contains a DS Transaction ID for a prior authenticated transaction (for example, the first recurring transaction that was authenticated with the Cardholder). Example: "c5584543-b67e-5117-bb34-3567ac6a1123" Length: 36 | threeDSReqPriorAuthData
string
2.3.1 optional | Data that documents and supports a specific authentication process. Maximum length: 20000 | threeDSReqPriorAuthMethod
string
optional | Mechanism used by the Cardholder to previously authenticate to the 3DS Requestor. Options:01 | Frictionless authentication occurred by ACS | 2.1.0
2.2.0
2.3.1 | 02 | Cardholder challenge occurred by ACS | 2.1.0
2.2.0
2.3.1 | 03 | AVS verified | 2.1.0
2.2.0
2.3.1 | 04 | Other issuer methods | 2.1.0
2.2.0
2.3.1 | 05 | SPC authentication | 2.3.1 |
| threeDSReqPriorAuthTimestamp
string
2.3.1 optional | Date and time in UTC of the cardholder authentication. Format: YYYYMMDDHHMM | threeDSReqPriorRef
string
2.3.1 optional | An ACS Transaction ID for a prior authenticated transaction (for example, the first recurring transaction that was authenticated with the cardholder). Maximum length: 36 |
|
threeDSRequestorSpcSupport
string
2.3.1 BRW optional | Indicates whether the 3DS Requestor supports SPC authentication. If present, this field contains the value Y. |
2.3.1 optional | The origin of the payee that will be provided in the SPC Transaction Data. Fully qualified URL. Maximum length: 2048 |
2.1.0
2.2.0
2.3.1 3RI required | Indicates the type of 3DS requestor initiated request. Options:01 | Recurring transaction | 2.1.0
2.2.0
2.3.1 | 02 | Instalment transaction | 2.1.0
2.2.0
2.3.1 | 03 | Add card | 2.1.0
2.2.0
2.3.1 | 04 | Maintain card information | 2.1.0
2.2.0
2.3.1 | 05 | Account verification | 2.1.0
2.2.0
2.3.1 | 06 | Split/delayed shipment | 2.2.0
2.3.1 | 07 | Top-up | 2.2.0
2.3.1 | 08 | Mail order | 2.2.0
2.3.1 | 09 | Telephone order | 2.2.0
2.3.1 | 10 | Whitelist status check | 2.2.0
2.3.1 | 11 | Other payment | 2.2.0
2.3.1 | 12 | Billing Agreement | 2.2.0
2.3.1 | 13 | Device Binding status check | 2.3.1 | 14 | Card Security Code status check | 2.3.1 | 15 | Delayed shipment | 2.3.1 | 16 | Split payment | 2.3.1 | 17 | FIDO credential deletion | 2.3.1 | 18 | FIDO credential registration | 2.3.1 | 19 | Decoupled Authentication Fallback | 2.3.1 |
|
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Indicates the type of account. Conditions:Required in some markets (for example, for merchants in Brazil). Otherwise optional. Options:01 | Not Applicable | 02 | Credit | 03 | Debit |
|
2.1.0
2.2.0
2.3.1 APP
BRW
3RI optional | Broadcast information - structured information sent between the 3DS Server, the DS, and the ACS. Show definition
Maximum length: 4096 |
optional | Indicates the category/type of information. Options:01 | General | 02 | Certificate expiry | 03 | Fraud alert | 04 | Transactional data | 05 | Certificate expiry | 06 | Other |
Length: 2 | optional | Information to be broadcast to recipients. Maximum length: 4000 | optional | The date after which the relevance of the broadcast information expires.
