Skip to main content

3D Secure API

0.0.1

The 3D Secure API, also known as 3DS API, is a server-to-server solution used in online payment processing protecting both merchants and cardholders against fraudulent transactions.

3D Secure API (0.0.1)

Download OpenAPI specification

3DS APIs

V2

List ThreeDSAuthentications

The API enumerates the ThreeDS Authentication objects, offering filtration criteria to obtain filtered data based on specified parameters.

Filtering and Searching

Filters can be used to interact with any object. Objects can be queried by appending parameters to the query string of the URL.

So to get a list of all pares_status = Y in threeds authentication with EUR currency, having an amount equal to or greater than 20, we would use the following URL:

/v2/3d?_limit=10&amount>=212&currency_code=EUR&authentication.pares_status=Y

Parameters with multiple values are also supported. So for example, to query pares_status = Y and pares_status = U, you would use the following URL:

/v2/3d?authentication.pares_status=Y&authentication.pares_status=U

Use the following syntax to query objects based on parameters and values - in this example querying threeds authentication by the amount.

Query on one value:

/v2/3d?amount=7500

Query on everything but one value:

/v2/3d?amount!=7500

Less than and equal to:

/v2/3d?amount<=7500

Greater than and equal to:

/v2/3d?amount>=7500

Range of values within/outside specified bounds:

/v2/3d?amount<=7600&amount>=7500

Multiple parameters:

/v2/3d?amount=7600&currency_code=EUR

Limit the number of results:

/v2/3d?_limit=50

Sort results in descending order:

/v2/3d?_sort=-amount

Sort results in ascending order:

/v2/3d?_sort=amount

Note:

Operator Description
= equal
! not equal
< less than and equal to
> greater than and equal to
~ pattern matching
>&< multiple arguments search
Authorizations:
BasicAuth
query Parameters
_limit
integer [ 1 .. 10000 ]
Default: 2000

The maximum number of values that can be sent in the response ( maximum: 10000 )

_skip
integer >= 0
Default: 0

_skip query params

_sort
Array of strings
Items Enum: "_id" "amount" "card" "created_at" "currency_code" "entity_id" "entity_name" "threeds_contract_id" "transaction_id" "authentication.acs_rendering_type" "authentication.acs_transaction_id" "authentication.acs_url" "authentication.authentication_type" "authentication.authorization_payload" "authentication.card_brand" "authentication.cardholder_info" "authentication.cavv_algorithm" "authentication.cavv" "authentication.challenge_cancel" "authentication.challenge_required" "authentication.ds_transaction_id" "authentication.eci_flag" "authentication.enrolled" "authentication.error_desc" "authentication.error_no" "authentication.network_score" "authentication.order_id" "authentication.pares_status" "authentication.payload" "authentication.reason_code" "authentication.reason_desc" "authentication.signature_verification" "authentication.status_reason" "authentication.threeds_version" "authentication.xid" "authentication.white_list_status" "authentication.white_list_status_source" "-_id" "-amount" "-card" "-created_at" "-currency_code" "-entity_id" "-threeds_contract_id" "-transaction_id" "-authentication.acs_rendering_type" "-authentication.acs_transaction_id" "-authentication.acs_url" "-authentication.authentication_type" "-authentication.authorization_payload" "-authentication.card_brand" "-authentication.cardholder_info" "-authentication.cavv_algorithm" "-authentication.cavv" "-authentication.challenge_cancel" "-authentication.challenge_required" "-authentication.ds_transaction_id" "-authentication.eci_flag" "-authentication.enrolled" "-authentication.error_desc" "-authentication.error_no" "-authentication.network_score" "-authentication.order_id" "-authentication.pares_status" "-authentication.payload" "-authentication.reason_code" "-authentication.reason_desc" "-authentication.signature_verification" "-authentication.status_reason" "-authentication.threeds_version" "-authentication.xid" "-authentication.white_list_status" "-authentication.white_list_status_source"

_sort query params

_id
string

ThreeDSAuthentication id

amount
number <= 9007199254740991

The amount of the transaction.

card
string

The ID of the card that is checked for enrollment.

created_at
string <date>

The time at which the authentication was created.

currency_code
string = 3 characters

Alphabetical ISO 4217 currency code for the sale amount.

entity_id
string

The ID of the entity, which this authentication belongs to.

threeds_contract_id
string

The ID of the threeDSContractId used.

transaction_id
string

To complete the transaction, the value is required to be passed on the Cardinal.Continue().

authentication.acs_rendering_type
string

Identifies the UI Type the ACS will use to complete the challenge. NOTE: Only available for App transactions using the Cardinal Mobile SDK and is optional for an Issuer to return.

authentication.acs_transaction_id
string

Unique transaction identifier assigned by the ACS to identify a single transaction.

authentication.acs_url
string

The fully qualified URL to redirect the Consumer to complete the Consumer Authentication transaction. NOTE: Available if Enrolled = Y

authentication.authentication_type
string

Indicates the type of authentication that will be used to challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out of Band)

authentication.authorization_payload
string^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A...

The Base64 encoded JSON Payload of CB specific Authorization Values returned in the Frictionless Flow.

authentication.card_brand
string

Card Brand

authentication.cardholder_info
string

Additional text provided by the Issuing Bank to the Cardholder during a Frictionless transaction and was not authenticated by the ACS. The Issuing Bank can optionally support this value.

authentication.cavv_algorithm
string

Indicates the algorithm used to generate the CAVV value. Possible Values:
2 - CVV with ATN 3 - Mastercard SPA algorithm

authentication.cavv
string

Cardholder Authentication Verification Value (CAVV). This value should be appended to the authorization message signifying that the transaction has been successfully authenticated. It will be encoded according to the Merchant's configuration in either Base64 encoding or Hex encoding. A Base64 encoding Merchant configuration will produce values of 28 or 32 characters. A Hex encoding Merchant configuration will produce values of 40 or 48 characters. The value when decoded will either be 20 bytes for CAVV.

authentication.challenge_cancel
string
Enum: "01" "02" "03" "04" "05" "06" "07" "8.0"

An indicator as to why the transaction was canceled. Possible Values:
01 - Cardholder selected Cancel 02 - Reserved for future EMVCo use (values invalid until defined by EMVCo). 03 - Transaction Timed Out—Decoupled Authentication 04 - Transaction timed out at ACS—other timeouts 05 - Transaction Timed out at ACS - First CReq not received by ACS 06 - Transaction Error 07 - Unknown 08 = Transaction Timed Out at SDK NOTE: Only present when the Consumer cancels the challenge. Decoupled authentication is not supported at this time.

authentication.challenge_required
string

Indicates whether a challenge is required to complete authentication. For example, regional mandates. Possible Values: Y - Challenge Required N - Challenge Not Required

authentication.ds_transaction_id
string

Unique transaction identifier assigned by the Directory Server (DS) to identify a single transaction. NOTE: Required for Mastercard Identity Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0) transactions

authentication.eci_flag
string

Electronic Commerce Indicator (ECI). The ECI value is part of the 2 data elements that indicate the transaction was processed electronically. This should be passed on the authorization transaction to the Gateway/Processor. Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 - Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field

authentication.enrolled
string

Status of Authentication eligibility.
Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return the ACSUrl
N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication at the time of the request
B - Bypass, Merchant authentication rule is triggered to bypass authentication in this use case
NOTE: If the Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.

authentication.error_desc
string

Application error description for the associated error number(s). NOTE: Multiple error descriptions are separated by a comma.

authentication.error_no
string

Application error number(s). A non-zero value represents the error encountered while attempting to process the message request. NOTE: Multiple error numbers are separated by a comma.

authentication.network_score
string <= 2 characters

The global score calculated by the CB Scoring platform.

authentication.order_id
string

3DS server generated order identifier. Used to link multiple actions on a single order to a single identifier. Mod-10 compliant and unique BIN range to 3DS services.

authentication.pares_status
string

Transactions status result identifier. Possible Values: Y - Successful Authentication N - Failed Authentication U - Unable to Complete Authentication A - Successful Attempts Transaction C - Challenge Required for Authentication R - Authentication Rejected (Merchant must not submit for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication 2.0.,

authentication.payload
string

The encoded payment request generated by Centinel. NOTE: Available if Enrolled = Y

authentication.reason_code
string

The error code indicating a problem with this transaction.

authentication.reason_desc
string

Text and additional detail about the error for this transaction. NOTE: This field concatenates the errorDescription and errorDetail from the authentication response message

authentication.signature_verification
string

Transaction Signature status identifier. Possible Values: Y - Indicates that the signature of the PARes has been validated successfully and the message contents can be trusted. N - Indicates that the PARes could not be validated. This result could be for a variety of reasons; tampering, certificate expiration, etc., and the result should not be trusted.

authentication.status_reason
string

Provides additional information as to why the PAResStatus has the specific value. NOTE: Required for Payment (e.g. Authentication Indicator equals 01 on Lookup Request) transactions when PAResStatus is equal to N, U, or R in the Lookup Response.

authentication.threeds_version
string

This field contains the 3DS version that was used to process the transaction.
Possible Values:
1.0.2
2.1.0
NOTE: Required for Mastercard Identity Check transactions in Authorization

authentication.xid
string

Third Party Token that is returned from the token provider after a card number is specified on the request. NOTE: This field is returned if Tokenization is enabled in the Merchant profile setting AND the Merchant is using a third party token provider.

encrypted_card
string

Client encrypted cardholder data. The cardholder data encrypted using the Verifone provided public key. This needs to be provided in base64 encoded format. The data to encrypt is a JSON with possible tags being cardNumber, sequenceNumber, cardholderName, startMonth, startYear, expiryMonth, expiryYear, cvv. Additionally a tag called captureTime must be presenting indicating the time the card was captured in UTC in format RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. Sample JSON to encrypt:

    {
        "captureTime": '2019-08-24T14:15:22Z',
        "cardNumber": '5555555555554444',
        "expiryMonth": 1,
        "expiryYear": 2025,
        "cvv": '123',
    } 

Note: encrypted_card is required if card or reuse_token is not provided.

public_key_alias
string

The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided.

