openapi: 3.0.1
info:
title: 3D Secure API
description: 3DS APIs
version: 0.0.1
servers:
- url: https://emea.gsc.verifone.cloud/oidc/3ds-service
description: EMEA Production
- url: https://us.gsc.verifone.cloud/oidc/3ds-service
description: Americas Production
- url: https://nz.gsc.verifone.cloud/oidc/3ds-service
description: New Zealand and Australia Production
- url: https://cst.test-gsc.vfims.com/oidc/3ds-service
description: Global Sandbox
- url: https://uscst-gb.gsc.vficloud.net/oidc/3ds-service
description: Americas Sandbox
paths:
/v2/3d:
get:
tags:
- V2
summary: List ThreeDSAuthentications
security:
- BasicAuth: []
description: |2
The API enumerates the ThreeDS Authentication objects, offering
filtration criteria to obtain filtered data based on specified parameters.
## Filtering and Searching
Filters can be used to interact with any object. Objects can be queried by appending parameters to
the query string of the URL.
So to get a list of all pares_status = Y in threeds authentication with EUR currency, having an amount equal to or greater than 20,
we would use the following URL:
/v2/3d?_limit=10&amount>=212¤cy_code=EUR&authentication.pares_status=Y
Parameters with multiple values are also supported. So for example, to query pares_status = Y and pares_status = U,
you would use the following URL:
/v2/3d?authentication.pares_status=Y&authentication.pares_status=U
Use the following syntax to query objects based on parameters and values - in this example querying threeds authentication by the amount.
Query on one value:
/v2/3d?amount=7500
Query on everything but one value:
/v2/3d?amount!=7500
Less than and equal to:
/v2/3d?amount<=7500
Greater than and equal to:
/v2/3d?amount>=7500
Range of values within/outside specified bounds:
/v2/3d?amount<=7600&amount>=7500
Multiple parameters:
/v2/3d?amount=7600¤cy_code=EUR
Limit the number of results:
/v2/3d?_limit=50
Sort results in descending order:
/v2/3d?_sort=-amount
Sort results in ascending order:
/v2/3d?_sort=amount
Note:
Operator
Description
=
equal
!
not equal
<
less than and equal to
>
greater than and equal to
~
pattern matching
>&<
multiple arguments search
operationId: getV23d
parameters:
- name: _limit
in: query
description:
"The maximum number of values that can be sent in the response
( maximum: 10000 )"
schema:
maximum: 10000
minimum: 1
type: integer
default: 2000
- name: _skip
in: query
description: _skip query params
schema:
minimum: 0
type: integer
default: 0
- name: _sort
in: query
description: _sort query params
style: form
explode: true
schema:
type: array
items:
type: string
enum:
- _id
- amount
- card
- created_at
- currency_code
- entity_id
- entity_name
- threeds_contract_id
- transaction_id
- authentication.acs_rendering_type
- authentication.acs_transaction_id
- authentication.acs_url
- authentication.authentication_type
- authentication.authorization_payload
- authentication.card_brand
- authentication.cardholder_info
- authentication.cavv_algorithm
- authentication.cavv
- authentication.challenge_cancel
- authentication.challenge_required
- authentication.ds_transaction_id
- authentication.eci_flag
- authentication.enrolled
- authentication.error_desc
- authentication.error_no
- authentication.network_score
- authentication.order_id
- authentication.pares_status
- authentication.payload
- authentication.reason_code
- authentication.reason_desc
- authentication.signature_verification
- authentication.status_reason
- authentication.threeds_version
- authentication.xid
- authentication.white_list_status
- authentication.white_list_status_source
- "-_id"
- "-amount"
- "-card"
- "-created_at"
- "-currency_code"
- "-entity_id"
- "-threeds_contract_id"
- "-transaction_id"
- "-authentication.acs_rendering_type"
- "-authentication.acs_transaction_id"
- "-authentication.acs_url"
- "-authentication.authentication_type"
- "-authentication.authorization_payload"
- "-authentication.card_brand"
- "-authentication.cardholder_info"
- "-authentication.cavv_algorithm"
- "-authentication.cavv"
- "-authentication.challenge_cancel"
- "-authentication.challenge_required"
- "-authentication.ds_transaction_id"
- "-authentication.eci_flag"
- "-authentication.enrolled"
- "-authentication.error_desc"
- "-authentication.error_no"
- "-authentication.network_score"
- "-authentication.order_id"
- "-authentication.pares_status"
- "-authentication.payload"
- "-authentication.reason_code"
- "-authentication.reason_desc"
- "-authentication.signature_verification"
- "-authentication.status_reason"
- "-authentication.threeds_version"
- "-authentication.xid"
- "-authentication.white_list_status"
- "-authentication.white_list_status_source"
x-constraint:
single: true
x-constraint:
single: true
- name: _id
in: query
description: ThreeDSAuthentication id
schema:
type: string
x-alternatives:
- type: string
description: ThreeDSAuthentication id
- type: array
items:
type: string
description: ThreeDSAuthentication id
collectionFormat: multi
name: _id
x-alternatives:
- type: string
description: ThreeDSAuthentication id
- type: array
items:
type: string
description: ThreeDSAuthentication id
collectionFormat: multi
name: _id
- name: amount
in: query
description: The amount of the transaction.
schema:
maximum: 9007199254740991
type: number
x-alternatives:
- type: number
description: The amount of the transaction.
maximum: 9007199254740991
- type: array
items:
type: number
description: The amount of the transaction.
maximum: 9007199254740991
collectionFormat: multi
name: amount
x-alternatives:
- type: number
description: The amount of the transaction.
maximum: 9007199254740991
- type: array
items:
type: number
description: The amount of the transaction.
maximum: 9007199254740991
collectionFormat: multi
name: amount
- name: card
in: query
description: The ID of the card that is checked for enrollment.
schema:
type: string
x-alternatives:
- type: string
description: The ID of the card that is checked for enrollment.
- type: array
items:
type: string
description: The ID of the card that is checked for enrollment.
collectionFormat: multi
name: card
x-alternatives:
- type: string
description: The ID of the card that is checked for enrollment.
- type: array
items:
type: string
description: The ID of the card that is checked for enrollment.
collectionFormat: multi
name: card
- name: created_at
in: query
description: The time at which the authentication was created.
schema:
type: string
format: date
x-alternatives:
- type: string
format: date
description: The time at which the authentication was created.
- type: array
items:
type: string
format: date
description: The time at which the authentication was created.
collectionFormat: multi
name: created_at
x-alternatives:
- type: string
format: date
description: The time at which the authentication was created.
- type: array
items:
type: string
format: date
description: The time at which the authentication was created.
collectionFormat: multi
name: created_at
- name: currency_code
in: query
description: Alphabetical ISO 4217 currency code for the sale amount.
schema:
maxLength: 3
minLength: 3
type: string
x-alternatives:
- type: string
description: Alphabetical ISO 4217 currency code for the sale amount.
minLength: 3
maxLength: 3
- type: array
items:
type: string
description: Alphabetical ISO 4217 currency code for the sale amount.
minLength: 3
maxLength: 3
collectionFormat: multi
name: currency_code
x-alternatives:
- type: string
description: Alphabetical ISO 4217 currency code for the sale amount.
minLength: 3
maxLength: 3
- type: array
items:
type: string
description: Alphabetical ISO 4217 currency code for the sale amount.
minLength: 3
maxLength: 3
collectionFormat: multi
name: currency_code
- name: entity_id
in: query
description: The ID of the entity, which this authentication belongs to.
schema:
type: string
x-alternatives:
- type: string
description: The ID of the entity, which this authentication belongs to.
- type: array
items:
type: string
description:
The ID of the entity, which this authentication belongs
to.
collectionFormat: multi
name: entity_id
x-alternatives:
- type: string
description: The ID of the entity, which this authentication belongs to.
- type: array
items:
type: string
description: The ID of the entity, which this authentication belongs to.
collectionFormat: multi
name: entity_id
- name: threeds_contract_id
in: query
description: The ID of the threeDSContractId used.
schema:
type: string
x-alternatives:
- type: string
description: The ID of the threeDSContractId used.
- type: array
items:
type: string
description: The ID of the threeDSContractId used.
collectionFormat: multi
name: threeds_contract_id
x-alternatives:
- type: string
description: The ID of the threeDSContractId used.
- type: array
items:
type: string
description: The ID of the threeDSContractId used.
collectionFormat: multi
name: threeds_contract_id
- name: transaction_id
in: query
description:
To complete the transaction, the value is required to be passed
on the Cardinal.Continue().
schema:
type: string
x-alternatives:
- type: string
description:
To complete the transaction, the value is required to be
passed on the Cardinal.Continue().
- type: array
items:
type: string
description:
To complete the transaction, the value is required to be
passed on the Cardinal.Continue().
collectionFormat: multi
name: transaction_id
x-alternatives:
- type: string
description:
To complete the transaction, the value is required to be passed
on the Cardinal.Continue().