Format: YYYYMMDD Length: 8 | optional | Indicates the importance/severity level of the broadcast information. Options:01 | Critical (Immediate action) | 02 | Major (Major impact) | 03 | Minor (Minor impact) | 04 | Informational (No immediate action) |
Length: 2 | optional | Indicates the intended recipient(s) of the broadcast information. Options:01 | 3DS SDK | 02 | 3DS Server | 03 | DS | 04 | ACS |
Maximum length: 3 | optional | Indicates the source of the broadcast information. Length: 2 |
|
acquirerMerchantID
string
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Acquirer-assigned merchant identifier. Conditions:Required for Payment Authentications (PA). Maximum length: 35 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Acquiring institution identification code as assigned by the DS receiving the AReq message. Example: "535522" Conditions:Required for Payment Authentications (PA). Required for Visa Non-Payment Authentications (NPA) Maximum length: 11 |
acquirerCountryCode
string
2.3.1 APP
BRW
3RI optional | The code of the country where the acquiring institution is located (in accordance with ISO 3166-1). Example: "826" |
acquirerCountryCodeSource
string
2.3.1 APP
BRW
3RI optional | This data element is populated by the system setting the Acquirer Country Code. |
2.1.0
2.2.0
2.3.1 BRW required | Example: "https://www.example-merchant.com/challenge-notification" Maximum length: 256 |
2.3.1 APP
BRW
3RI conditional | Recurring amount in minor units of currency with all punctuation removed. Example: "10000" Conditions:Required when threeDSRequestorAuthenticationInd is Recurring transaction (02 ) or Instalment transaction (03 ) Or threeRIInd is Recurring transaction (01 ) Maximum length: 48 |
2.3.1 APP
BRW
3RI conditional | Currency in which recurringAmount is expressed (ISO 4217 three-digit
numeric currency code). Example: "826" Conditions:Required when recurringAmount is provided. |
2.3.1 APP
BRW
3RI conditional | Minor units of currency as specified in the ISO 4217 currency exponent. Example: "2" Conditions:Required when recurringAmount is provided. |
2.3.1 APP
BRW
3RI conditional | Effective date of the new authorised amount following the first/promotional payment in a recurring or instalment transaction. Format: YYYYMMDDhhmmss Conditions:Required if recurringInd ('01') or / recurringFrequency ('01'). |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Date after which no further authorisations shall be performed. Format: YYYYMMDD Conditions:Required when threeDSRequestorAuthenticationInd is Recurring transaction (02 ) or Instalment transaction (03 ) |
recurringFrequency
string
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Indicates the minimum number of days between authorisations. Example: "0031" Conditions:Required when threeDSRequestorAuthenticationInd is Recurring transaction (02 ) or Instalment transaction (03 ) Maximum length: 4 |
2.3.1 APP
BRW
3RI conditional | Indicates whether the recurring or instalment payment has a fixed or variable amount and frequency. Conditions:Required when threeDSRequestorAuthenticationInd is Recurring transaction (02 ) or Instalment transaction (03 ) or threeRIInd is Recurring transaction (01 ) or Instalment transaction (02 ) Show definition
|
optional | Options:01 | Fixed Purchase Amount | 02 | Variable Purchase Amount |
| optional | Options:01 | Fixed Frequency | 02 | Variable or Unknown Frequency |
|
|
purchaseInstalData
string
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Indicates the maximum number of authorisations permitted for instalment payments. Example: "002" Conditions:Required if threeDSRequestorAuthenticationInd is Instalment transaction (03 ). Maximum length: 3 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Identifies the type of transaction being authenticated. Conditions:Required in some markets, when the messageCategory is Payment Authentication (PA) (01 ). Options:01 | Purchase of goods or services | 03 | Check acceptance | 10 | Account funding | 11 | Quasi-cash transaction | 28 | Prepaid activation and load |
|
2.1.0
2.2.0
2.3.1 BRW optional | IP address of the browser as returned by the HTTP headers to the 3DS Requestor. Example: "0.0.0.0" |
browserJavascriptEnabled
boolean
2.1.0
2.2.0
2.3.1 BRW required | Boolean that represents the ability of the cardholder browser to execute JavaScript. Example: true |