_id!
string

ThreeDSAuthentication id

amount!
number <= 9007199254740991

The amount of the transaction.

card!
string

The ID of the card that is checked for enrollment.

created_at!
string <date>

The time at which the authentication was created.

currency_code!
string = 3 characters

Alphabetical ISO 4217 currency code for the sale amount.

entity_id!
string

The ID of the entity, which this authentication belongs to.

threeds_contract_id!
string

The ID of the threeDSContractId used.

transaction_id!
string

To complete the transaction, the value is required to be passed on the Cardinal.Continue().

authentication.acs_rendering_type!
string

Identifies the UI Type the ACS will use to complete the challenge. NOTE: Only available for App transactions using the Cardinal Mobile SDK and is optional for an Issuer to return.

authentication.acs_transaction_id!
string

Unique transaction identifier assigned by the ACS to identify a single transaction.

authentication.acs_url!
string

The fully qualified URL to redirect the Consumer to complete the Consumer Authentication transaction. NOTE: Available if Enrolled = Y

authentication.authentication_type!
string

Indicates the type of authentication that will be used to challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out of Band)

authentication.authorization_payload!
string^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A...

The Base64 encoded JSON Payload of CB specific Authorization Values returned in the Frictionless Flow.

authentication.card_brand!
string

Card Brand

authentication.cardholder_info!
string

Additional text provided by the Issuing Bank to the Cardholder during a Frictionless transaction and was not authenticated by the ACS. The Issuing Bank can optionally support this value.

authentication.cavv_algorithm!
string

Indicates the algorithm used to generate the CAVV value. Possible Values:
2 - CVV with ATN 3 - Mastercard SPA algorithm

authentication.cavv!
string

Cardholder Authentication Verification Value (CAVV). This value should be appended to the authorization message signifying that the transaction has been successfully authenticated. It will be encoded according to the Merchant's configuration in either Base64 encoding or Hex encoding. A Base64 encoding Merchant configuration will produce values of 28 or 32 characters. A Hex encoding Merchant configuration will produce values of 40 or 48 characters. The value when decoded will either be 20 bytes for CAVV.

authentication.challenge_cancel!
string
Enum: "01" "02" "03" "04" "05" "06" "07" "8.0"

An indicator as to why the transaction was canceled. Possible Values:
01 - Cardholder selected Cancel 02 - Reserved for future EMVCo use (values invalid until defined by EMVCo). 03 - Transaction Timed Out—Decoupled Authentication 04 - Transaction timed out at ACS—other timeouts 05 - Transaction Timed out at ACS - First CReq not received by ACS 06 - Transaction Error 07 - Unknown 08 = Transaction Timed Out at SDK NOTE: Only present when the Consumer cancels the challenge. Decoupled authentication is not supported at this time.

authentication.challenge_required!
string

Indicates whether a challenge is required to complete authentication. For example, regional mandates. Possible Values: Y - Challenge Required N - Challenge Not Required

authentication.ds_transaction_id!
string

Unique transaction identifier assigned by the Directory Server (DS) to identify a single transaction. NOTE: Required for Mastercard Identity Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0) transactions

authentication.eci_flag!
string

Electronic Commerce Indicator (ECI). The ECI value is part of the 2 data elements that indicate the transaction was processed electronically. This should be passed on the authorization transaction to the Gateway/Processor. Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 - Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field

authentication.enrolled!
string

Status of Authentication eligibility.
Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return the ACSUrl
N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication at the time of the request
B - Bypass, Merchant authentication rule is triggered to bypass authentication in this use case
NOTE: If the Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.

authentication.error_desc!
string

Application error description for the associated error number(s). NOTE: Multiple error descriptions are separated by a comma.

authentication.error_no!
string

Application error number(s). A non-zero value represents the error encountered while attempting to process the message request. NOTE: Multiple error numbers are separated by a comma.

authentication.network_score!
string <= 2 characters

The global score calculated by the CB Scoring platform.

authentication.order_id!
string

3DS server generated order identifier. Used to link multiple actions on a single order to a single identifier. Mod-10 compliant and unique BIN range to 3DS services.

authentication.pares_status!
string

Transactions status result identifier. Possible Values: Y - Successful Authentication N - Failed Authentication U - Unable to Complete Authentication A - Successful Attempts Transaction C - Challenge Required for Authentication R - Authentication Rejected (Merchant must not submit for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication 2.0.,

authentication.payload!
string

The encoded payment request generated by Centinel. NOTE: Available if Enrolled = Y

authentication.reason_code!
string

The error code indicating a problem with this transaction.

authentication.reason_desc!
string

Text and additional detail about the error for this transaction. NOTE: This field concatenates the errorDescription and errorDetail from the authentication response message

authentication.signature_verification!
string

Transaction Signature status identifier. Possible Values: Y - Indicates that the signature of the PARes has been validated successfully and the message contents can be trusted. N - Indicates that the PARes could not be validated. This result could be for a variety of reasons; tampering, certificate expiration, etc., and the result should not be trusted.

authentication.status_reason!
string

Provides additional information as to why the PAResStatus has the specific value. NOTE: Required for Payment (e.g. Authentication Indicator equals 01 on Lookup Request) transactions when PAResStatus is equal to N, U, or R in the Lookup Response.

authentication.threeds_version!
string

This field contains the 3DS version that was used to process the transaction.
Possible Values:
1.0.2
2.1.0
NOTE: Required for Mastercard Identity Check transactions in Authorization

authentication.xid!
string

Third Party Token that is returned from the token provider after a card number is specified on the request. NOTE: This field is returned if Tokenization is enabled in the Merchant profile setting AND the Merchant is using a third party token provider.

encrypted_card!
string

Client encrypted cardholder data. The cardholder data encrypted using the Verifone provided public key. This needs to be provided in base64 encoded format. The data to encrypt is a JSON with possible tags being cardNumber, sequenceNumber, cardholderName, startMonth, startYear, expiryMonth, expiryYear, cvv. Additionally a tag called captureTime must be presenting indicating the time the card was captured in UTC in format RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. Sample JSON to encrypt:

    {
        "captureTime": '2019-08-24T14:15:22Z',
        "cardNumber": '5555555555554444',
        "expiryMonth": 1,
        "expiryYear": 2025,
        "cvv": '123',
    } 

Note: encrypted_card is required if card or reuse_token is not provided.

public_key_alias!
string

The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided.

_id~
string

ThreeDSAuthentication id

card~
string

The ID of the card that is checked for enrollment.

currency_code~
string = 3 characters

Alphabetical ISO 4217 currency code for the sale amount.

entity_id~
string

The ID of the entity, which this authentication belongs to.

threeds_contract_id~
string

The ID of the threeDSContractId used.

transaction_id~
string

To complete the transaction, the value is required to be passed on the Cardinal.Continue().

authentication.acs_rendering_type~
string

Identifies the UI Type the ACS will use to complete the challenge. NOTE: Only available for App transactions using the Cardinal Mobile SDK and is optional for an Issuer to return.

authentication.acs_transaction_id~
string

Unique transaction identifier assigned by the ACS to identify a single transaction.

authentication.acs_url~
string

The fully qualified URL to redirect the Consumer to complete the Consumer Authentication transaction. NOTE: Available if Enrolled = Y

authentication.authentication_type~
string

Indicates the type of authentication that will be used to challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out of Band)

authentication.authorization_payload~
string^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A...