- type: array
items:
type: string
description:
To complete the transaction, the value is required to be
passed on the Cardinal.Continue().
collectionFormat: multi
name: transaction_id
- name: authentication.acs_rendering_type
in: query
description:
"Identifies the UI Type the ACS will use to complete the challenge.
NOTE: Only available for App transactions using the Cardinal Mobile SDK
and is optional for an Issuer to return."
schema:
type: string
x-alternatives:
- type: string
description:
"Identifies the UI Type the ACS will use to complete the
challenge. NOTE: Only available for App transactions using the Cardinal
Mobile SDK and is optional for an Issuer to return."
- type: array
items:
type: string
description:
"Identifies the UI Type the ACS will use to complete the
challenge. NOTE: Only available for App transactions using the Cardinal
Mobile SDK and is optional for an Issuer to return."
collectionFormat: multi
name: authentication.acs_rendering_type
x-alternatives:
- type: string
description:
"Identifies the UI Type the ACS will use to complete the challenge.
NOTE: Only available for App transactions using the Cardinal Mobile SDK
and is optional for an Issuer to return."
- type: array
items:
type: string
description:
"Identifies the UI Type the ACS will use to complete the
challenge. NOTE: Only available for App transactions using the Cardinal
Mobile SDK and is optional for an Issuer to return."
collectionFormat: multi
name: authentication.acs_rendering_type
- name: authentication.acs_transaction_id
in: query
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
schema:
type: string
x-alternatives:
- type: string
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
- type: array
items:
type: string
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
collectionFormat: multi
name: authentication.acs_transaction_id
x-alternatives:
- type: string
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
- type: array
items:
type: string
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
collectionFormat: multi
name: authentication.acs_transaction_id
- name: authentication.acs_url
in: query
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled = Y"
schema:
type: string
x-alternatives:
- type: string
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled
= Y"
- type: array
items:
type: string
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled
= Y"
collectionFormat: multi
name: authentication.acs_url
x-alternatives:
- type: string
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled =
Y"
- type: array
items:
type: string
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled
= Y"
collectionFormat: multi
name: authentication.acs_url
- name: authentication.authentication_type
in: query
description:
"Indicates the type of authentication that will be used to challenge
the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out
of Band)"
schema:
type: string
x-alternatives:
- type: string
description:
"Indicates the type of authentication that will be used to
challenge the card holder. Possible Values: 01 - Static 02 - Dynamic
03 - OOB (Out of Band)"
- type: array
items:
type: string
description:
"Indicates the type of authentication that will be used
to challenge the card holder. Possible Values: 01 - Static 02 - Dynamic
03 - OOB (Out of Band)"
collectionFormat: multi
name: authentication.authentication_type
x-alternatives:
- type: string
description:
"Indicates the type of authentication that will be used to
challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03
- OOB (Out of Band)"
- type: array
items:
type: string
description:
"Indicates the type of authentication that will be used to
challenge the card holder. Possible Values: 01 - Static 02 - Dynamic
03 - OOB (Out of Band)"
collectionFormat: multi
name: authentication.authentication_type
- name: authentication.authorization_payload
in: query
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
schema:
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
type: string
x-alternatives:
- type: string
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
- type: array
items:
type: string
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
collectionFormat: multi
name: authentication.authorization_payload
x-alternatives:
- type: string
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
- type: array
items:
type: string
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
collectionFormat: multi
name: authentication.authorization_payload
- name: authentication.card_brand
in: query
description: Card Brand
schema:
type: string
x-alternatives:
- type: string
description: Card Brand
- type: array
items:
type: string
description: Card Brand
collectionFormat: multi
name: authentication.card_brand
x-alternatives:
- type: string
description: Card Brand
- type: array
items:
type: string
description: Card Brand
collectionFormat: multi
name: authentication.card_brand
- name: authentication.cardholder_info
in: query
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the ACS. The
Issuing Bank can optionally support this value.
schema:
type: string
x-alternatives:
- type: string
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the ACS. The
Issuing Bank can optionally support this value.
- type: array
items:
type: string
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the
ACS. The Issuing Bank can optionally support this value.
collectionFormat: multi
name: authentication.cardholder_info
x-alternatives:
- type: string
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the ACS. The
Issuing Bank can optionally support this value.
- type: array
items:
type: string
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the ACS. The
Issuing Bank can optionally support this value.
collectionFormat: multi
name: authentication.cardholder_info
- name: authentication.cavv_algorithm
in: query
description:
"Indicates the algorithm used to generate the CAVV value. Possible
Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
schema:
type: string
x-alternatives:
- type: string
description:
"Indicates the algorithm used to generate the CAVV value.
Possible Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
- type: array
items:
type: string
description:
"Indicates the algorithm used to generate the CAVV value.
Possible Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
collectionFormat: multi
name: authentication.cavv_algorithm
x-alternatives:
- type: string
description:
"Indicates the algorithm used to generate the CAVV value. Possible
Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
- type: array
items:
type: string
description:
"Indicates the algorithm used to generate the CAVV value.
Possible Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
collectionFormat: multi
name: authentication.cavv_algorithm
- name: authentication.cavv
in: query
description:
Cardholder Authentication Verification Value (CAVV). This value
should be appended to the authorization message signifying that the transaction
has been successfully authenticated. It will be encoded according to the
Merchant's configuration in either Base64 encoding or Hex encoding. A Base64
encoding Merchant configuration will produce values of 28 or 32 characters.
A Hex encoding Merchant configuration will produce values of 40 or 48 characters.
The value when decoded will either be 20 bytes for CAVV.
schema:
type: string
x-alternatives:
- type: string
description:
Cardholder Authentication Verification Value (CAVV). This
value should be appended to the authorization message signifying that
the transaction has been successfully authenticated. It will be encoded
according to the Merchant's configuration in either Base64 encoding
or Hex encoding. A Base64 encoding Merchant configuration will produce
values of 28 or 32 characters. A Hex encoding Merchant configuration
will produce values of 40 or 48 characters. The value when decoded will
either be 20 bytes for CAVV.
- type: array
items:
type: string
description:
Cardholder Authentication Verification Value (CAVV). This
value should be appended to the authorization message signifying that
the transaction has been successfully authenticated. It will be encoded
according to the Merchant's configuration in either Base64 encoding
or Hex encoding. A Base64 encoding Merchant configuration will produce
values of 28 or 32 characters. A Hex encoding Merchant configuration
will produce values of 40 or 48 characters. The value when decoded
will either be 20 bytes for CAVV.
collectionFormat: multi
name: authentication.cavv
x-alternatives:
- type: string
description:
Cardholder Authentication Verification Value (CAVV). This value
should be appended to the authorization message signifying that the transaction
has been successfully authenticated. It will be encoded according to the
Merchant's configuration in either Base64 encoding or Hex encoding. A
Base64 encoding Merchant configuration will produce values of 28 or 32
characters. A Hex encoding Merchant configuration will produce values
of 40 or 48 characters. The value when decoded will either be 20 bytes
for CAVV.
- type: array
items:
type: string
description:
Cardholder Authentication Verification Value (CAVV). This
value should be appended to the authorization message signifying that
the transaction has been successfully authenticated. It will be encoded
according to the Merchant's configuration in either Base64 encoding
or Hex encoding. A Base64 encoding Merchant configuration will produce
values of 28 or 32 characters. A Hex encoding Merchant configuration
will produce values of 40 or 48 characters. The value when decoded will
either be 20 bytes for CAVV.
collectionFormat: multi
name: authentication.cavv
- name: authentication.challenge_cancel
in: query
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future EMVCo
use (values invalid until defined by EMVCo). 03 - Transaction Timed Out—Decoupled
Authentication 04 - Transaction timed out at ACS—other timeouts 05 - Transaction
Timed out at ACS - First CReq not received by ACS 06 - Transaction Error
07 - Unknown 08 = Transaction Timed Out at SDK NOTE: Only present when the
Consumer cancels the challenge. Decoupled authentication is not supported
at this time."
schema:
type: string
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- "8.0"
x-alternatives:
- type: string
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future
EMVCo use (values invalid until defined by EMVCo). 03 - Transaction
Timed Out—Decoupled Authentication 04 - Transaction timed out at ACS—other
timeouts 05 - Transaction Timed out at ACS - First CReq not received
by ACS 06 - Transaction Error 07 - Unknown 08 = Transaction Timed Out
at SDK NOTE: Only present when the Consumer cancels the challenge. Decoupled
authentication is not supported at this time."
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- 8.0
- type: array
items:
type: string
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future
EMVCo use (values invalid until defined by EMVCo). 03 - Transaction
Timed Out—Decoupled Authentication 04 - Transaction timed out at ACS—other
timeouts 05 - Transaction Timed out at ACS - First CReq not received
by ACS 06 - Transaction Error 07 - Unknown 08 = Transaction Timed
Out at SDK NOTE: Only present when the Consumer cancels the challenge.
Decoupled authentication is not supported at this time."