browserJavaEnabled
boolean
2.1.0
2.2.0
2.3.1 BRW conditional | Boolean that represents the ability of the cardholder browser to execute Java. Value is returned from the navigator.javaEnabled property. Example: true Conditions:Required when browserJavascriptEnabled is true. |
2.1.0
2.2.0
2.3.1 BRW conditional | The cardholder browser language as defined in IETF BCP47. Returned from navigator.language property. Example: "en" Conditions:Required when browserJavascriptEnabled is true. |
2.3.1 BRW required | Value representing the Browser language preference present in the HTTP header, as defined in IETF BCP 47. Maximum length: 99 |
2.1.0
2.2.0
2.3.1 BRW conditional | The bit depth of the browser's colour palette for displaying images. Use the closest lower option for color depths that are not in the listed options. For example if the color depth is 30, use 24 instead. Conditions:Required when browserJavascriptEnabled is true. Options:1 | 1 bit per pixel | 4 | 4 bits per pixel | 8 | 8 bits per pixel | 15 | 15 bits per pixel | 16 | 16 bits per pixel | 24 | 24 bits per pixel | 32 | 32 bits per pixel | 48 | 48 bits per pixel |
|
browserScreenHeight
string
2.1.0
2.2.0
2.3.1 BRW conditional | Total height of the cardholder’s screen (not browser window) in pixels. Example: "1080" Conditions:Required when browserJavascriptEnabled is true. Maximum length: 6 |
browserScreenWidth
string
2.1.0
2.2.0
2.3.1 BRW conditional | Total width of the cardholder’s screen (not browser window) in pixels. Example: "1920" Conditions:Required when browserJavascriptEnabled is true. Maximum length: 6 |
2.1.0
2.2.0
2.3.1 BRW conditional | Time-zone offset in minutes between UTC and the cardholder browser local time. Example: "300" Conditions:Required when browserJavascriptEnabled is true. Maximum length: 5 |
2.1.0
2.2.0
2.3.1 BRW conditional | Exact content of the HTTP user-agent header. Example: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_0_0) AppleWebKit/0.0 (KHTML, like Gecko) Chrome/0.0.0.0 Safari/0.0" Conditions:Required when deviceChannel is Browser. Maximum length: 2048 |
deviceBindingStatus
string
2.3.1 APP
BRW
3RI optional | Enables the communication of Device Binding Status between the ACS, the DS and the 3DS Requestor. For bound devices (value = 11–14), Device Binding Status also conveys the type of binding that was performed. Options:01 | Device is not bound by Cardholder | 02 | Not eligible as determined by Issuer | 03 | Pending confirmation by Cardholder | 04 | Cardholder rejected the request | 05 | Device Binding Status unknown, unavailable, or does not apply | 11 | = Device is bound by Cardholder (device is bound using hardware / SIM internal to the Consumer Device. For instance, keys stored in a secure element on the device) | 12 | Device is bound by Cardholder (device is bound using hardware external to the Consumer Device. For example, an external FIDO Authenticator) | 13 | Device is bound by Cardholder (Device is bound using data that includes dynamically generated data and could include a unique device ID) | 14 | Device is bound by Cardholder (Device is bound using static device data that has been obtained from the Consumer Device) | 15 | Device is bound by Cardholder (Other method) |
|
deviceBindingStatusSource
string
2.3.1 APP
BRW
3RI optional | This data element will be populated by the system setting Device Binding Status. |
2.3.1 BRW conditional | Unique and immutable identifier linked to a device that is consistent across 3DS transactions for the specific user device. Examples - Hardware Device ID, Platform-calculated device fingerprint. Conditions:Required if available. Maximum length: 64 |
2.3.1 BRW conditional | Identifier of the transacting user’s Browser Account ID. This identifier is a unique immutable hash of the user’s account identifier for the given Browser, provided as a string. Cardholders may have more than one account on a given Browser. Conditions:Required if available. Maximum length: 64 |
2.1.0
2.2.0
2.3.1 APP required | Universally unique transaction identifier assigned by the 3DS SDK to identify a single transaction. Obtained by calling the getSDKTransactionID() SDK method. See details Example: "a3384543-b67e-5117-bb34-4567ac6a1123" Length: 36 |
2.1.0
2.2.0