The Base64 encoded JSON Payload of CB specific Authorization Values returned in the Frictionless Flow.

authentication.card_brand~
string

Card Brand

authentication.cardholder_info~
string

Additional text provided by the Issuing Bank to the Cardholder during a Frictionless transaction and was not authenticated by the ACS. The Issuing Bank can optionally support this value.

authentication.cavv_algorithm~
string

Indicates the algorithm used to generate the CAVV value. Possible Values:
2 - CVV with ATN 3 - Mastercard SPA algorithm

authentication.cavv~
string

Cardholder Authentication Verification Value (CAVV). This value should be appended to the authorization message signifying that the transaction has been successfully authenticated. It will be encoded according to the Merchant's configuration in either Base64 encoding or Hex encoding. A Base64 encoding Merchant configuration will produce values of 28 or 32 characters. A Hex encoding Merchant configuration will produce values of 40 or 48 characters. The value when decoded will either be 20 bytes for CAVV.

authentication.challenge_cancel~
string
Enum: "01" "02" "03" "04" "05" "06" "07" "8.0"

An indicator as to why the transaction was canceled. Possible Values:
01 - Cardholder selected Cancel 02 - Reserved for future EMVCo use (values invalid until defined by EMVCo). 03 - Transaction Timed Out—Decoupled Authentication 04 - Transaction timed out at ACS—other timeouts 05 - Transaction Timed out at ACS - First CReq not received by ACS 06 - Transaction Error 07 - Unknown 08 = Transaction Timed Out at SDK NOTE: Only present when the Consumer cancels the challenge. Decoupled authentication is not supported at this time.

authentication.challenge_required~
string

Indicates whether a challenge is required to complete authentication. For example, regional mandates. Possible Values: Y - Challenge Required N - Challenge Not Required

authentication.ds_transaction_id~
string

Unique transaction identifier assigned by the Directory Server (DS) to identify a single transaction. NOTE: Required for Mastercard Identity Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0) transactions

authentication.eci_flag~
string

Electronic Commerce Indicator (ECI). The ECI value is part of the 2 data elements that indicate the transaction was processed electronically. This should be passed on the authorization transaction to the Gateway/Processor. Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 - Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field

authentication.enrolled~
string

Status of Authentication eligibility.
Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return the ACSUrl
N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication at the time of the request
B - Bypass, Merchant authentication rule is triggered to bypass authentication in this use case
NOTE: If the Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.

authentication.error_desc~
string

Application error description for the associated error number(s). NOTE: Multiple error descriptions are separated by a comma.

authentication.error_no~
string

Application error number(s). A non-zero value represents the error encountered while attempting to process the message request. NOTE: Multiple error numbers are separated by a comma.

authentication.network_score~
string <= 2 characters

The global score calculated by the CB Scoring platform..

authentication.order_id~
string

3DS server generated order identifier. Used to link multiple actions on a single order to a single identifier. Mod-10 compliant and unique BIN range to 3DS services.

authentication.pares_status~
string

Transactions status result identifier. Possible Values: Y - Successful Authentication N - Failed Authentication U - Unable to Complete Authentication A - Successful Attempts Transaction C - Challenge Required for Authentication R - Authentication Rejected (Merchant must not submit for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication 2.0.,

authentication.payload~
string

The encoded payment request generated by Centinel. NOTE: Available if Enrolled = Y

authentication.reason_code~
string

The error code indicating a problem with this transaction.

authentication.reason_desc~
string

Text and additional detail about the error for this transaction. NOTE: This field concatenates the errorDescription and errorDetail from the authentication response message

authentication.signature_verification~
string

Transaction Signature status identifier. Possible Values: Y - Indicates that the signature of the PARes has been validated successfully and the message contents can be trusted. N - Indicates that the PARes could not be validated. This result could be for a variety of reasons; tampering, certificate expiration, etc., and the result should not be trusted.

authentication.status_reason~
string

Provides additional information as to why the PAResStatus has the specific value. NOTE: Required for Payment (e.g. Authentication Indicator equals 01 on Lookup Request) transactions when PAResStatus is equal to N, U, or R in the Lookup Response.

authentication.threeds_version~
string

This field contains the 3DS version that was used to process the transaction.
Possible Values:
1.0.2
2.1.0
NOTE: Required for Mastercard Identity Check transactions in Authorization

authentication.xid~
string

Third Party Token that is returned from the token provider after a card number is specified on the request. NOTE: This field is returned if Tokenization is enabled in the Merchant profile setting AND the Merchant is using a third party token provider.

encrypted_card~
string

Client encrypted cardholder data. The cardholder data encrypted using the Verifone provided public key. This needs to be provided in base64 encoded format. The data to encrypt is a JSON with possible tags being cardNumber, sequenceNumber, cardholderName, startMonth, startYear, expiryMonth, expiryYear, cvv. Additionally a tag called captureTime must be presenting indicating the time the card was captured in UTC in format RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. Sample JSON to encrypt:

    {
        "captureTime": '2019-08-24T14:15:22Z',
        "cardNumber": '5555555555554444',
        "expiryMonth": 1,
        "expiryYear": 2025,
        "cvv": '123',
    } 

Note: encrypted_card is required if card or reuse_token is not provided.

public_key_alias~
string

The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided.

amount>
number <= 9007199254740991

The amount of the transaction.

created_at>
string <date>

The time at which the authentication was created.

amount<
number <= 9007199254740991

The amount of the transaction.

created_at<
string <date>

The time at which the authentication was created.

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Count ThreeDSAuthentication

The API provides the total number of threeDS authentications and can be queried by appending parameters to the query string of the URL.

Authorizations:
BasicAuth
query Parameters
_id
string

ThreeDSAuthentication id

amount
number <= 9007199254740991

The amount of the transaction.

card
string

The ID of the card that is checked for enrollment.

created_at
string <date>

The time at which the authentication was created.

currency_code
string = 3 characters

Alphabetical ISO 4217 currency code for the sale amount.

entity_id
string

The ID of the entity, which this authentication belongs to.

threeds_contract_id
string

The ID of the threeDSContractId used.

transaction_id
string

To complete the transaction, the value is required to be passed on the Cardinal.Continue().

authentication.acs_rendering_type
string

Identifies the UI Type the ACS will use to complete the challenge. NOTE: Only available for App transactions using the Cardinal Mobile SDK and is optional for an Issuer to return.

authentication.acs_transaction_id
string

Unique transaction identifier assigned by the ACS to identify a single transaction.

authentication.acs_url
string

The fully qualified URL to redirect the Consumer to complete the Consumer Authentication transaction. NOTE: Available if Enrolled = Y

authentication.authentication_type
string

Indicates the type of authentication that will be used to challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out of Band)

authentication.authorization_payload
string^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A...

The Base64 encoded JSON Payload of CB specific Authorization Values returned in the Frictionless Flow.

authentication.card_brand
string

Card Brand

authentication.cardholder_info
string

Additional text provided by the Issuing Bank to the Cardholder during a Frictionless transaction and was not authenticated by the ACS. The Issuing Bank can optionally support this value.

authentication.cavv_algorithm
string

Indicates the algorithm used to generate the CAVV value. Possible Values:
2 - CVV with ATN 3 - Mastercard SPA algorithm

authentication.cavv
string

Cardholder Authentication Verification Value (CAVV). This value should be appended to the authorization message signifying that the transaction has been successfully authenticated. It will be encoded according to the Merchant's configuration in either Base64 encoding or Hex encoding. A Base64 encoding Merchant configuration will produce values of 28 or 32 characters. A Hex encoding Merchant configuration will produce values of 40 or 48 characters. The value when decoded will either be 20 bytes for CAVV.

authentication.challenge_cancel
string
Enum: "01" "02" "03" "04" "05" "06" "07" "8.0"

An indicator as to why the transaction was canceled. Possible Values:
01 - Cardholder selected Cancel 02 - Reserved for future EMVCo use (values invalid until defined by EMVCo). 03 - Transaction Timed Out—Decoupled Authentication 04 - Transaction timed out at ACS—other timeouts 05 - Transaction Timed out at ACS - First CReq not received by ACS 06 - Transaction Error 07 - Unknown 08 = Transaction Timed Out at SDK NOTE: Only present when the Consumer cancels the challenge. Decoupled authentication is not supported at this time.

authentication.challenge_required
string

Indicates whether a challenge is required to complete authentication. For example, regional mandates. Possible Values: Y - Challenge Required N - Challenge Not Required

authentication.ds_transaction_id
string

Unique transaction identifier assigned by the Directory Server (DS) to identify a single transaction. NOTE: Required for Mastercard Identity Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0) transactions

authentication.eci_flag
string

Electronic Commerce Indicator (ECI). The ECI value is part of the 2 data elements that indicate the transaction was processed electronically. This should be passed on the authorization transaction to the Gateway/Processor. Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 - Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field

authentication.enrolled
string

Status of Authentication eligibility.
Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return the ACSUrl
N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication at the time of the request
B - Bypass, Merchant authentication rule is triggered to bypass authentication in this use case
NOTE: If the Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.