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- 8.0
collectionFormat: multi
name: authentication.challenge_cancel
x-alternatives:
- type: string
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future
EMVCo use (values invalid until defined by EMVCo). 03 - Transaction Timed
Out—Decoupled Authentication 04 - Transaction timed out at ACS—other timeouts
05 - Transaction Timed out at ACS - First CReq not received by ACS 06
- Transaction Error 07 - Unknown 08 = Transaction Timed Out at SDK NOTE:
Only present when the Consumer cancels the challenge. Decoupled authentication
is not supported at this time."
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- 8.0
- type: array
items:
type: string
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future
EMVCo use (values invalid until defined by EMVCo). 03 - Transaction
Timed Out—Decoupled Authentication 04 - Transaction timed out at ACS—other
timeouts 05 - Transaction Timed out at ACS - First CReq not received
by ACS 06 - Transaction Error 07 - Unknown 08 = Transaction Timed Out
at SDK NOTE: Only present when the Consumer cancels the challenge. Decoupled
authentication is not supported at this time."
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- 8.0
collectionFormat: multi
name: authentication.challenge_cancel
- name: authentication.challenge_required
in: query
description:
"Indicates whether a challenge is required to complete authentication.
For example, regional mandates. Possible Values: Y - Challenge Required
N - Challenge Not Required"
schema:
type: string
x-alternatives:
- type: string
description:
"Indicates whether a challenge is required to complete authentication.
For example, regional mandates. Possible Values: Y - Challenge Required
N - Challenge Not Required"
- type: array
items:
type: string
description:
"Indicates whether a challenge is required to complete
authentication. For example, regional mandates. Possible Values: Y
- Challenge Required N - Challenge Not Required"
collectionFormat: multi
name: authentication.challenge_required
x-alternatives:
- type: string
description:
"Indicates whether a challenge is required to complete authentication.
For example, regional mandates. Possible Values: Y - Challenge Required
N - Challenge Not Required"
- type: array
items:
type: string
description:
"Indicates whether a challenge is required to complete authentication.
For example, regional mandates. Possible Values: Y - Challenge Required
N - Challenge Not Required"
collectionFormat: multi
name: authentication.challenge_required
- name: authentication.ds_transaction_id
in: query
description:
"Unique transaction identifier assigned by the Directory Server
(DS) to identify a single transaction. NOTE: Required for Mastercard Identity
Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0)
transactions"
schema:
type: string
x-alternatives:
- type: string
description:
"Unique transaction identifier assigned by the Directory
Server (DS) to identify a single transaction. NOTE: Required for Mastercard
Identity Check transaction in Authorization - Only available in EMV
3DS (3DS 2.0) transactions"
- type: array
items:
type: string
description:
"Unique transaction identifier assigned by the Directory
Server (DS) to identify a single transaction. NOTE: Required for Mastercard
Identity Check transaction in Authorization - Only available in EMV
3DS (3DS 2.0) transactions"
collectionFormat: multi
name: authentication.ds_transaction_id
x-alternatives:
- type: string
description:
"Unique transaction identifier assigned by the Directory Server
(DS) to identify a single transaction. NOTE: Required for Mastercard Identity
Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0)
transactions"
- type: array
items:
type: string
description:
"Unique transaction identifier assigned by the Directory
Server (DS) to identify a single transaction. NOTE: Required for Mastercard
Identity Check transaction in Authorization - Only available in EMV
3DS (3DS 2.0) transactions"
collectionFormat: multi
name: authentication.ds_transaction_id
- name: authentication.eci_flag
in: query
description:
"Electronic Commerce Indicator (ECI). The ECI value is part of
the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 - Attempted
Authentication Transaction 00 or 07 - Non 3D Secure Transaction Mastercard
- 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS
CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
schema:
type: string
x-alternatives:
- type: string
description:
"Electronic Commerce Indicator (ECI). The ECI value is part
of the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06
- Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction
Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05,
06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
- type: array
items:
type: string
description:
"Electronic Commerce Indicator (ECI). The ECI value is
part of the 2 data elements that indicate the transaction was processed
electronically. This should be passed on the authorization transaction
to the Gateway/Processor. Possible Values: 02 or 05 - Fully Authenticated
Transaction 01 or 06 - Attempted Authentication Transaction 00 or
07 - Non 3D Secure Transaction Mastercard - 02, 01, 00 VISA - 05,
06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS CLUB - 05, 06, 07
NOTE: 3DS 2.0 field"
collectionFormat: multi
name: authentication.eci_flag
x-alternatives:
- type: string
description:
"Electronic Commerce Indicator (ECI). The ECI value is part
of the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 -
Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction
Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05,
06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
- type: array
items:
type: string
description:
"Electronic Commerce Indicator (ECI). The ECI value is part
of the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06
- Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction
Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05,
06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
collectionFormat: multi
name: authentication.eci_flag
- name: authentication.enrolled
in: query
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return
the ACSUrl N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication rule
is triggered to bypass authentication in this use case NOTE: If the
Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.
"
schema:
type: string
x-alternatives:
- type: string
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will
return the ACSUrl N - No, Bank is not participating in 3D Secure
protocol U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication
rule is triggered to bypass authentication in this use case NOTE:
If the Enrolled value is NOT Y, then the Consumer is NOT eligible for
Authentication. "
- type: array
items:
type: string
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will
return the ACSUrl N - No, Bank is not participating in 3D Secure
protocol U - Unavailable, The DS or ACS is not available for
authentication at the time of the request B - Bypass, Merchant
authentication rule is triggered to bypass authentication in this
use case NOTE: If the Enrolled value is NOT Y, then the Consumer
is NOT eligible for Authentication. "
collectionFormat: multi
name: authentication.enrolled
x-alternatives:
- type: string
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return
the ACSUrl N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication rule
is triggered to bypass authentication in this use case NOTE: If the
Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.
"
- type: array
items:
type: string
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will
return the ACSUrl N - No, Bank is not participating in 3D Secure
protocol U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication
rule is triggered to bypass authentication in this use case NOTE:
If the Enrolled value is NOT Y, then the Consumer is NOT eligible for
Authentication. "
collectionFormat: multi
name: authentication.enrolled
- name: authentication.error_desc
in: query
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
schema:
type: string
x-alternatives:
- type: string
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
- type: array
items:
type: string
description:
"Application error description for the associated error
number(s). NOTE: Multiple error descriptions are separated by a comma."
collectionFormat: multi
name: authentication.error_desc
x-alternatives:
- type: string
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
- type: array
items:
type: string
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
collectionFormat: multi
name: authentication.error_desc
- name: authentication.error_no
in: query
description:
"Application error number(s). A non-zero value represents the
error encountered while attempting to process the message request. NOTE:
Multiple error numbers are separated by a comma."
schema:
type: string
x-alternatives:
- type: string
description:
"Application error number(s). A non-zero value represents
the error encountered while attempting to process the message request.
NOTE: Multiple error numbers are separated by a comma."
- type: array
items:
type: string
description:
"Application error number(s). A non-zero value represents
the error encountered while attempting to process the message request.
NOTE: Multiple error numbers are separated by a comma."
collectionFormat: multi
name: authentication.error_no
x-alternatives:
- type: string
description:
"Application error number(s). A non-zero value represents the
error encountered while attempting to process the message request. NOTE:
Multiple error numbers are separated by a comma."
- type: array
items:
type: string
description:
"Application error number(s). A non-zero value represents
the error encountered while attempting to process the message request.
NOTE: Multiple error numbers are separated by a comma."
collectionFormat: multi
name: authentication.error_no
- name: authentication.network_score
in: query
description: The global score calculated by the CB Scoring platform.
schema:
maxLength: 2
type: string
x-alternatives:
- type: string
description: The global score calculated by the CB Scoring platform.
maxLength: 2
- type: array
items:
type: string
description: The global score calculated by the CB Scoring platform.
maxLength: 2
collectionFormat: multi
name: authentication.network_score
x-alternatives:
- type: string
description: The global score calculated by the CB Scoring platform.
maxLength: 2
- type: array
items:
type: string
description: The global score calculated by the CB Scoring platform.
maxLength: 2
collectionFormat: multi
name: authentication.network_score
- name: authentication.order_id
in: query
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant and unique
BIN range to 3DS services.
schema:
type: string
x-alternatives:
- type: string
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant and
unique BIN range to 3DS services.
- type: array
items:
type: string
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant
and unique BIN range to 3DS services.
collectionFormat: multi
name: authentication.order_id
x-alternatives:
- type: string
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant and
unique BIN range to 3DS services.