2.3.1 APP required | Universally unique ID created upon all installations of the 3DS Requestor App on a consumer device. This will be newly generated and stored by the 3DS SDK for each installation. Obtained by calling the getSDKAppID() SDK method. See details Example: "c3994512-a99f-ab17-bb66-4566ac6b1334" Length: 36 |
2.1.0
2.2.0
2.3.1 APP required | Device data encrypted by the SDK. Obtained by calling the getDeviceData() SDK method. See details Maximum length: 64000 |
2.1.0
2.2.0
2.3.1 APP required | Public key component of the ephemeral key pair generated by the 3DS SDK and used to establish session keys between the 3DS SDK and ACS. Obtained by calling the getSDKEphemeralPublicKey() SDK method. See details Maximum length: 256 |
2.1.0
2.2.0
2.3.1 APP required | Indicates maximum amount of time (in minutes) for all exchanges. Example: "05" Length: 2 |
sdkReferenceNumber
string
2.1.0
2.2.0
2.3.1 APP required | Identifies the vendor and version of the 3DS SDK that is integrated in a 3DS Requestor App. Example: "3DS_xxx_SDK_xxxx_020200_nnnnn" Maximum length: 32 |
optional | Indicates the type of 3DS SDK. |
2.3.1 APP optional | Indicates the characteristics of a Default-SDK. Show definition
|
optional | SDK implementation characteristics | optional | If the Default-SDK is embedded as a wrapped component in the 3DS Requestor App. |
|
2.3.1 APP conditional | Indicates the characteristics of a Split-SDK. Conditions:Required if sdkType = 02. Show definition
|
optional | Implementation characteristics of the Split-SDK client. Options:01 | Native Client | 02 | Browser | 03 | Shell |
| optional | If the Split-SDK client has limited capabilities. |
|
sdkServerSignedContent
string
conditional | Contains the JWS object (represented as a string) created by the Split-SDK Server for the AReq messages. Conditions:Required if SDK Type = 02. |
sdkSignatureTimestamp
string
optional | Date and time indicating when the 3DS SDK generated the Split-SDK Server Signed Content converted into UTC. Format: YYYYMMDDhhmmss Minimum length: 12 Maximum length: 14 |
2.3.1 APP optional | External IP address (i.e., the device public IP address) used by the 3DS Requestor App when it connects to the 3DS Requestor environment Example: "0.0.0.0" Maximum length: 45 |
deviceRenderOptions
object
2.1.0
2.2.0
2.3.1 APP required | Defines the SDK UI types that the device supports for displaying specific challenge user interfaces within the SDK. Show definition
|
sdkAuthenticationType
array
2.3.1 optional | Authentication methods preferred by the 3DS SDK in order of preference Options:01 | Static Passcode | 02 | SMS OTP | 03 | Key fob or EMV card reader OTP | 04 | App OTP | 05 | OTP Other | 06 | KBA | 07 | OOB Biometrics | 08 | OOB Login | 09 | OTP Other | 10 | Other | 11 | Push Confirmation |
Maximum length: 99 | 2.1.0
2.2.0
2.3.1 optional | Lists all of the SDK Interface types that the device supports for displaying specific challenge user interfaces within the SDK. | 2.1.0
2.2.0
2.3.1 optional | Lists all UI types that the device supports for displaying specific challenge user interfaces within the SDK. Options:01 | Text field | 2.1.0
2.2.0
2.3.1 | 02 | Single select field | 2.1.0
2.2.0
2.3.1 | 03 | Multi select field | 2.1.0
2.2.0
2.3.1 | 04 | OOB | 2.1.0
2.2.0
2.3.1 | 05 | HTML Other (valid only for HTML UI) | 2.1.0
2.2.0
2.3.1 | 06 | HTML OOB (valid only for HTML UI) | 2.3.1 | 07 | Information | 2.3.1 |
|
|
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Merchant name assigned by the acquirer. Conditions:Required for Payment Authentications (PA) Maximum length: 40 |
merchantCountryCode
string
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | ISO 3166-1 numeric three-digit country code of the merchant. Example: "826" Conditions:Required for Payment Authentications (PA) Length: 3 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Merchant category code. A card scheme specific code describing the merchant’s type of business, product or service. Conditions:Required for Payment Authentications (PA) Length: 4 |
merchantRiskIndicator
object
2.1.0
2.2.0
2.3.1 APP
BRW
3RI optional | Optional information about the purchase. Show definition
|
deliveryEmailAddress
string
2.1.0
2.2.0
2.3.1 optional | For electronic delivery, the email address to which the merchandise was delivered. Example: "customer@example-merchant.com" Maximum length: 254 | 2.1.0