authentication.error_desc
string

Application error description for the associated error number(s). NOTE: Multiple error descriptions are separated by a comma.

authentication.error_no
string

Application error number(s). A non-zero value represents the error encountered while attempting to process the message request. NOTE: Multiple error numbers are separated by a comma.

authentication.network_score
string <= 2 characters

The global score calculated by the CB Scoring platform.

authentication.order_id
string

3DS server generated order identifier. Used to link multiple actions on a single order to a single identifier. Mod-10 compliant and unique BIN range to 3DS services.

authentication.pares_status
string

Transactions status result identifier. Possible Values: Y - Successful Authentication N - Failed Authentication U - Unable to Complete Authentication A - Successful Attempts Transaction C - Challenge Required for Authentication R - Authentication Rejected (Merchant must not submit for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication 2.0.,

authentication.payload
string

The encoded payment request generated by Centinel. NOTE: Available if Enrolled = Y

authentication.reason_code
string

The error code indicating a problem with this transaction.

authentication.reason_desc
string

Text and additional detail about the error for this transaction. NOTE: This field concatenates the errorDescription and errorDetail from the authentication response message

authentication.signature_verification
string

Transaction Signature status identifier. Possible Values: Y - Indicates that the signature of the PARes has been validated successfully and the message contents can be trusted. N - Indicates that the PARes could not be validated. This result could be for a variety of reasons; tampering, certificate expiration, etc., and the result should not be trusted.

authentication.status_reason
string

Provides additional information as to why the PAResStatus has the specific value. NOTE: Required for Payment (e.g. Authentication Indicator equals 01 on Lookup Request) transactions when PAResStatus is equal to N, U, or R in the Lookup Response.

authentication.threeds_version
string

This field contains the 3DS version that was used to process the transaction.
Possible Values:
1.0.2
2.1.0
NOTE: Required for Mastercard Identity Check transactions in Authorization

authentication.xid
string

Third Party Token that is returned from the token provider after a card number is specified on the request. NOTE: This field is returned if Tokenization is enabled in the Merchant profile setting AND the Merchant is using a third party token provider.

encrypted_card
string

Client encrypted cardholder data. The cardholder data encrypted using the Verifone provided public key. This needs to be provided in base64 encoded format. The data to encrypt is a JSON with possible tags being cardNumber, sequenceNumber, cardholderName, startMonth, startYear, expiryMonth, expiryYear, cvv. Additionally a tag called captureTime must be presenting indicating the time the card was captured in UTC in format RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. Sample JSON to encrypt:

    {
        "captureTime": '2019-08-24T14:15:22Z',
        "cardNumber": '5555555555554444',
        "expiryMonth": 1,
        "expiryYear": 2025,
        "cvv": '123',
    } 

Note: encrypted_card is required if card or reuse_token is not provided.

public_key_alias
string

The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided.

_id!
string

ThreeDSAuthentication id

amount!
number <= 9007199254740991

The amount of the transaction.

card!
string

The ID of the card that is checked for enrollment.

created_at!
string <date>

The time at which the authentication was created.

currency_code!
string = 3 characters

Alphabetical ISO 4217 currency code for the sale amount.

entity_id!
string

The ID of the entity, which this authentication belongs to.

threeds_contract_id!
string

The ID of the threeDSContractId used.

transaction_id!
string

To complete the transaction, the value is required to be passed on the Cardinal.Continue().

authentication.acs_rendering_type!
string

Identifies the UI Type the ACS will use to complete the challenge. NOTE: Only available for App transactions using the Cardinal Mobile SDK and is optional for an Issuer to return.

authentication.acs_transaction_id!
string

Unique transaction identifier assigned by the ACS to identify a single transaction.

authentication.acs_url!
string

The fully qualified URL to redirect the Consumer to complete the Consumer Authentication transaction. NOTE: Available if Enrolled = Y

authentication.authentication_type!
string

Indicates the type of authentication that will be used to challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out of Band)

authentication.authorization_payload!
string^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A...

The Base64 encoded JSON Payload of CB specific Authorization Values returned in the Frictionless Flow.

authentication.card_brand!
string

Card Brand

authentication.cardholder_info!
string

Additional text provided by the Issuing Bank to the Cardholder during a Frictionless transaction and was not authenticated by the ACS. The Issuing Bank can optionally support this value.

authentication.cavv_algorithm!
string

Indicates the algorithm used to generate the CAVV value. Possible Values:
2 - CVV with ATN 3 - Mastercard SPA algorithm

authentication.cavv!
string

Cardholder Authentication Verification Value (CAVV). This value should be appended to the authorization message signifying that the transaction has been successfully authenticated. It will be encoded according to the Merchant's configuration in either Base64 encoding or Hex encoding. A Base64 encoding Merchant configuration will produce values of 28 or 32 characters. A Hex encoding Merchant configuration will produce values of 40 or 48 characters. The value when decoded will either be 20 bytes for CAVV.

authentication.challenge_cancel!
string
Enum: "01" "02" "03" "04" "05" "06" "07" "8.0"

An indicator as to why the transaction was canceled. Possible Values:
01 - Cardholder selected Cancel 02 - Reserved for future EMVCo use (values invalid until defined by EMVCo). 03 - Transaction Timed Out—Decoupled Authentication 04 - Transaction timed out at ACS—other timeouts 05 - Transaction Timed out at ACS - First CReq not received by ACS 06 - Transaction Error 07 - Unknown 08 = Transaction Timed Out at SDK NOTE: Only present when the Consumer cancels the challenge. Decoupled authentication is not supported at this time.

authentication.challenge_required!
string

Indicates whether a challenge is required to complete authentication. For example, regional mandates. Possible Values: Y - Challenge Required N - Challenge Not Required

authentication.ds_transaction_id!
string

Unique transaction identifier assigned by the Directory Server (DS) to identify a single transaction. NOTE: Required for Mastercard Identity Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0) transactions.

authentication.eci_flag!
string

Electronic Commerce Indicator (ECI). The ECI value is part of the 2 data elements that indicate the transaction was processed electronically. This should be passed on the authorization transaction to the Gateway/Processor. Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 - Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field

authentication.enrolled!
string

Status of Authentication eligibility.
Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return the ACSUrl
N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication at the time of the request
B - Bypass, Merchant authentication rule is triggered to bypass authentication in this use case
NOTE: If the Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.

authentication.error_desc!
string

Application error description for the associated error number(s). NOTE: Multiple error descriptions are separated by a comma.

authentication.error_no!
string

Application error number(s). A non-zero value represents the error encountered while attempting to process the message request. NOTE: Multiple error numbers are separated by a comma.

authentication.network_score!
string <= 2 characters

The global score calculated by the CB Scoring platform.

authentication.order_id!
string

3DS server generated order identifier. Used to link multiple actions on a single order to a single identifier. Mod-10 compliant and unique BIN range to 3DS services.

authentication.pares_status!
string

Transactions status result identifier. Possible Values: Y - Successful Authentication N - Failed Authentication U - Unable to Complete Authentication A - Successful Attempts Transaction C - Challenge Required for Authentication R - Authentication Rejected (Merchant must not submit for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication 2.0.,

authentication.payload!
string

The encoded payment request generated by Centinel. NOTE: Available if Enrolled = Y

authentication.reason_code!
string

The error code indicating a problem with this transaction.

authentication.reason_desc!
string

Text and additional detail about the error for this transaction. NOTE: This field concatenates the errorDescription and errorDetail from the authentication response message

authentication.signature_verification!
string

Transaction Signature status identifier. Possible Values: Y - Indicates that the signature of the PARes has been validated successfully and the message contents can be trusted. N - Indicates that the PARes could not be validated. This result could be for a variety of reasons; tampering, certificate expiration, etc., and the result should not be trusted.

authentication.status_reason!
string

Provides additional information as to why the PAResStatus has the specific value. NOTE: Required for Payment (e.g. Authentication Indicator equals 01 on Lookup Request) transactions when PAResStatus is equal to N, U, or R in the Lookup Response.

authentication.threeds_version!
string

This field contains the 3DS version that was used to process the transaction.
Possible Values:
1.0.2
2.1.0
NOTE: Required for Mastercard Identity Check transactions in Authorization

authentication.xid!
string

Third Party Token that is returned from the token provider after a card number is specified on the request. NOTE: This field is returned if Tokenization is enabled in the Merchant profile setting AND the Merchant is using a third party token provider.

encrypted_card!
string

Client encrypted cardholder data. The cardholder data encrypted using the Verifone provided public key. This needs to be provided in base64 encoded format. The data to encrypt is a JSON with possible tags being cardNumber, sequenceNumber, cardholderName, startMonth, startYear, expiryMonth, expiryYear, cvv. Additionally a tag called captureTime must be presenting indicating the time the card was captured in UTC in format RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. Sample JSON to encrypt:

    {
        "captureTime": '2019-08-24T14:15:22Z',
        "cardNumber": '5555555555554444',
        "expiryMonth": 1,
        "expiryYear": 2025,
        "cvv": '123',
    } 

Note: encrypted_card is required if card or reuse_token is not provided.

public_key_alias!
string

The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided.