- type: array
items:
type: string
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant and
unique BIN range to 3DS services.
collectionFormat: multi
name: authentication.order_id
- name: authentication.pares_status
in: query
description:
"Transactions status result identifier. Possible Values: Y -
Successful Authentication N - Failed Authentication U - Unable to Complete
Authentication A - Successful Attempts Transaction C - Challenge Required
for Authentication R - Authentication Rejected (Merchant must not submit
for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication
2.0.,"
schema:
type: string
x-alternatives:
- type: string
description:
"Transactions status result identifier. Possible Values:
Y - Successful Authentication N - Failed Authentication U - Unable to
Complete Authentication A - Successful Attempts Transaction C - Challenge
Required for Authentication R - Authentication Rejected (Merchant must
not submit for authorization) NOTE: Statuses of C and R only apply to
Consumer Authentication 2.0.,"
- type: array
items:
type: string
description:
"Transactions status result identifier. Possible Values:
Y - Successful Authentication N - Failed Authentication U - Unable
to Complete Authentication A - Successful Attempts Transaction C -
Challenge Required for Authentication R - Authentication Rejected
(Merchant must not submit for authorization) NOTE: Statuses of C and
R only apply to Consumer Authentication 2.0.,"
collectionFormat: multi
name: authentication.pares_status
x-alternatives:
- type: string
description:
"Transactions status result identifier. Possible Values: Y
- Successful Authentication N - Failed Authentication U - Unable to Complete
Authentication A - Successful Attempts Transaction C - Challenge Required
for Authentication R - Authentication Rejected (Merchant must not submit
for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication
2.0.,"
- type: array
items:
type: string
description:
"Transactions status result identifier. Possible Values:
Y - Successful Authentication N - Failed Authentication U - Unable to
Complete Authentication A - Successful Attempts Transaction C - Challenge
Required for Authentication R - Authentication Rejected (Merchant must
not submit for authorization) NOTE: Statuses of C and R only apply to
Consumer Authentication 2.0.,"
collectionFormat: multi
name: authentication.pares_status
- name: authentication.payload
in: query
description:
"The encoded payment request generated by Centinel. NOTE: Available
if Enrolled = Y"
schema:
type: string
x-alternatives:
- type: string
description:
"The encoded payment request generated by Centinel. NOTE:
Available if Enrolled = Y"
- type: array
items:
type: string
description:
"The encoded payment request generated by Centinel. NOTE:
Available if Enrolled = Y"
collectionFormat: multi
name: authentication.payload
x-alternatives:
- type: string
description:
"The encoded payment request generated by Centinel. NOTE: Available
if Enrolled = Y"
- type: array
items:
type: string
description:
"The encoded payment request generated by Centinel. NOTE:
Available if Enrolled = Y"
collectionFormat: multi
name: authentication.payload
- name: authentication.reason_code
in: query
description: The error code indicating a problem with this transaction.
schema:
type: string
x-alternatives:
- type: string
description: The error code indicating a problem with this transaction.
- type: array
items:
type: string
description: The error code indicating a problem with this transaction.
collectionFormat: multi
name: authentication.reason_code
x-alternatives:
- type: string
description: The error code indicating a problem with this transaction.
- type: array
items:
type: string
description: The error code indicating a problem with this transaction.
collectionFormat: multi
name: authentication.reason_code
- name: authentication.reason_desc
in: query
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message"
schema:
type: string
x-alternatives:
- type: string
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message"
- type: array
items:
type: string
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail
from the authentication response message"
collectionFormat: multi
name: authentication.reason_desc
x-alternatives:
- type: string
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message"
- type: array
items:
type: string
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message"
collectionFormat: multi
name: authentication.reason_desc
- name: authentication.signature_verification
in: query
description:
"Transaction Signature status identifier. Possible Values: Y
- Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes could
not be validated. This result could be for a variety of reasons; tampering,
certificate expiration, etc., and the result should not be trusted."
schema:
type: string
x-alternatives:
- type: string
description:
"Transaction Signature status identifier. Possible Values:
Y - Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes
could not be validated. This result could be for a variety of reasons;
tampering, certificate expiration, etc., and the result should not be
trusted."
- type: array
items:
type: string
description:
"Transaction Signature status identifier. Possible Values:
Y - Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes
could not be validated. This result could be for a variety of reasons;
tampering, certificate expiration, etc., and the result should not
be trusted."
collectionFormat: multi
name: authentication.signature_verification
x-alternatives:
- type: string
description:
"Transaction Signature status identifier. Possible Values:
Y - Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes
could not be validated. This result could be for a variety of reasons;
tampering, certificate expiration, etc., and the result should not be
trusted."
- type: array
items:
type: string
description:
"Transaction Signature status identifier. Possible Values:
Y - Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes
could not be validated. This result could be for a variety of reasons;
tampering, certificate expiration, etc., and the result should not be
trusted."
collectionFormat: multi
name: authentication.signature_verification
- name: authentication.status_reason
in: query
description:
"Provides additional information as to why the PAResStatus has
the specific value. NOTE: Required for Payment (e.g. Authentication Indicator
equals 01 on Lookup Request) transactions when PAResStatus is equal to N,
U, or R in the Lookup Response."
schema:
type: string
x-alternatives:
- type: string
description:
"Provides additional information as to why the PAResStatus
has the specific value. NOTE: Required for Payment (e.g. Authentication
Indicator equals 01 on Lookup Request) transactions when PAResStatus
is equal to N, U, or R in the Lookup Response"
- type: array
items:
type: string
description:
"Provides additional information as to why the PAResStatus
has the specific value. NOTE: Required for Payment (e.g. Authentication
Indicator equals 01 on Lookup Request) transactions when PAResStatus
is equal to N, U, or R in the Lookup Response"
collectionFormat: multi
name: authentication.status_reason
x-alternatives:
- type: string
description:
"Provides additional information as to why the PAResStatus
has the specific value. NOTE: Required for Payment (e.g. Authentication
Indicator equals 01 on Lookup Request) transactions when PAResStatus is
equal to N, U, or R in the Lookup Response"
- type: array
items:
type: string
description:
"Provides additional information as to why the PAResStatus
has the specific value. NOTE: Required for Payment (e.g. Authentication
Indicator equals 01 on Lookup Request) transactions when PAResStatus
is equal to N, U, or R in the Lookup Response"
collectionFormat: multi
name: authentication.status_reason
- name: authentication.threeds_version
in: query
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0 NOTE:
Required for Mastercard Identity Check transactions in Authorization "
schema:
type: string
x-alternatives:
- type: string
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0 NOTE:
Required for Mastercard Identity Check transactions in Authorization "
- type: array
items:
type: string
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0
NOTE: Required for Mastercard Identity Check transactions in Authorization. "
collectionFormat: multi
name: authentication.threeds_version
x-alternatives:
- type: string
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0 NOTE:
Required for Mastercard Identity Check transactions in Authorization "
- type: array
items:
type: string
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0 NOTE:
Required for Mastercard Identity Check transactions in Authorization "
collectionFormat: multi
name: authentication.threeds_version
- name: authentication.xid
in: query
description:
"Third Party Token that is returned from the token provider after
a card number is specified on the request. NOTE: This field is returned
if Tokenization is enabled in the Merchant profile setting AND the Merchant
is using a third party token provider."
schema:
type: string
x-alternatives:
- type: string
description:
"Third Party Token that is returned from the token provider
after a card number is specified on the request. NOTE: This field is
returned if Tokenization is enabled in the Merchant profile setting
AND the Merchant is using a third party token provider."
- type: array
items:
type: string
description:
"Third Party Token that is returned from the token provider
after a card number is specified on the request. NOTE: This field
is returned if Tokenization is enabled in the Merchant profile setting
AND the Merchant is using a third party token provider."
collectionFormat: multi
name: authentication.xid
x-alternatives:
- type: string
description:
"Third Party Token that is returned from the token provider
after a card number is specified on the request. NOTE: This field is returned
if Tokenization is enabled in the Merchant profile setting AND the Merchant
is using a third party token provider."
- type: array
items:
type: string
description:
"Third Party Token that is returned from the token provider
after a card number is specified on the request. NOTE: This field is
returned if Tokenization is enabled in the Merchant profile setting
AND the Merchant is using a third party token provider."
collectionFormat: multi
name: authentication.xid
- name: encrypted_card
in: query
description:
"Client encrypted cardholder data. The cardholder data encrypted\
\ using the Verifone provided public key. This needs to be provided in\
\ base64 encoded format. The data to encrypt is a JSON with possible tags\
\ being cardNumber, sequenceNumber, cardholderName, startMonth, startYear,\
\ expiryMonth, expiryYear, cvv. Additionally a tag called captureTime must\
\ be presenting indicating the time the card was captured in UTC in format\
\ RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. Sample JSON to encrypt:\
\ \n \n {\n \"captureTime\": '2019-08-24T14:15:22Z',\n\
\ \"cardNumber\": '5555555555554444',\n \"expiryMonth\"\
: 1,\n \"expiryYear\": 2025,\n \"cvv\": '123',\n \
\ } \n Note: encrypted_card is required if card or reuse_token is\
\ not provided."
schema:
type: string
x-alternatives:
- type: string
description:
"Client encrypted cardholder data. The cardholder data encrypted\
\ using the Verifone provided public key. This needs to be provided\
\ in base64 encoded format. The data to encrypt is a JSON with possible\
\ tags being cardNumber, sequenceNumber, cardholderName, startMonth,\
\ startYear, expiryMonth, expiryYear, cvv. Additionally a tag called\
\ captureTime must be presenting indicating the time the card was captured\
\ in UTC in format RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z.\
\ Sample JSON to encrypt: \n \n {\n \"captureTime\"\
: '2019-08-24T14:15:22Z',\n \"cardNumber\": '5555555555554444',\n\
\ \"expiryMonth\": 1,\n \"expiryYear\": 2025,\n\
\ \"cvv\": '123',\n } \n Note: encrypted_card is required\
\ if card or reuse_token is not provided."