2.2.0
2.3.1 optional | Indicates the merchandise delivery timeframe. Options:01 | Electronic Delivery | 02 | Same day shipping | 03 | Overnight shipping | 04 | Two-day or more shipping |
| 2.1.0
2.2.0
2.3.1 optional | For prepaid or gift card purchases, the purchase amount total of prepaid or gift card(s) in major units (for example, USD 123.45 is 123). Example: "123" Maximum length: 15 | 2.1.0
2.2.0
2.3.1 optional | For prepaid or gift card purchases, the total count of individual prepaid or gift cards/codes purchased. Example: "10" | 2.1.0
2.2.0
2.3.1 optional | For prepaid or gift card purchases, the ISO 4217 three-digit currency code of the gift card. Example: "826" | 2.1.0
2.2.0
2.3.1 optional | For a pre-ordered purchase, the expected date that the merchandise will be available. Format: YYYYMMDD | preOrderPurchaseInd
string
2.1.0
2.2.0
2.3.1 optional | Indicates whether the cardholder is placing an order for merchandise with a future availability or release date. Options:01 | Merchandise available | 02 | Future availability |
| 2.1.0
2.2.0
2.3.1 optional | Indicates whether the cardholder is reordering previously purchased merchandise. Options:01 | First time ordered | 02 | Reordered |
| 2.1.0
2.2.0
2.3.1 optional | Indicates the shipping method chosen for the transaction. Options:01 | Ship to cardholder’s billing address | 2.1.0
2.2.0
2.3.1 | 02 | Ship to another verified address on file with merchant | 2.1.0
2.2.0
2.3.1 | 03 | Ship to address that is different than the cardholder’s billing address | 2.1.0
2.2.0
2.3.1 | 04 | Ship to store / pick-up at local store (store address shall be populated in shipping address fields) | 2.1.0
2.2.0
2.3.1 | 05 | Digital goods (includes online services, electronic gift cards and redemption codes) | 2.1.0
2.2.0
2.3.1 | 06 | Travel and event tickets, not shipped | 2.1.0
2.2.0
2.3.1 | 07 | Other (for example, gaming, digital services not shipped, emedia subscriptions, etc.) | 2.1.0
2.2.0
2.3.1 | 08 | Pick-up and go delivery | 2.3.1 | 09 | Locker delivery (or other automated pick-up) | 2.3.1 |
| 2.3.1 optional | Options:01 | Cryptocurrency transaction | 02 | NFT transaction |
|
|
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Name of the cardholder. As per EMV guidelines, only a specific set of common characters are allowed. Please refer to Annex B ('Common Character Set') of EMV's Book 4 for more information. Example: "John Smith" Conditions:Required unless a market or regional mandate restricts sending this information. Minimum length: 2 Maximum length: 45 |
2.3.1 APP
BRW
3RI conditional | Three or four-digit security code printed on the card. Conditions:Conditional based on DS rules |
cardSecurityCodeStatus
string
2.3.1 APP
BRW
3RI optional | Enables the communication of Card Security Code Status between the ACS, the DS and the 3DS Requestor. Options:Y | Validated | N | Failed validation | U | Status unknown, unavailable, or does not apply |
|
cardSecurityCodeStatusSource
string
2.3.1 APP
BRW
3RI optional | This data element will be populated by the system setting Card Security Code Status. |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI optional | Cardholder account identifier. The customerId may be used for this field. Maximum length: 64 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI optional | Information about the cardholder's account. Show definition
|
2.1.0
2.2.0
2.3.1 optional | Length of time that the cardholder has had the account with the merchant. Options:01 | No account (guest check-out) | 02 | Changed during this transaction | 03 | Less than 30 days | 04 | 30−60 days | 05 | More than 60 days |
| 2.1.0
2.2.0
2.3.1 optional | Date that the cardholder’s account was last changed, including billing or shipping address, new payment account, or new user(s) added. Format: YYYYMMDD | 2.1.0
2.2.0
2.3.1 optional | Time since the cardholder’s account information was last changed, including billing or shipping address, new payment account, or new user(s) added. Options:01 | Changed during this transaction | 02 | Less than 30 days | 03 | 30−60 days | 04 | More than 60 days |
| 2.1.0
2.2.0
2.3.1 optional | Date that the cardholder opened the account. Format: YYYYMMDD | optional | Date that cardholder last changed their password or had their account reset. Format: YYYYMMDD | 2.1.0