_id~
string

ThreeDSAuthentication id

card~
string

The ID of the card that is checked for enrollment.

currency_code~
string = 3 characters

Alphabetical ISO 4217 currency code for the sale amount.

entity_id~
string

The ID of the entity, which this authentication belongs to.

threeds_contract_id~
string

The ID of the threeDSContractId used.

transaction_id~
string

To complete the transaction, the value is required to be passed on the Cardinal.Continue().

authentication.acs_rendering_type~
string

Identifies the UI Type the ACS will use to complete the challenge. NOTE: Only available for App transactions using the Cardinal Mobile SDK and is optional for an Issuer to return.

authentication.acs_transaction_id~
string

Unique transaction identifier assigned by the ACS to identify a single transaction.

authentication.acs_url~
string

The fully qualified URL to redirect the Consumer to complete the Consumer Authentication transaction. NOTE: Available if Enrolled = Y.

authentication.authentication_type~
string

Indicates the type of authentication that will be used to challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out of Band)

authentication.authorization_payload~
string^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A...

The Base64 encoded JSON Payload of CB specific Authorization Values returned in the Frictionless Flow.

authentication.card_brand~
string

Card Brand

authentication.cardholder_info~
string

Additional text provided by the Issuing Bank to the Cardholder during a Frictionless transaction and was not authenticated by the ACS. The Issuing Bank can optionally support this value.

authentication.cavv_algorithm~
string

Indicates the algorithm used to generate the CAVV value. Possible Values:
2 - CVV with ATN 3 - Mastercard SPA algorithm

authentication.cavv~
string

Cardholder Authentication Verification Value (CAVV). This value should be appended to the authorization message signifying that the transaction has been successfully authenticated. It will be encoded according to the Merchant's configuration in either Base64 encoding or Hex encoding. A Base64 encoding Merchant configuration will produce values of 28 or 32 characters. A Hex encoding Merchant configuration will produce values of 40 or 48 characters. The value when decoded will either be 20 bytes for CAVV.

authentication.challenge_cancel~
string
Enum: "01" "02" "03" "04" "05" "06" "07" "8.0"

An indicator as to why the transaction was canceled. Possible Values:
01 - Cardholder selected Cancel 02 - Reserved for future EMVCo use (values invalid until defined by EMVCo). 03 - Transaction Timed Out—Decoupled Authentication 04 - Transaction timed out at ACS—other timeouts 05 - Transaction Timed out at ACS - First CReq not received by ACS 06 - Transaction Error 07 - Unknown 08 = Transaction Timed Out at SDK NOTE: Only present when the Consumer cancels the challenge. Decoupled authentication is not supported at this time.

authentication.challenge_required~
string

Indicates whether a challenge is required to complete authentication. For example, regional mandates. Possible Values: Y - Challenge Required N - Challenge Not Required

authentication.ds_transaction_id~
string

Unique transaction identifier assigned by the Directory Server (DS) to identify a single transaction. NOTE: Required for Mastercard Identity Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0) transactions

authentication.eci_flag~
string

Electronic Commerce Indicator (ECI). The ECI value is part of the 2 data elements that indicate the transaction was processed electronically. This should be passed on the authorization transaction to the Gateway/Processor. Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 - Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field

authentication.enrolled~
string

Status of Authentication eligibility.
Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return the ACSUrl
N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication at the time of the request
B - Bypass, Merchant authentication rule is triggered to bypass authentication in this use case
NOTE: If the Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.

authentication.error_desc~
string

Application error description for the associated error number(s). NOTE: Multiple error descriptions are separated by a comma.

authentication.error_no~
string

Application error number(s). A non-zero value represents the error encountered while attempting to process the message request. NOTE: Multiple error numbers are separated by a comma.

authentication.network_score~
string <= 2 characters

The global score calculated by the CB Scoring platform.

authentication.order_id~
string

3DS server generated order identifier. Used to link multiple actions on a single order to a single identifier. Mod-10 compliant and unique BIN range to 3DS services.

authentication.pares_status~
string

Transactions status result identifier. Possible Values: Y - Successful Authentication N - Failed Authentication U - Unable to Complete Authentication A - Successful Attempts Transaction C - Challenge Required for Authentication R - Authentication Rejected (Merchant must not submit for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication 2.0.,

authentication.payload~
string

The encoded payment request generated by Centinel. NOTE: Available if Enrolled = Y

authentication.reason_code~
string

The error code indicating a problem with this transaction.

authentication.reason_desc~
string

Text and additional detail about the error for this transaction. NOTE: This field concatenates the errorDescription and errorDetail from the authentication response message

authentication.signature_verification~
string

Transaction Signature status identifier. Possible Values: Y - Indicates that the signature of the PARes has been validated successfully and the message contents can be trusted. N - Indicates that the PARes could not be validated. This result could be for a variety of reasons; tampering, certificate expiration, etc., and the result should not be trusted.

authentication.status_reason~
string

Provides additional information as to why the PAResStatus has the specific value. NOTE: Required for Payment (e.g. Authentication Indicator equals 01 on Lookup Request) transactions when PAResStatus is equal to N, U, or R in the Lookup Response.

authentication.threeds_version~
string

This field contains the 3DS version that was used to process the transaction.
Possible Values:
1.0.2
2.1.0
NOTE: Required for Mastercard Identity Check transactions in Authorization

authentication.xid~
string

Third Party Token that is returned from the token provider after a card number is specified on the request. NOTE: This field is returned if Tokenization is enabled in the Merchant profile setting AND the Merchant is using a third party token provider.

encrypted_card~
string

Client encrypted cardholder data. The cardholder data encrypted using the Verifone provided public key. This needs to be provided in base64 encoded format. The data to encrypt is a JSON with possible tags being cardNumber, sequenceNumber, cardholderName, startMonth, startYear, expiryMonth, expiryYear, cvv. Additionally a tag called captureTime must be presenting indicating the time the card was captured in UTC in format RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. Sample JSON to encrypt:

    {
        "captureTime": '2019-08-24T14:15:22Z',
        "cardNumber": '5555555555554444',
        "expiryMonth": 1,
        "expiryYear": 2025,
        "cvv": '123',
    } 

Note: encrypted_card is required if card or reuse_token is not provided.

public_key_alias~
string

The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided.

amount>
number <= 9007199254740991

The amount of the transaction.

created_at>
string <date>

The time at which the authentication was created.

amount<
number <= 9007199254740991

The amount of the transaction.

created_at<
string <date>

The time at which the authentication was created.

Responses

Response samples

Content type
application/json
{
  • "count": 0
}

Get ThreeDSAuthentication by ID

The API returns details about a particular threeDSAuthentication associated with the provided ID.

Authorizations:
BasicAuth
path Parameters
id
required
string

ThreeDSAuthentication id

Responses

Response samples

Content type
application/json
{
  • "_id": "f1aeb720-9bd9-4667-a24f-979fb8175c65",
  • "amount": "20cde61c-cdd0-4a5a-90f6-47ba4f1e5704",
  • "threeds_contract_id": "7076974d-04b9-4375-9814-e9313f6bd036",
  • "authentication": {
    },
  • "card": "string",
  • "currency_code": "USD",
  • "created_at": "2019-08-24",
  • "entity_id": "516af950-02b8-43fb-9955-1c01d0d67e90",
  • "transaction_id": "ppWyiLx7GnvTLlqFZtM1"
}

Cardholder Authentication API for 3DS

The Cardholder Authentication API for 3DS authenticates the cardholder and leads to a challenge flow or a frictionless flow adhering to the Strong Customer Authentication (SCA) directive. For further details, refer to Server-to-Server Payments with 3D Secure.