- type: array
items:
type: string
description:
"Client encrypted cardholder data. The cardholder data\
\ encrypted using the Verifone provided public key. This needs to\
\ be provided in base64 encoded format. The data to encrypt is a\
\ JSON with possible tags being cardNumber, sequenceNumber, cardholderName,\
\ startMonth, startYear, expiryMonth, expiryYear, cvv. Additionally\
\ a tag called captureTime must be presenting indicating the time\
\ the card was captured in UTC in format RFC 3339, section 5.6. eg.\
\ 2019-08-24T14:15:22Z. Sample JSON to encrypt: \n \n {\n\
\ \"captureTime\": '2019-08-24T14:15:22Z',\n \
\ \"cardNumber\": '5555555555554444',\n \"expiryMonth\"\
: 1,\n \"expiryYear\": 2025,\n \"cvv\": '123',\n\
\ } \n Note: encrypted_card is required if card or reuse_token\
\ is not provided."
collectionFormat: multi
name: encrypted_card
x-alternatives:
- type: string
description:
"Client encrypted cardholder data. The cardholder data encrypted\
\ using the Verifone provided public key. This needs to be provided\
\ in base64 encoded format. The data to encrypt is a JSON with possible\
\ tags being cardNumber, sequenceNumber, cardholderName, startMonth,\
\ startYear, expiryMonth, expiryYear, cvv. Additionally a tag called\
\ captureTime must be presenting indicating the time the card was captured\
\ in UTC in format RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. \
\ Sample JSON to encrypt: \n \n {\n \"captureTime\"\
: '2019-08-24T14:15:22Z',\n \"cardNumber\": '5555555555554444',\n\
\ \"expiryMonth\": 1,\n \"expiryYear\": 2025,\n\
\ \"cvv\": '123',\n } \n Note: encrypted_card is required\
\ if card or reuse_token is not provided."
- type: array
items:
type: string
description:
"Client encrypted cardholder data. The cardholder data encrypted\
\ using the Verifone provided public key. This needs to be provided\
\ in base64 encoded format. The data to encrypt is a JSON with possible\
\ tags being cardNumber, sequenceNumber, cardholderName, startMonth,\
\ startYear, expiryMonth, expiryYear, cvv. Additionally a tag called\
\ captureTime must be presenting indicating the time the card was captured\
\ in UTC in format RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z.\
\ Sample JSON to encrypt: \n \n {\n \"captureTime\"\
: '2019-08-24T14:15:22Z',\n \"cardNumber\": '5555555555554444',\n\
\ \"expiryMonth\": 1,\n \"expiryYear\": 2025,\n\
\ \"cvv\": '123',\n } \n Note: encrypted_card is required\
\ if card or reuse_token is not provided."
collectionFormat: multi
name: encrypted_card
- name: public_key_alias
in: query
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided."
schema:
type: string
x-alternatives:
- type: string
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not
provided."
- type: array
items:
type: string
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is
not provided."
collectionFormat: multi
name: public_key_alias
x-alternatives:
- type: string
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided."
- type: array
items:
type: string
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not
provided."
collectionFormat: multi
name: public_key_alias
- name: _id!
in: query
description: ThreeDSAuthentication id
schema:
type: string
- name: amount!
in: query
description: The amount of the transaction.
schema:
maximum: 9007199254740991
type: number
- name: card!
in: query
description: The ID of the card that is checked for enrollment.
schema:
type: string
- name: created_at!
in: query
description: The time at which the authentication was created.
schema:
type: string
format: date
- name: currency_code!
in: query
description: Alphabetical ISO 4217 currency code for the sale amount.
schema:
maxLength: 3
minLength: 3
type: string
- name: entity_id!
in: query
description: The ID of the entity, which this authentication belongs to.
schema:
type: string
- name: threeds_contract_id!
in: query
description: The ID of the threeDSContractId used.
schema:
type: string
- name: transaction_id!
in: query
description:
To complete the transaction, the value is required to be passed
on the Cardinal.Continue().
schema:
type: string
- name: authentication.acs_rendering_type!
in: query
description:
"Identifies the UI Type the ACS will use to complete the challenge.
NOTE: Only available for App transactions using the Cardinal Mobile SDK
and is optional for an Issuer to return."
schema:
type: string
- name: authentication.acs_transaction_id!
in: query
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
schema:
type: string
- name: authentication.acs_url!
in: query
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled = Y"
schema:
type: string
- name: authentication.authentication_type!
in: query
description:
"Indicates the type of authentication that will be used to challenge
the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out
of Band)"
schema:
type: string
- name: authentication.authorization_payload!
in: query
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
schema:
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
type: string
- name: authentication.card_brand!
in: query
description: Card Brand
schema:
type: string
- name: authentication.cardholder_info!
in: query
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the ACS. The
Issuing Bank can optionally support this value.
schema:
type: string
- name: authentication.cavv_algorithm!
in: query
description:
"Indicates the algorithm used to generate the CAVV value. Possible
Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
schema:
type: string
- name: authentication.cavv!
in: query
description:
Cardholder Authentication Verification Value (CAVV). This value
should be appended to the authorization message signifying that the transaction
has been successfully authenticated. It will be encoded according to the
Merchant's configuration in either Base64 encoding or Hex encoding. A Base64
encoding Merchant configuration will produce values of 28 or 32 characters.
A Hex encoding Merchant configuration will produce values of 40 or 48 characters.
The value when decoded will either be 20 bytes for CAVV.
schema:
type: string
- name: authentication.challenge_cancel!
in: query
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future EMVCo
use (values invalid until defined by EMVCo). 03 - Transaction Timed Out—Decoupled
Authentication 04 - Transaction timed out at ACS—other timeouts 05 - Transaction
Timed out at ACS - First CReq not received by ACS 06 - Transaction Error
07 - Unknown 08 = Transaction Timed Out at SDK NOTE: Only present when the
Consumer cancels the challenge. Decoupled authentication is not supported
at this time."
schema:
type: string
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- "8.0"
- name: authentication.challenge_required!
in: query
description:
"Indicates whether a challenge is required to complete authentication.
For example, regional mandates. Possible Values: Y - Challenge Required
N - Challenge Not Required"
schema:
type: string
- name: authentication.ds_transaction_id!
in: query
description:
"Unique transaction identifier assigned by the Directory Server
(DS) to identify a single transaction. NOTE: Required for Mastercard Identity
Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0)
transactions"
schema:
type: string
- name: authentication.eci_flag!
in: query
description:
"Electronic Commerce Indicator (ECI). The ECI value is part of
the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 - Attempted
Authentication Transaction 00 or 07 - Non 3D Secure Transaction Mastercard
- 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS
CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
schema:
type: string
- name: authentication.enrolled!
in: query
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return
the ACSUrl N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication rule
is triggered to bypass authentication in this use case NOTE: If the
Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.
"
schema:
type: string
- name: authentication.error_desc!
in: query
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
schema:
type: string
- name: authentication.error_no!
in: query
description:
"Application error number(s). A non-zero value represents the
error encountered while attempting to process the message request. NOTE:
Multiple error numbers are separated by a comma."
schema:
type: string
- name: authentication.network_score!
in: query
description: The global score calculated by the CB Scoring platform.
schema:
maxLength: 2
type: string
- name: authentication.order_id!
in: query
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant and unique
BIN range to 3DS services.
schema:
type: string
- name: authentication.pares_status!
in: query
description:
"Transactions status result identifier. Possible Values: Y -
Successful Authentication N - Failed Authentication U - Unable to Complete
Authentication A - Successful Attempts Transaction C - Challenge Required
for Authentication R - Authentication Rejected (Merchant must not submit
for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication
2.0.,"
schema:
type: string
- name: authentication.payload!
in: query
description:
"The encoded payment request generated by Centinel. NOTE: Available
if Enrolled = Y"
schema:
type: string
- name: authentication.reason_code!
in: query
description: The error code indicating a problem with this transaction.
schema:
type: string
- name: authentication.reason_desc!
in: query
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message"
schema:
type: string
- name: authentication.signature_verification!
in: query
description:
"Transaction Signature status identifier. Possible Values: Y
- Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes could
not be validated. This result could be for a variety of reasons; tampering,
certificate expiration, etc., and the result should not be trusted."
schema:
type: string
- name: authentication.status_reason!
in: query
description:
"Provides additional information as to why the PAResStatus has
the specific value. NOTE: Required for Payment (e.g. Authentication Indicator
equals 01 on Lookup Request) transactions when PAResStatus is equal to N,
U, or R in the Lookup Response."
schema:
type: string
- name: authentication.threeds_version!
in: query
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0 NOTE:
Required for Mastercard Identity Check transactions in Authorization "
schema:
type: string
- name: authentication.xid!