2.2.0
2.3.1 optional | Time since the cardholder last changed their password or had their account reset. Options:01 | No change | 02 | Changed during this transaction | 03 | Less than 30 days | 04 | 30−60 days | 05 | More than 60 days |
| 2.1.0
2.2.0
2.3.1 optional | Number of purchases by this cardholder account during the last six months. Example: "10" | 2.3.1 optional | The 3DS Requestor assigned account identifier of the transacting Cardholder. This identifier is coded as the SHA-256 + Base64url of the account identifier for the 3DS Requestor and is provided as a String. Maximum length: 64 | provisionAttemptsDay
string
2.1.0
2.2.0
2.3.1 optional | Number of Add Card attempts in the last 24 hours. Example: "2" Maximum length: 3 | 2.1.0
2.2.0
2.3.1 optional | Number of transactions (successful and abandoned) by this cardholder account across all payment methods in the last 24 hours. Example: "1" | 2.1.0
2.2.0
2.3.1 optional | Number of transactions (successful and abandoned) by this cardholder account across all payment methods in the last year. Example: "5" | 2.1.0
2.2.0
2.3.1 optional | Date that the payment method was added to the cardholder’s account. Format: YYYYMMDD | 2.1.0
2.2.0
2.3.1 optional | Indicates the length of time since the payment method was added to the cardholder’s account. Options:01 | No account (guest check-out) | 02 | During this transaction | 03 | Less than 30 days | 04 | 30−60 days | 05 | More than 60 days |
| 2.1.0
2.2.0
2.3.1 optional | Date when the shipping address used for this transaction was first used with the 3DS Requestor. Format: YYYYMMDD | shipAddressUsageInd
string
2.1.0
2.2.0
2.3.1 optional | Indicates when the shipping address used for this transaction was first used with the 3DS Requestor. Options:01 | This transaction | 02 | Less than 30 days | 03 | 30−60 days | 04 | More than 60 days |
| 2.1.0
2.2.0
2.3.1 optional | Indicates if the cardholder name on the account is identical to the shipping name used for this transaction. Options:01 | Account name identical to shipping name | 02 | Account name different than shipping name |
| suspiciousAccActivity
string
2.1.0
2.2.0
2.3.1 optional | Indicates whether the 3DS Requestor has experienced suspicious activity (including previous fraud) on the cardholder account. Options:01 | No suspicious activity has been observed | 02 | Suspicious activity has been observed |
|
|
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | The email address associated with the account that is either entered by the Cardholder, or is on file with the 3DS Requestor. Example: "customer@example.com" Conditions:Required unless a market or regional mandate restricts sending this information. Maximum length: 254 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Home phone number. Refer to ITU-E.164 for additional information on format and length. Conditions:Required unless a market or regional mandate restricts sending this information. Show definition
|
optional | Example: "44" | optional | Example: "1234567899" Maximum length: 15 |
|
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Mobile phone number. Refer to ITU-E.164 for additional information on format and length. Conditions:Required unless a market or regional mandate restricts sending this information. Show definition
|
optional | Example: "44" | optional | Example: "1234567899" Maximum length: 15 |
|
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Work phone number. Refer to ITU-E.164 for additional information on format and length. Conditions:Required unless a market or regional mandate restricts sending this information. Show definition
|
optional | Example: "44" | optional | Example: "1234567899" Maximum length: 15 |
|
2.1.0
2.2.0
2.3.1 APP
BRW optional | Indicates whether the billing address and shipping address are the same. Options:Y | Billing address matches shipping address | N | Billing address does not match shipping address |
|