Authorizations:
BasicAuth
Request Body schema: application/json
account_age_indicator
string
Enum: "01" "02" "03" "04" "05"

Length of time cardholder has had account. Possible Values: * 01 - No account * 02 - Created during transaction * 03 - Less than 30 days * 04 - 30-60 days * 05 - More than 60 days

account_change_date
string <date>

Date the cardholder's account was last changed. This includes changes to the billing or shipping address, new payment accounts or new users added. Format: YYYYMMDD

account_change_indicator
string
Enum: "01" "02" "03" "04"

Length of time since the last change to the cardholder account. This includes shipping address, new payment account or new user added. Possible Values: * 01 - Changed during transaction * 02 - Less than 30 days * 03 - 30-60 days * 04 - More than 60 days

account_create_date
string <date>

Date the cardholder opened the account. Format: YYYYMMDD

account_id
string <= 64 characters

Additional cardholder account information.

account_purchases
number <= 9999

Number of purchases with this cardholder account during the previous six months.

account_pwd_change_date
string <date>

Date the cardholder last changed or reset password on account. Format: YYYYMMDD

account_pwd_change_indicator
string
Enum: "01" "02" "03" "04" "05"

Length of time since the cardholder changed or reset the password on the account. Possible Values: * 01 - No change * 02 - Changed during transaction * 03 - Less than 30 days * 04 - 30-60 days * 05 - More than 60 days

acs_window_size
string
Enum: "01" "02" "03" "04" "05"

An override field that a merchant can pass in to set the challenge window size to display to the end cardholder.The ACS will reply with content that is formatted appropriately to this window size to allow for the best user experience. The sizes are width x height in pixels of the window displayed in the cardholder browser window. Possible values: * 01 - 250x400 * 02 - 390x400 * 03 - 500x600 * 04 - 600x400 * 05 - Full page

add_card_attempts
number <= 999

Number of add card attempts in the last 24 hours.

address_match
string
Enum: "Y" "N"

Indicates whether cardholder billing and shipping addresses match. Possible Values: * Y - Shipping address matches billing address * N - Shipping address does not match billing address

alias
string <= 128 characters

An alias that uniquely identifies the account. NOTE: This field is required if Tokenization is enabled in the Merchant profile settings.

alternate_authentication_data
string <= 2048 characters

Data that documents and supports a specific authentication process that was sent in the AlternateAuthenticationMethod field.

alternate_authentication_date
string <date>

Date and time in UTC of the cardholder authentication. Format: YYYYMMDDHHMM

alternate_authentication_method
string
Enum: "01" "02" "03" "04" "05" "06"

Mechanism used by the cardholder to authenticate to the 3DS requester. Possible Values: * 01 - No authentication occurred (e.g. Guest Checkout) * 02 - Login to the cardholder account at the Merchant system using Merchant system credentials * 03 - Login to the cardholder account at the Merchant system using a Federated ID * 04 - Login to the cardholder account at the Merchant system using Issuer credentials * 05 - Login to the cardholder account at the Merchant system using third-party authentication * 06 - Login to the cardholder account at the Merchant system using FIDO Authenticator

authentication_indicator
string
Enum: "01" "02" "03" "04" "05" "06"

Indicates the type of Authentication request. 01 - Payment transaction 02 - Recurring transaction 03 - Installment transaction 04 - Add card 05 - Maintain card 06 - Cardholder verification as part of EMV token ID&V

amount
required
number <= 9007199254740991

The amount of the transaction.

billing_first_name
required
string <= 22 characters

Consumer's billing first name.

billing_last_name
required
string <= 22 characters

Consumer's last name.

billing_phone
string <= 20 characters

Conditional: Consumer's phone number for billing address. This should be unformatted without hyphens. ITU/E.123 format with international prefix (+PPNNNNNNNNN...)

billing_address_1
required
string <= 50 characters

Consumer's billing address information.

billing_address_2
string <= 50 characters

Conditional: Consumer's billing address information.

billing_address_3
string <= 50 characters

Conditional: Consumer's billing address information.

billing_city
required
string <= 50 characters

Consumer's city on their billing address.

billing_postal_code
string <= 16 characters

Consumer's postal code of their billing address. Required unless market or regional mandate restricts sending this information.

billing_state
string <= 50 characters

Consumer's state or province of their billing address. ISO 3166-2 format as sub division code. Required unless market or regional mandate restricts sending this information, or State is not applicable for this country.

billing_country_code
required
string

Consumer's alpha 2 digit ISO 3166 country code.

card
string

The ID of the card that is checked for enrollment.
Note: The card is required if encrypted_card or reuse_token is not provided.

encrypted_card
string

Client encrypted cardholder data. The cardholder data encrypted using the Verifone provided public key. This needs to be provided in base64 encoded format. The data to encrypt is a JSON with possible tags being cardNumber, sequenceNumber, cardholderName, startMonth, startYear, expiryMonth, expiryYear, cvv. Additionally a tag called captureTime must be presenting indicating the time the card was captured in UTC in format RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. Sample JSON to encrypt:

    {
        "captureTime": '2019-08-24T14:15:22Z',
        "cardNumber": '5555555555554444',
        "expiryMonth": 1,
        "expiryYear": 2025,
        "cvv": '123',
    } 

Note: encrypted_card is required if card or reuse_token is not provided.

public_key_alias
string

The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided.

reuse_token
string [ 16 .. 255 ] characters

The Verifone issued reuse token used to represent the previously stored cardholder data.
Note: reuse_token is required if card or encrypted_card is not provided.

currency_code
required
string = 3 characters

Alphabetical ISO 4217 currency code for the sale amount.

card_type
string
Enum: "VSA" "MSC" "VSD" "VSE" "MAE" "AMX" "DSC" "DIN" "CBLA" "JCB" "ENR" "JAL" "CTB" "DNK" "CSI" "EAN" "UATP" "MAEI" "CB"

Type of cards used for purchase. Possible Values: * VSA - Visa * MSC - Mastercard * VSD - Visa Delta/Debit (UK) * VSE - Visa Electron * MAE - Maestro (UK, Spain & Austria) AMX - American Express * DSC - Discover * DIN - Diners * CBLA - Carte Blanche JCB - JCB * ENR - EnRoute * JAL - JAL * CTB - Carte Bleue * DNK - Dankort * CSI - CartaSi * EAN - Encoded Account Number UATP - UATP * MAEI - Maestro (International) * CB - Cartes Bancaires

category_code
number <= 9999

Merchant category code (MCC) NOTE: This field is required by Mastercard and Visa Brazil extensions.

challenge_indicator
string
Enum: "01" "02" "03" "04" "90"

NOTE: This is a 2.0 required field, Cardinal will default to 01 on Merchant Configuration - can be overridden by the merchant. Possible Values: * 01 - No preference * 02 - No challenge requested * 03 - Challenge requested (3DS Requestor Preference) * 04 - Challenge requested (Mandate) * 90 - Used to call the CB Scoring platform

device_info_id
required
string

Device infromation ID that relates to the device data that was previously collected.

delivery_email
string <= 255 characters

For electronic delivery, email address to which the merchandise was delivered.

delivery_time_frame
string
Enum: "01" "02" "03" "04"

Indicates the delivery timeframe. Possible Values: * 01 - Electronic delivery * 02 - Same day shipping * 03 - Overnight shipping * 04 - Two or more days shipping

device_channel
string
Enum: "SDK" "Browser" "3RI"

Determines the channel that the transaction came through. Possible Values: * SDK * Browser * 3RI NOTE: SDK will dynamically set SDK when using the Mobile SDK or Browser when customer is using our JavaScript SDK. Client will need to set 3RI for Merchant Initiated or 3RI transactions.

object (device_data_info)
email
required
string

Consumer's email address.

fraud_activity
string
Enum: "01" "02"

Indicates whether the merchant experienced suspicious activity (including previous fraud) on the account. Possible Values: * 01 - No suspicious activity * 02 - Suspicious activity observed

gift_card_amount
number <= 999999999999999

The purchase amount total for prepaid gift cards in major units. Example: $123.45 USD = 12345

gift_card_count
number <= 99

Total count of individual prepaid gift cards purchased.

gift_card_currency_code
string = 3 characters

ISO 4217 currency code for the gift card purchased.

installment
number [ 2 .. 999 ]

Indicates the maximum number of authorizations for installment payments. An integer value greater than 1 indicating the maximum number of permitted authorizations for installment payments. ** Required for Recurring and Installment transactions, when authenticationIndicator="02" & "03" **

merchant_reference
required
string

Order Number or transaction identifier from the Merchant commerce website.

merchant_score
string <= 20 characters

The global score calculated by the CB Scoring platform.

message_category
string
Enum: "01" "02"

Category of the message for a specific use case. Possible Values:

  • 01 - PA (payment)/ NPA (non payment) with amount 0
  • 02 - NPA (non payment) NOTE: Default is payment (01). Configured on Merchant account, or can be overridden on transaction.
phone_number
string

Cardholder's phone number. ITU/E.123 format with international prefix (+PPNNNNNNNNN...). Required unless market or regional mandate restricts sending this information.

payment_account_age
string <date>

Date when the payment account was added to the cardholder account. Format: YYYYMMDD

payment_account_indicator
string
Enum: "01" "02" "03" "04" "05"

Indicates the length of time that the payment account was enrolled in the merchant account. Possible Values: * 01 - No account (guest checkout) * 02 - During the transaction * 03 - Less than 30 days * 04 - 30-60 days * 05 - More than 60 days

payment_use_case
string
Enum: "01" "02" "03" "04" "05"

The value from this field will be mapped to the data field on the CB-USECASE extension. NOTE: Required for CB transactions (required if MessageCategory = PA, or MessageCategory = NPA and AuthenticationIndicator = 02 or 03).