in: query
description:
"Third Party Token that is returned from the token provider after
a card number is specified on the request. NOTE: This field is returned
if Tokenization is enabled in the Merchant profile setting AND the Merchant
is using a third party token provider."
schema:
type: string
- name: encrypted_card!
in: query
description:
"Client encrypted cardholder data. The cardholder data encrypted\
\ using the Verifone provided public key. This needs to be provided in\
\ base64 encoded format. The data to encrypt is a JSON with possible tags\
\ being cardNumber, sequenceNumber, cardholderName, startMonth, startYear,\
\ expiryMonth, expiryYear, cvv. Additionally a tag called captureTime must\
\ be presenting indicating the time the card was captured in UTC in format\
\ RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. Sample JSON to encrypt:\
\ \n \n {\n \"captureTime\": '2019-08-24T14:15:22Z',\n\
\ \"cardNumber\": '5555555555554444',\n \"expiryMonth\"\
: 1,\n \"expiryYear\": 2025,\n \"cvv\": '123',\n \
\ } \n Note: encrypted_card is required if card or reuse_token is\
\ not provided."
schema:
type: string
- name: public_key_alias!
in: query
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided."
schema:
type: string
- name: _id~
in: query
description: ThreeDSAuthentication id
schema:
type: string
- name: card~
in: query
description: The ID of the card that is checked for enrollment.
schema:
type: string
- name: currency_code~
in: query
description: Alphabetical ISO 4217 currency code for the sale amount.
schema:
maxLength: 3
minLength: 3
type: string
- name: entity_id~
in: query
description: The ID of the entity, which this authentication belongs to.
schema:
type: string
- name: threeds_contract_id~
in: query
description: The ID of the threeDSContractId used.
schema:
type: string
- name: transaction_id~
in: query
description:
To complete the transaction, the value is required to be passed
on the Cardinal.Continue().
schema:
type: string
- name: authentication.acs_rendering_type~
in: query
description:
"Identifies the UI Type the ACS will use to complete the challenge.
NOTE: Only available for App transactions using the Cardinal Mobile SDK
and is optional for an Issuer to return."
schema:
type: string
- name: authentication.acs_transaction_id~
in: query
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
schema:
type: string
- name: authentication.acs_url~
in: query
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled = Y"
schema:
type: string
- name: authentication.authentication_type~
in: query
description:
"Indicates the type of authentication that will be used to challenge
the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out
of Band)"
schema:
type: string
- name: authentication.authorization_payload~
in: query
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
schema:
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
type: string
- name: authentication.card_brand~
in: query
description: Card Brand
schema:
type: string
- name: authentication.cardholder_info~
in: query
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the ACS. The
Issuing Bank can optionally support this value.
schema:
type: string
- name: authentication.cavv_algorithm~
in: query
description:
"Indicates the algorithm used to generate the CAVV value. Possible
Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
schema:
type: string
- name: authentication.cavv~
in: query
description:
Cardholder Authentication Verification Value (CAVV). This value
should be appended to the authorization message signifying that the transaction
has been successfully authenticated. It will be encoded according to the
Merchant's configuration in either Base64 encoding or Hex encoding. A Base64
encoding Merchant configuration will produce values of 28 or 32 characters.
A Hex encoding Merchant configuration will produce values of 40 or 48 characters.
The value when decoded will either be 20 bytes for CAVV.
schema:
type: string
- name: authentication.challenge_cancel~
in: query
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future EMVCo
use (values invalid until defined by EMVCo). 03 - Transaction Timed Out—Decoupled
Authentication 04 - Transaction timed out at ACS—other timeouts 05 - Transaction
Timed out at ACS - First CReq not received by ACS 06 - Transaction Error
07 - Unknown 08 = Transaction Timed Out at SDK NOTE: Only present when the
Consumer cancels the challenge. Decoupled authentication is not supported
at this time."
schema:
type: string
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- "8.0"
- name: authentication.challenge_required~
in: query
description:
"Indicates whether a challenge is required to complete authentication.
For example, regional mandates. Possible Values: Y - Challenge Required
N - Challenge Not Required"
schema:
type: string
- name: authentication.ds_transaction_id~
in: query
description:
"Unique transaction identifier assigned by the Directory Server
(DS) to identify a single transaction. NOTE: Required for Mastercard Identity
Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0)
transactions"
schema:
type: string
- name: authentication.eci_flag~
in: query
description:
"Electronic Commerce Indicator (ECI). The ECI value is part of
the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 - Attempted
Authentication Transaction 00 or 07 - Non 3D Secure Transaction Mastercard
- 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS
CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
schema:
type: string
- name: authentication.enrolled~
in: query
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return
the ACSUrl N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication rule
is triggered to bypass authentication in this use case NOTE: If the
Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.
"
schema:
type: string
- name: authentication.error_desc~
in: query
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
schema:
type: string
- name: authentication.error_no~
in: query
description:
"Application error number(s). A non-zero value represents the
error encountered while attempting to process the message request. NOTE:
Multiple error numbers are separated by a comma."
schema:
type: string
- name: authentication.network_score~
in: query
description: The global score calculated by the CB Scoring platform..
schema:
maxLength: 2
type: string
- name: authentication.order_id~
in: query
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant and unique
BIN range to 3DS services.
schema:
type: string
- name: authentication.pares_status~
in: query
description:
"Transactions status result identifier. Possible Values: Y -
Successful Authentication N - Failed Authentication U - Unable to Complete
Authentication A - Successful Attempts Transaction C - Challenge Required
for Authentication R - Authentication Rejected (Merchant must not submit
for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication
2.0.,"
schema:
type: string
- name: authentication.payload~
in: query
description:
"The encoded payment request generated by Centinel. NOTE: Available
if Enrolled = Y"
schema:
type: string
- name: authentication.reason_code~
in: query
description: The error code indicating a problem with this transaction.
schema:
type: string
- name: authentication.reason_desc~
in: query
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message"
schema:
type: string
- name: authentication.signature_verification~
in: query
description:
"Transaction Signature status identifier. Possible Values: Y
- Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes could
not be validated. This result could be for a variety of reasons; tampering,
certificate expiration, etc., and the result should not be trusted."
schema:
type: string
- name: authentication.status_reason~
in: query
description:
"Provides additional information as to why the PAResStatus has
the specific value. NOTE: Required for Payment (e.g. Authentication Indicator
equals 01 on Lookup Request) transactions when PAResStatus is equal to N,
U, or R in the Lookup Response."
schema:
type: string
- name: authentication.threeds_version~
in: query
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0 NOTE:
Required for Mastercard Identity Check transactions in Authorization "
schema:
type: string
- name: authentication.xid~
in: query
description:
"Third Party Token that is returned from the token provider after
a card number is specified on the request. NOTE: This field is returned
if Tokenization is enabled in the Merchant profile setting AND the Merchant
is using a third party token provider."
schema:
type: string
- name: encrypted_card~
in: query
description:
"Client encrypted cardholder data. The cardholder data encrypted\
\ using the Verifone provided public key. This needs to be provided in\
\ base64 encoded format. The data to encrypt is a JSON with possible tags\
\ being cardNumber, sequenceNumber, cardholderName, startMonth, startYear,\
\ expiryMonth, expiryYear, cvv. Additionally a tag called captureTime must\
\ be presenting indicating the time the card was captured in UTC in format\
\ RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. Sample JSON to encrypt:\
\ \n \n {\n \"captureTime\": '2019-08-24T14:15:22Z',\n\
\ \"cardNumber\": '5555555555554444',\n \"expiryMonth\"\
: 1,\n \"expiryYear\": 2025,\n \"cvv\": '123',\n \
\ } \n Note: encrypted_card is required if card or reuse_token is\
\ not provided."
schema:
type: string
- name: public_key_alias~
in: query
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided."
schema:
type: string
- name: amount>
in: query
description: The amount of the transaction.
schema:
maximum: 9007199254740991
type: number
- name: created_at>
in: query
description: The time at which the authentication was created.
schema:
type: string
format: date
- name: amount<
in: query
description: The amount of the transaction.
schema:
maximum: 9007199254740991
type: number
- name: created_at<
in: query
description: The time at which the authentication was created.
schema:
type: string
format: date
responses:
200:
description: Successful
content:
application/json:
schema:
$ref: "#/components/schemas/ListOfThreeDSAuthenticationObjects"
400:
description: Bad Request
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
401:
description: Unauthorized
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
403:
description: Forbidden
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
404:
description: Not Found
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
500:
description: Internal Server Error
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
504:
description: Gateway Time-out
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
/v2/3d/count:
get:
tags:
- V2
summary: Count ThreeDSAuthentication
security:
- BasicAuth: []
description:
"The API provides the total number of threeDS authentications and can be queried
by appending parameters to the query string of the URL."
operationId: getV23dCount
parameters:
- name: _id
in: query
description: ThreeDSAuthentication id
schema:
type: string
x-alternatives:
- type: string
description: ThreeDSAuthentication id
- type: array
items:
type: string
description: ThreeDSAuthentication id
collectionFormat: multi
name: _id
x-alternatives:
- type: string
description: ThreeDSAuthentication id
- type: array
items:
type: string
description: ThreeDSAuthentication id
collectionFormat: multi
name: _id
- name: amount
in: query
description: The amount of the transaction.
schema:
maximum: 9007199254740991
type: number
x-alternatives:
- type: number
description: The amount of the transaction.
maximum: 9007199254740991
- type: array
items:
type: number
description: The amount of the transaction.
maximum: 9007199254740991
collectionFormat: multi
name: amount
x-alternatives:
- type: number
description: The amount of the transaction.
maximum: 9007199254740991
- type: array
items:
type: number
description: The amount of the transaction.
maximum: 9007199254740991
collectionFormat: multi
name: amount
- name: card
in: query
description: The ID of the card that is checked for enrollment.
schema:
type: string
x-alternatives:
- type: string
description: The ID of the card that is checked for enrollment.