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | First line of the billing address associated with the card used for this purchase. Conditions:Required unless a market or regional mandate restricts sending this information. Maximum length: 50 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Second line of the billing address associated with the card used for this purchase. Conditions:Required unless a market or regional mandate restricts sending this information. Maximum length: 50 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Third line of the billing address associated with the card used for this purchase. Conditions:Required unless a market or regional mandate restricts sending this information. Maximum length: 50 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | The city of the billing address associated with the card used for this purchase. Conditions:Required unless a market or regional mandate restricts sending this information. Maximum length: 50 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | ISO 3166-2 country subdivision code for the state or province of the billing address
associated with the card used for this purchase.
For example, using the ISO entry US-CA (California, United States), the correct value for this field is CA .
Note that the country and hyphen are not included in this value. Conditions:Required unless a market or regional mandate restricts sending this information. Maximum length: 3 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | ZIP or other postal code of the billing address associated with the card used for this purchase. Example: "EC1V 9BP" Conditions:Required unless a market or regional mandate restricts sending this information. Maximum length: 16 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | The numeric country code of the billing address associated with the card used for this purchase. Example: "826" Conditions:Required unless a market or regional mandate restricts sending this information. Length: 3 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | First line of the shipping address requested by the cardholder. Conditions:Required unless a market or regional mandate restricts sending this information. Maximum length: 50 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Second line of the shipping address requested by the cardholder. Conditions:Required unless a market or regional mandate restricts sending this information. Maximum length: 50 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Third line of the shipping address requested by the cardholder. Conditions:Required unless a market or regional mandate restricts sending this information. Maximum length: 50 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | City of the shipping address requested by the cardholder. Example: "London" Conditions:Required unless a market or regional mandate restricts sending this information. Maximum length: 50 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | ISO 3166-2 country subdivision code for the state or province of the shipping address requested by the cardholder. Conditions:Required unless a market or regional mandate restricts sending this information. Maximum length: 3 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | The ZIP or other postal code of the shipping address requested by the cardholder. Example: "EC1V 9BP" Conditions:Required unless a market or regional mandate restricts sending this information. Maximum length: 16 |
2.1.0
2.2.0
2.3.1 APP
BRW
3RI conditional | Numeric country of the shipping address requested by the cardholder. Example: "826" Conditions:Required unless a market or regional mandate restricts sending this information. Length: 3 |
2.3.1 APP
BRW
3RI optional | Cardholder’s tax identification. Maximum length: 45 |
2.2.0
2.3.1 APP
BRW
3RI deprecated | DEPRECATED Deprecated in favour of trustListStatus . Options:Y | Merchant is trusted by cardholder | N | Merchant has not yet been trusted by cardholder | E | Not eligible as determined by issuer | P | Pending confirmation by cardholder | R | Cardholder rejected the request to trust the merchant | U | Trusted status unknown, unavailable, or does not apply |
|
2.2.0
2.3.1 APP
BRW
3RI optional | Indicates whether the cardholder has added the merchant to their list of trusted merchants. A cardholder can typically only choose to trust a merchant after successfully completing a challenge. A cardholder may not be required to complete a challenge with a merchant they have previously trusted. Options:Y | Merchant is trusted by cardholder | N | Merchant has not yet been trusted by cardholder | E | Not eligible as determined by issuer | P | Pending confirmation by cardholder | R | Cardholder rejected the request to trust the merchant | U | Trusted status unknown, unavailable, or does not apply |