  • Possible Values:
    • 01 - Single Payment
    • 02 - Fixed Amount and Term Subscription
    • 03 - Payment By Instalments
    • 04 - Payment By Shipment
    • 05 - Other Recurring Payments
pre_order_date
string <date>

Expected date that a pre-ordered purchase will be available. Format: YYYYMMDD

pre_order_indicator
string
Enum: "01" "02"

Indicates whether the cardholder is placing an order with a future availability or release date. Possible Values: * 01 - Merchandise available * 02 - Future availability

prior_authentication_data
string <= 2048 characters

This field carry data that the ACS can use to verify the authentication process

prior_authentication_method
string
Enum: "01" "02" "03" "04"

Mechanism used by the Cardholder to previously authenticate to the 3DS Requestor. * 01 - Frictionless authentication occurred by ACS * 02 - Cardholder challenge occurred by ACS * 03 - AVS verified * 04 - Other issuer methods

prior_authentication_ref
string <= 36 characters

This data element contains a ACS Transaction ID for a prior authenticated transaction. For example, the first recurring transaction that was authenticated with the cardholder

prior_authentication_time
string <date>

Date and time in UTC of the prior cardholder authentication. Format: YYYYMMDDHHMM

product_code
string
Enum: "PHY" "CHA" "ACF" "QCT" "PAL"

Merchant product code. Possible Values: * PHY - Goods/Service Purchase * CHA - Check Acceptance * ACF - Account Funding * QCT - Quasi-Cash Transaction * PAL - Prepaid Activation and Load NOTE: This value defaults to PHY. This field can be used to override that value if applicable.

purchase_date
string <date>

Date of original purchase. Format: YYYYMMDDHHMMSS NOTE: If not passed, SDK will use current date. Required for recurring transactions. ** Required for Recurring and Installment transactions, when authenticationIndicator="02" & "03" **

recurring_end
string <date>

The date after which no further recurring authorizations should be performed. Format: YYYYMMDD ** Required for Recurring and Installment transactions, when authenticationIndicator="02" & "03" **

recurring_frequency
number <= 9999

Conditional: Integer value indicating the minimum number of days between recurring authorizations. A frequency of monthly is indicated by the value 28. Multiple of 28 days will be used to indicate months. Example: 6 months = 168 ** Required for Recurring and Installment transactions, when authenticationIndicator="02" & "03" **

reorder_indicator
string
Enum: "01" "02"

Indicates whether the cardholder is placing an order with a future availability or release date. Possible Values: * 01 - Merchandise available * 02 - Future availability

requestor_id
string <= 35 characters

This value is a Directory Server assigned 3DS Requestor ID value, each DS may provide a unique ID. NOTE: This is a 2.0 value only and if passed will override the Requestor ID value that is, configured on the Merchant's profile.

requestor_name
string <= 40 characters

This value is a Directory Server assigned 3DS Requestor Name value, each DS may provide a unique ID. NOTE: This is a 2.0 value only and if passed will override the Requestor Name value that is configured on the Merchant's profile.

sdk_max_timeout
number <= 99

This field indicates the maximum amount of time for all 3DS 2.0 messages to be communicated between all components (in minutes). Possible Values: * Greater than or equal to 05 (05 is the minimum timeout to set) * Cardinal Default is set to 15 * NOTE: This field is a required 3DS 2.0 field and Cardinal sends in a default of 15 if nothing is passed.

shipping_address_1
string <= 50 characters

Conditional: Consumer's shipping address information.

shipping_address_2
string <= 50 characters

Conditional: Consumer's shipping address information.

shipping_address_3
string <= 50 characters

Conditional: Consumer's shipping address information.

shipping_address_usage_date
string <date>

Date when the shipping address used for this transaction was first used. Format: YYYYMMDD

shipping_address_usage_indicator
string
Enum: "01" "02" "03" "04"

Indicates when the shipping address used for transaction was first used. Possible Values: * 01 - This transaction * 02 - Less than 30 days * 03 - 30-60 days * 04 - More than 60 days

shipping_city
string <= 50 characters

Conditional: Consumer's city of their shipping address.

shipping_country_code
string

Conditional: Consumer's alpha 2 digit ISO 3166 country code.

shipping_method_indicator
string
Enum: "01" "02" "03" "04" "05" "06" "07"

Indicates shipping method chosen for the transaction. Possible Values: * 01 - Ship to cardholder billing address * 02 - Ship to another verified address on file with merchant * 03 - Ship to address that is different than billing address * 04 - Ship to store (store address should be populated on request) * 05 - Digital goods * 06 - Travel and event tickets, not shipped * 07 - Other

shipping_name_indicator
string
Enum: "01" "02"

Indicates if the cardholder name on the account is identical to the shipping name used for the transaction. Possible Values: * 01 - Account and shipping name identical * 02 - Account and shipping name differ

shipping_postal_code
string <= 16 characters

Conditional: Consumer's postal code of their shipping address.

shipping_state
string <= 50 characters

Conditional: Consumer's state or province of their shipping address. ISO 3166-2 format as sub division code.

threeds_contract_id
required
string

The ID of the threeDSContractId used.

three_ri_indicator
string
Enum: "01" "02" "03" "04" "05" "06" "07" "08" "09" "10" "11"

Indicates the type of 3RI request. Possible Values: * 01 - Recurring transaction * 02 - Installment transaction * 03 - Add card * 04 - Maintain card * 05 - Account verification * 06 - Split/delayed shipment * 07 - Top-up * 08 - Mail Order * 09 - Telephone Order * 10 - Whitelist status check * 11 - Other payment

threeds_version
string
Deprecated
Value: "1.0.2"

This field contains the 3DS version that can be leveraged to force a transaction down the 1.0 rails.

token
string <= 100 characters

The third party token that will be used to process the transaction in place of the actual card number. NOTE: This field is required if Tokenization is enabled in the Merchant profile setting AND the Merchant is using a third party token in place of the Cardinal token.

transaction_mode
string
Enum: "M" "P" "R" "S" "T"

Transaction mode identifier. Identifies the channel the transaction originates from. Available Options: M - Moto (Mail Order Telephone Order) P - Mobile Device R - Retail (Physical Store) S - Computer Device T - Tablet Device

transaction_count_day
number <= 999

Number of transactions (successful or abandoned) for this cardholder account within the last 24 hours.

transaction_count_year
number <= 999

Number of transactions (successful or abandoned) for this cardholder account within the last year.

total_items
string = 2 characters

Number of purchased items or services Possible Values:
00-99

work_phone
string <= 25 characters

Conditional: Consumer's work phone number. ITU/E.123 format with international prefix (+PPNNNNNNNNN...)

Responses

Request samples

Content type
application/json
{
  • "account_age_indicator": "01",
  • "account_change_date": "2019-08-24",
  • "account_change_indicator": "01",
  • "account_create_date": "2019-08-24",
  • "account_id": "123456789",
  • "account_purchases": 9999,
  • "account_pwd_change_date": "2019-08-24",
  • "account_pwd_change_indicator": "01",
  • "acs_window_size": "01",
  • "add_card_attempts": 999,
  • "address_match": "Y",
  • "alias": "string",
  • "alternate_authentication_data": "string",
  • "alternate_authentication_date": "2019-08-24",
  • "alternate_authentication_method": "01",
  • "authentication_indicator": "01",
  • "amount": 9007199254740991,
  • "billing_first_name": "Chris",
  • "billing_last_name": "Brown",
  • "billing_phone": "555-8675-309",
  • "billing_address_1": "8100 Tyler Blvd",
  • "billing_address_2": "1211A Victory Street",
  • "billing_address_3": "2740 Sunset Blvd",
  • "billing_city": "Mentor",
  • "billing_postal_code": "K44060",
  • "billing_state": "OH",
  • "billing_country_code": "US",
  • "card": "string",
  • "encrypted_card": "U3dhZ2dlciByb2Nrcw==",
  • "public_key_alias": "string",
  • "reuse_token": "stringstringstri",
  • "currency_code": "USD",
  • "card_type": "VSA",
  • "category_code": 9999,
  • "challenge_indicator": "01",
  • "device_info_id": "1_e852b685-6ba3-4f6a-bf30-183cbce64b92",
  • "delivery_email": "john.doe@example.com",
  • "delivery_time_frame": "01",
  • "device_channel": "SDK",
  • "device_data_info": {
    },
  • "email": "john.doe@example.com",
  • "fraud_activity": "01",
  • "gift_card_amount": 999999999999999,
  • "gift_card_count": 99,
  • "gift_card_currency_code": "USD",
  • "installment": 2,
  • "merchant_reference": "order_123",
  • "merchant_score": "100",
  • "message_category": "01",
  • "phone_number": "+1234567890",
  • "payment_account_age": "2019-08-24",
  • "payment_account_indicator": "01",
  • "payment_use_case": "01",
  • "pre_order_date": "2019-08-24",
  • "pre_order_indicator": "01",
  • "prior_authentication_data": "string",
  • "prior_authentication_method": "01",
  • "prior_authentication_ref": "cfbdce5a-2604-4ab5-b959-90ae2854d281",
  • "prior_authentication_time": "2019-08-24",
  • "product_code": "PHY",
  • "purchase_date": "2019-08-24",
  • "recurring_end": "2019-08-24",
  • "recurring_frequency": 9999,
  • "reorder_indicator": "01",
  • "requestor_id": "string",
  • "requestor_name": "string",
  • "sdk_max_timeout": 99,
  • "shipping_address_1": "8100 Tyler Blvd",
  • "shipping_address_2": "1234 Test Street",
  • "shipping_address_3": "5678 Test Street",
  • "shipping_address_usage_date": "2019-08-24",
  • "shipping_address_usage_indicator": "01",
  • "shipping_city": "Mentor",
  • "shipping_country_code": "US",
  • "shipping_method_indicator": "01",
  • "shipping_name_indicator": "01",
  • "shipping_postal_code": "K44060",
  • "shipping_state": "OH",
  • "threeds_contract_id": "7076974d-04b9-4375-9814-e9313f6bd036",
  • "three_ri_indicator": "01",
  • "threeds_version": "1.0.2",
  • "token": "1234567890",
  • "transaction_mode": "M",
  • "transaction_count_day": 999,
  • "transaction_count_year": 999,
  • "total_items": "st",
  • "work_phone": "+10987654321"
}