- type: array
items:
type: string
description: The ID of the card that is checked for enrollment.
collectionFormat: multi
name: card
x-alternatives:
- type: string
description: The ID of the card that is checked for enrollment.
- type: array
items:
type: string
description: The ID of the card that is checked for enrollment.
collectionFormat: multi
name: card
- name: created_at
in: query
description: The time at which the authentication was created.
schema:
type: string
format: date
x-alternatives:
- type: string
format: date
description: The time at which the authentication was created.
- type: array
items:
type: string
format: date
description: The time at which the authentication was created.
collectionFormat: multi
name: created_at
x-alternatives:
- type: string
format: date
description: The time at which the authentication was created.
- type: array
items:
type: string
format: date
description: The time at which the authentication was created.
collectionFormat: multi
name: created_at
- name: currency_code
in: query
description: Alphabetical ISO 4217 currency code for the sale amount.
schema:
maxLength: 3
minLength: 3
type: string
x-alternatives:
- type: string
description: Alphabetical ISO 4217 currency code for the sale amount.
minLength: 3
maxLength: 3
- type: array
items:
type: string
description: Alphabetical ISO 4217 currency code for the sale amount.
minLength: 3
maxLength: 3
collectionFormat: multi
name: currency_code
x-alternatives:
- type: string
description: Alphabetical ISO 4217 currency code for the sale amount.
minLength: 3
maxLength: 3
- type: array
items:
type: string
description: Alphabetical ISO 4217 currency code for the sale amount.
minLength: 3
maxLength: 3
collectionFormat: multi
name: currency_code
- name: entity_id
in: query
description: The ID of the entity, which this authentication belongs to.
schema:
type: string
x-alternatives:
- type: string
description: The ID of the entity, which this authentication belongs to.
- type: array
items:
type: string
description:
The ID of the entity, which this authentication belongs
to.
collectionFormat: multi
name: entity_id
x-alternatives:
- type: string
description: The ID of the entity, which this authentication belongs to.
- type: array
items:
type: string
description: The ID of the entity, which this authentication belongs to.
collectionFormat: multi
name: entity_id
- name: threeds_contract_id
in: query
description: The ID of the threeDSContractId used.
schema:
type: string
x-alternatives:
- type: string
description: The ID of the threeDSContractId used.
- type: array
items:
type: string
description: The ID of the threeDSContractId used.
collectionFormat: multi
name: threeds_contract_id
x-alternatives:
- type: string
description: The ID of the threeDSContractId used.
- type: array
items:
type: string
description: The ID of the threeDSContractId used.
collectionFormat: multi
name: threeds_contract_id
- name: transaction_id
in: query
description:
To complete the transaction, the value is required to be passed
on the Cardinal.Continue().
schema:
type: string
x-alternatives:
- type: string
description:
To complete the transaction, the value is required to be
passed on the Cardinal.Continue().
- type: array
items:
type: string
description:
To complete the transaction, the value is required to be
passed on the Cardinal.Continue().
collectionFormat: multi
name: transaction_id
x-alternatives:
- type: string
description:
To complete the transaction, the value is required to be passed
on the Cardinal.Continue().
- type: array
items:
type: string
description:
To complete the transaction, the value is required to be
passed on the Cardinal.Continue().
collectionFormat: multi
name: transaction_id
- name: authentication.acs_rendering_type
in: query
description:
"Identifies the UI Type the ACS will use to complete the challenge.
NOTE: Only available for App transactions using the Cardinal Mobile SDK
and is optional for an Issuer to return."
schema:
type: string
x-alternatives:
- type: string
description:
"Identifies the UI Type the ACS will use to complete the
challenge. NOTE: Only available for App transactions using the Cardinal
Mobile SDK and is optional for an Issuer to return."
- type: array
items:
type: string
description:
"Identifies the UI Type the ACS will use to complete the
challenge. NOTE: Only available for App transactions using the Cardinal
Mobile SDK and is optional for an Issuer to return."
collectionFormat: multi
name: authentication.acs_rendering_type
x-alternatives:
- type: string
description:
"Identifies the UI Type the ACS will use to complete the challenge.
NOTE: Only available for App transactions using the Cardinal Mobile SDK
and is optional for an Issuer to return."
- type: array
items:
type: string
description:
"Identifies the UI Type the ACS will use to complete the
challenge. NOTE: Only available for App transactions using the Cardinal
Mobile SDK and is optional for an Issuer to return."
collectionFormat: multi
name: authentication.acs_rendering_type
- name: authentication.acs_transaction_id
in: query
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
schema:
type: string
x-alternatives:
- type: string
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
- type: array
items:
type: string
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
collectionFormat: multi
name: authentication.acs_transaction_id
x-alternatives:
- type: string
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
- type: array
items:
type: string
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
collectionFormat: multi
name: authentication.acs_transaction_id
- name: authentication.acs_url
in: query
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled = Y"
schema:
type: string
x-alternatives:
- type: string
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled
= Y"
- type: array
items:
type: string
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled
= Y"
collectionFormat: multi
name: authentication.acs_url
x-alternatives:
- type: string
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled =
Y"
- type: array
items:
type: string
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled
= Y"
collectionFormat: multi
name: authentication.acs_url
- name: authentication.authentication_type
in: query
description:
"Indicates the type of authentication that will be used to challenge
the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out
of Band)"
schema:
type: string
x-alternatives:
- type: string
description:
"Indicates the type of authentication that will be used to
challenge the card holder. Possible Values: 01 - Static 02 - Dynamic
03 - OOB (Out of Band)"
- type: array
items:
type: string
description:
"Indicates the type of authentication that will be used
to challenge the card holder. Possible Values: 01 - Static 02 - Dynamic
03 - OOB (Out of Band)"
collectionFormat: multi
name: authentication.authentication_type
x-alternatives:
- type: string
description:
"Indicates the type of authentication that will be used to
challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03
- OOB (Out of Band)"
- type: array
items:
type: string
description:
"Indicates the type of authentication that will be used to
challenge the card holder. Possible Values: 01 - Static 02 - Dynamic
03 - OOB (Out of Band)"
collectionFormat: multi
name: authentication.authentication_type
- name: authentication.authorization_payload
in: query
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
schema:
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
type: string
x-alternatives:
- type: string
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
- type: array
items:
type: string
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
collectionFormat: multi
name: authentication.authorization_payload
x-alternatives:
- type: string
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
- type: array
items:
type: string
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
collectionFormat: multi
name: authentication.authorization_payload
- name: authentication.card_brand
in: query
description: Card Brand
schema:
type: string
x-alternatives:
- type: string
description: Card Brand
- type: array
items:
type: string
description: Card Brand
collectionFormat: multi
name: authentication.card_brand
x-alternatives:
- type: string
description: Card Brand
- type: array
items:
type: string
description: Card Brand
collectionFormat: multi
name: authentication.card_brand
- name: authentication.cardholder_info
in: query
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the ACS. The
Issuing Bank can optionally support this value.
schema:
type: string
x-alternatives:
- type: string
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the ACS. The
Issuing Bank can optionally support this value.
- type: array
items:
type: string
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the
ACS. The Issuing Bank can optionally support this value.
collectionFormat: multi
name: authentication.cardholder_info
x-alternatives:
- type: string
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the ACS. The
Issuing Bank can optionally support this value.
- type: array
items:
type: string
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the ACS. The
Issuing Bank can optionally support this value.
collectionFormat: multi
name: authentication.cardholder_info
- name: authentication.cavv_algorithm
in: query
description:
"Indicates the algorithm used to generate the CAVV value. Possible
Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
schema:
type: string
x-alternatives:
- type: string
description:
"Indicates the algorithm used to generate the CAVV value.
Possible Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
- type: array
items:
type: string
description:
"Indicates the algorithm used to generate the CAVV value.
Possible Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
collectionFormat: multi
name: authentication.cavv_algorithm
x-alternatives:
- type: string
description:
"Indicates the algorithm used to generate the CAVV value. Possible
Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
- type: array
items:
type: string
description:
"Indicates the algorithm used to generate the CAVV value.