|
whiteListStatusSource
string
2.2.0
2.3.1 APP
BRW
3RI deprecated | DEPRECATED Deprecated in favour of trustListStatusSource . Options:01 | 3DS Server | 02 | Directory Server (DS) | 03 | Access Control Server (ACS) |
|
trustListStatusSource
string
2.2.0
2.3.1 APP
BRW
3RI optional | Identifies the system which set the whiteListStatus value. Options:01 | 3DS Server | 02 | Directory Server (DS) | 03 | Access Control Server (ACS) |
|
2.3.1 APP
BRW
3RI optional | Additional transaction information in case of multiple transactions or Merchants. Show definition
|
optional | A unique identifier for the extension. Show definition
| merchantNameListed
string
optional | Name of the listed Merchant. Name used in the authorisation message as defined in ISO 8583-1. Maximum length: 40 | acquirerMerchantIdListed
string
optional | Acquirer-assigned Merchant Listed Identifier. This may be the same value that is used in authorisation requests sent on behalf of the 3DS Requestor and is represented in ISO 8583-1 formatting requirements. Maximum length: 15 | optional | Purchase amount for the Merchant in minor units of currency with all punctuation removed. Maximum length: 48 | optional | Currency Code in which purchase Merchant Amount is expressed (ISO 4217 three-digit numeric currency code). Example: "826" Length: 3 | optional | Minor units of currency as specified in the ISO 4217 currency exponent. Example: "2" Maximum length: 1 | optional | Merchant-assigned Seller identifier that links additional Seller Information. If this data element is present, this must match the Seller ID. Maximum length: 50 |
| optional | Number of days that the AV (Authentication Value) is valid. Example: "999" | optional | Number of times that the AV (Authentication Value) is valid. Example: "99" |
|
2.3.1 APP
BRW
3RI optional | Additional transaction information for transactions where Merchants submit transaction details on behalf of another entity, i.e., individual sellers in a marketplace or drivers in a ridesharing platform. Show definition
Maximum length: 50 |
2.3.1 required | Maximum length: 100 | 2.3.1 conditional | Merchant-assigned Seller identifier. Conditions:Required if Seller ID in MultiTransaction object is present. Maximum length: 50 | sellerBusinessName
string
2.3.1 optional | Business name of the Seller. Maximum length: 100 | 2.3.1 optional | Date converted into UTC that the Seller started using the Merchant’s services. Format: YYYYMMDD | 2.3.1 optional | First line of the business or contact street address of the Seller. Maximum length: 50 | 2.3.1 optional | Second line of the business or contact street address of the Seller. Maximum length: 50 | 2.3.1 optional | Third line of the business or contact street address of the Seller. Maximum length: 50 | 2.3.1 optional | Business or contact city of the Seller. Maximum length: 50 | 2.3.1 optional | Business or contact state or province of the Seller. Country subdivision code defined in ISO 3166-2. For example, using the ISO entry US-CA (California, United States), the correct value for this field = CA. Note that the country and hyphen are not included in this value. Maximum length: 3 | sellerAddrPostCode
string
2.3.1 optional | Business or contact ZIP or other postal code of the Seller. Maximum length: 16 | 2.3.1 optional | Business or contact country of the Seller. ISO 3166-1 numeric three-digit country code. Example: "826" Length: 3 | 2.3.1 optional | Email address of the Seller. Maximum length: 254 | optional | Business or contact phone number of the Seller. Show definition
| 2.3.1 optional | Example: "44" | 2.3.1 optional | Example: "1234567899" |
|
|
2.1.0
2.2.0
2.3.1 APP
BRW
3RI optional | Data necessary to support requirements not otherwise defined in the 3D Secure message format. Show definition
|
optional | A unique identifier for the extension. Example: "id-123" | optional | The name of the extension as defined by the extension owner. Example: "Extension Name" | criticalityIndicator
boolean
optional | Indicates whether the recipient must understand the contents of the extension to interpret the entire message. | data
object,array,boolean,integer,number,string
optional | The data carried in the extension. |
|