Response samples

Content type
application/json
{
  • "acs_rendering_type": "01",
  • "acs_transaction_id": "9fe9a7d5-5e07-48c2-9fdd-a21fa274b1e9",
  • "authentication_id": "8894172e-52b2-4815-82da-ca3c5f005268",
  • "authentication_type": "01",
  • "authorization_payload": "eyJjb250YWluZXJWZXJzaW9uIjoiMSIsImVjaSI6IjA1IiwiYXV0aGVudGljYXRpb25WYWx1ZSI6IkFKa0JCa2hnUVFBQUFFNGdTRUp5ZFFBQUFBQT0iLCJlZmZlY3RpdmVBdXRoVHlwZSI6IkZSIiwiYWNzT3BlcmF0b3JJRCI6Ik1lcmNoYW50QUNTIiwidGhyZWVEU1JlcXVlc3RvckNoYWxsZW5nZUluZCI6IjAxIiwidHJhbnNTdGF0dXMiOiJZIiwiZHNUcmFuc0lEIjoiNzg4NDFhZGMtMDI1Mi00ZDE0LTg5ZTYtOWE0NzQ3YTE0NWRhIiwiYWNzVHJhbnNJRCI6IjlmZTlhN2Q1LTVlMDctNDhjMi05ZmRkLWEyMWZhMjc0YjFlOSIsIm1lc3NhZ2VWZXJzaW9uIjoiMi4yLjAiLCJtZXJjaGFudE5hbWUiOiJWZXJpRm9uZSIsInB1cmNoYXNlRGF0ZSI6IjIwMTkxMjMxMjM1OTU5IiwicHVyY2hhc2VBbW91bnQiOiI5ODg3NTYiLCJyZWN1cnJpbmdFeHBpcnkiOiIyMDE5MDgyMyIsImJyb3dzZXJJUCI6Ijg5LjE0Ni41OC44NyIsIm1lcmNoYW50Q291bnRyeUNvZGUiOiI4NDAiLCJhY3F1aXJlckJJTiI6IjEyMzQ1Njc4IiwiYWNxdWlyZXJNZXJjaGFudElEIjoiMTIzNDU2IiwidGhyZWVEU1JlcXVlc3Rvck5hbWUiOiJ2ZXJpZm9uZSIsInRocmVlRFNSZXF1ZXN0b3JJRCI6InZlcmlmb25lMjAiLCJjYXJkQnJhbmQiOiJWSVNBIn0=",
  • "cardholder_info": "Additional authentication is required by the issuing bank for this transaction, please contact Anybank at 123-456-7890.",
  • "cavv": "Y2FyZGluYWxjb21tZXJjZWF1dGg=",
  • "cavv_algorithm": "2",
  • "challenge_required": "N",
  • "card_brand": "VISA",
  • "ds_transaction_id": "78841adc-0252-4d14-89e6-9a4747a145da",
  • "eci_flag": "05",
  • "enrolled": "Y",
  • "error_desc": "Error Processing Message Request",
  • "error_no": "0",
  • "network_score": "99",
  • "order_id": "8000725863630542",
  • "pares_status": "Y",
  • "payload": "eyJtZXNzYWdlVHlwZSI6IkNSZXEiLCJtZXNzYWdlVmVyc2lvbiI6IjIuMi4wIiwidGhyZWVEU1NlcnZlclRyYW5zSUQiOiI4MmIwZmEwNS0yYzJkLTQyYzUtYWIyMi01ZjFhZjRjMGU4ZDEiLCJhY3NUcmFuc0lEIjoiN2NkMmNkZmEtNjA2YS00ODg4LWFjMmYtZGMyZTc1ODFlMjMwIiwiY2hhbGxlbmdlV2luZG93U2l6ZSI6IjAyIn0",
  • "reason_code": "1001",
  • "reason_desc": "Error Processing Message Request",
  • "signature_verification": "Y",
  • "status_reason": "01",
  • "third_party_token": "string",
  • "threeds_version": "2.2.0",
  • "token": "string",
  • "transaction_id": "7SsMEhgljpXAbKOLqNA0",
  • "xid": "AgIAABTXCmieAEiwml9DlVAsiBI="
}

Create a JWT for 3DS Client SDK

The API creates a JSON Web Token (JWT) which is then used as a method of authentication between the merchant and the 3DS Client SDK.

Authorizations:
BasicAuth
Request Body schema: application/json
threeds_contract_id
required
string

The ID of the threeDSContractId used.

Responses

Request samples

Content type
application/json
{
  • "threeds_contract_id": "cfbdce5a-2604-4ab5-b959-90ae2854d281"
}

Response samples

Content type
application/json
{
  • "jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjNmZjZGU3NS02M2MxLTRiMDktODA4MS0xYjdmMGUyZDQ2MmMiLCJpc3MiOiI1ZDEyMmU1OGMxYjQxMjI5M2MwYTUwZDIiLCJPcmdVbml0SWQiOiI1ZDExMmJjMWJiODc2ODIyNDBmOGRjMGQiLCJQYXlsb2FkIjp7fSwiaWF0IjoxNzE1MTgwMDk5fQ.yfNWLd2ssMoUpJt2QOUhf9p1B3dcl0xFOeaPYi8MUxI",
  • "threeds_contract_id": "7076974d-04b9-4375-9814-e9313f6bd036"
}

Validate a JWT for 3DS Client SDK

The API validates the JSON Web Token (JWT) and returns the consumer authentication outcome to the merchant.

Authorizations:
BasicAuth
Request Body schema: application/json
authentication_id
required
string

Authentication ID for completing the 3D Secure flow. To complete the transaction, the value is required to be passed on the Authenticate message to link the Lookup and Authenticate message together.

jwt
required
string

JWT with authentication details.

threeds_contract_id
required
string

The ID of the threeDSContractId used.

Responses

Request samples

Content type
application/json
{
  • "authentication_id": "8894172e-52b2-4815-82da-ca3c5f005268",
  • "jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjNmZjZGU3NS02M2MxLTRiMDktODA4MS0xYjdmMGUyZDQ2MmMiLCJpc3MiOiI1ZDEyMmU1OGMxYjQxMjI5M2MwYTUwZDIiLCJPcmdVbml0SWQiOiI1ZDExMmJjMWJiODc2ODIyNDBmOGRjMGQiLCJQYXlsb2FkIjp7fSwiaWF0IjoxNzE1MTgwMDk5fQ.yfNWLd2ssMoUpJt2QOUhf9p1B3dcl0xFOeaPYi8MUxI",
  • "threeds_contract_id": "af8f5e0d-799d-4421-a8ee-04002a15af53"
}

Response samples

Content type
application/json
{
  • "authentication_id": "8894172e-52b2-4815-82da-ca3c5f005268",
  • "action_code": "string",
  • "error_no": "0",
  • "error_desc": "Error Processing Message Request",
  • "validation_result": {
    }
}

Need help?

Do you have a question? If you didn’t find the answer you are looking for in our documentation, you can contact our Support teams for more information. If you have a technical issue or question, please contact us. We are happy to help.

Not yet a Verifone customer?

We’ll help you choose the right payment solution for your business, wherever you want to sell, in-person or online. Our team of experts will happily discuss your needs.

Verifone logo