Possible Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
collectionFormat: multi
name: authentication.cavv_algorithm
- name: authentication.cavv
in: query
description:
Cardholder Authentication Verification Value (CAVV). This value
should be appended to the authorization message signifying that the transaction
has been successfully authenticated. It will be encoded according to the
Merchant's configuration in either Base64 encoding or Hex encoding. A Base64
encoding Merchant configuration will produce values of 28 or 32 characters.
A Hex encoding Merchant configuration will produce values of 40 or 48 characters.
The value when decoded will either be 20 bytes for CAVV.
schema:
type: string
x-alternatives:
- type: string
description:
Cardholder Authentication Verification Value (CAVV). This
value should be appended to the authorization message signifying that
the transaction has been successfully authenticated. It will be encoded
according to the Merchant's configuration in either Base64 encoding
or Hex encoding. A Base64 encoding Merchant configuration will produce
values of 28 or 32 characters. A Hex encoding Merchant configuration
will produce values of 40 or 48 characters. The value when decoded will
either be 20 bytes for CAVV.
- type: array
items:
type: string
description:
Cardholder Authentication Verification Value (CAVV). This
value should be appended to the authorization message signifying that
the transaction has been successfully authenticated. It will be encoded
according to the Merchant's configuration in either Base64 encoding
or Hex encoding. A Base64 encoding Merchant configuration will produce
values of 28 or 32 characters. A Hex encoding Merchant configuration
will produce values of 40 or 48 characters. The value when decoded
will either be 20 bytes for CAVV.
collectionFormat: multi
name: authentication.cavv
x-alternatives:
- type: string
description:
Cardholder Authentication Verification Value (CAVV). This value
should be appended to the authorization message signifying that the transaction
has been successfully authenticated. It will be encoded according to the
Merchant's configuration in either Base64 encoding or Hex encoding. A
Base64 encoding Merchant configuration will produce values of 28 or 32
characters. A Hex encoding Merchant configuration will produce values
of 40 or 48 characters. The value when decoded will either be 20 bytes
for CAVV.
- type: array
items:
type: string
description:
Cardholder Authentication Verification Value (CAVV). This
value should be appended to the authorization message signifying that
the transaction has been successfully authenticated. It will be encoded
according to the Merchant's configuration in either Base64 encoding
or Hex encoding. A Base64 encoding Merchant configuration will produce
values of 28 or 32 characters. A Hex encoding Merchant configuration
will produce values of 40 or 48 characters. The value when decoded will
either be 20 bytes for CAVV.
collectionFormat: multi
name: authentication.cavv
- name: authentication.challenge_cancel
in: query
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future EMVCo
use (values invalid until defined by EMVCo). 03 - Transaction Timed Out—Decoupled
Authentication 04 - Transaction timed out at ACS—other timeouts 05 - Transaction
Timed out at ACS - First CReq not received by ACS 06 - Transaction Error
07 - Unknown 08 = Transaction Timed Out at SDK NOTE: Only present when the
Consumer cancels the challenge. Decoupled authentication is not supported
at this time."
schema:
type: string
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- "8.0"
x-alternatives:
- type: string
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future
EMVCo use (values invalid until defined by EMVCo). 03 - Transaction
Timed Out—Decoupled Authentication 04 - Transaction timed out at ACS—other
timeouts 05 - Transaction Timed out at ACS - First CReq not received
by ACS 06 - Transaction Error 07 - Unknown 08 = Transaction Timed Out
at SDK NOTE: Only present when the Consumer cancels the challenge. Decoupled
authentication is not supported at this time."
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- 8.0
- type: array
items:
type: string
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future
EMVCo use (values invalid until defined by EMVCo). 03 - Transaction
Timed Out—Decoupled Authentication 04 - Transaction timed out at ACS—other
timeouts 05 - Transaction Timed out at ACS - First CReq not received
by ACS 06 - Transaction Error 07 - Unknown 08 = Transaction Timed
Out at SDK NOTE: Only present when the Consumer cancels the challenge.
Decoupled authentication is not supported at this time."
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- 8.0
collectionFormat: multi
name: authentication.challenge_cancel
x-alternatives:
- type: string
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future
EMVCo use (values invalid until defined by EMVCo). 03 - Transaction Timed
Out—Decoupled Authentication 04 - Transaction timed out at ACS—other timeouts
05 - Transaction Timed out at ACS - First CReq not received by ACS 06
- Transaction Error 07 - Unknown 08 = Transaction Timed Out at SDK NOTE:
Only present when the Consumer cancels the challenge. Decoupled authentication
is not supported at this time."
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- 8.0
- type: array
items:
type: string
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future
EMVCo use (values invalid until defined by EMVCo). 03 - Transaction
Timed Out—Decoupled Authentication 04 - Transaction timed out at ACS—other
timeouts 05 - Transaction Timed out at ACS - First CReq not received
by ACS 06 - Transaction Error 07 - Unknown 08 = Transaction Timed Out
at SDK NOTE: Only present when the Consumer cancels the challenge. Decoupled
authentication is not supported at this time."
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- 8.0
collectionFormat: multi
name: authentication.challenge_cancel
- name: authentication.challenge_required
in: query
description:
"Indicates whether a challenge is required to complete authentication.
For example, regional mandates. Possible Values: Y - Challenge Required
N - Challenge Not Required"
schema:
type: string
x-alternatives:
- type: string
description:
"Indicates whether a challenge is required to complete authentication.
For example, regional mandates. Possible Values: Y - Challenge Required
N - Challenge Not Required"
- type: array
items:
type: string
description:
"Indicates whether a challenge is required to complete
authentication. For example, regional mandates. Possible Values: Y
- Challenge Required N - Challenge Not Required"
collectionFormat: multi
name: authentication.challenge_required
x-alternatives:
- type: string
description:
"Indicates whether a challenge is required to complete authentication.
For example, regional mandates. Possible Values: Y - Challenge Required
N - Challenge Not Required"
- type: array
items:
type: string
description:
"Indicates whether a challenge is required to complete authentication.
For example, regional mandates. Possible Values: Y - Challenge Required
N - Challenge Not Required"
collectionFormat: multi
name: authentication.challenge_required
- name: authentication.ds_transaction_id
in: query
description:
"Unique transaction identifier assigned by the Directory Server
(DS) to identify a single transaction. NOTE: Required for Mastercard Identity
Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0)
transactions"
schema:
type: string
x-alternatives:
- type: string
description:
"Unique transaction identifier assigned by the Directory
Server (DS) to identify a single transaction. NOTE: Required for Mastercard
Identity Check transaction in Authorization - Only available in EMV
3DS (3DS 2.0) transactions"
- type: array
items:
type: string
description:
"Unique transaction identifier assigned by the Directory
Server (DS) to identify a single transaction. NOTE: Required for Mastercard
Identity Check transaction in Authorization - Only available in EMV
3DS (3DS 2.0) transactions"
collectionFormat: multi
name: authentication.ds_transaction_id
x-alternatives:
- type: string
description:
"Unique transaction identifier assigned by the Directory Server
(DS) to identify a single transaction. NOTE: Required for Mastercard Identity
Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0)
transactions"
- type: array
items:
type: string
description:
"Unique transaction identifier assigned by the Directory
Server (DS) to identify a single transaction. NOTE: Required for Mastercard
Identity Check transaction in Authorization - Only available in EMV
3DS (3DS 2.0) transactions"
collectionFormat: multi
name: authentication.ds_transaction_id
- name: authentication.eci_flag
in: query
description:
"Electronic Commerce Indicator (ECI). The ECI value is part of
the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 - Attempted
Authentication Transaction 00 or 07 - Non 3D Secure Transaction Mastercard
- 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS
CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
schema:
type: string
x-alternatives:
- type: string
description:
"Electronic Commerce Indicator (ECI). The ECI value is part
of the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06
- Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction
Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05,
06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field."
- type: array
items:
type: string
description:
"Electronic Commerce Indicator (ECI). The ECI value is
part of the 2 data elements that indicate the transaction was processed
electronically. This should be passed on the authorization transaction
to the Gateway/Processor. Possible Values: 02 or 05 - Fully Authenticated
Transaction 01 or 06 - Attempted Authentication Transaction 00 or
07 - Non 3D Secure Transaction Mastercard - 02, 01, 00 VISA - 05,
06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS CLUB - 05, 06, 07
NOTE: 3DS 2.0 field"
collectionFormat: multi
name: authentication.eci_flag
x-alternatives:
- type: string
description:
"Electronic Commerce Indicator (ECI). The ECI value is part
of the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 -
Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction
Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05,
06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
- type: array
items:
type: string
description:
"Electronic Commerce Indicator (ECI). The ECI value is part
of the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06
- Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction
Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05,
06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
collectionFormat: multi
name: authentication.eci_flag
- name: authentication.enrolled
in: query
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return
the ACSUrl N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication rule
is triggered to bypass authentication in this use case NOTE: If the
Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.
"
schema:
type: string
x-alternatives:
- type: string
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will
return the ACSUrl N - No, Bank is not participating in 3D Secure
protocol U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication
rule is triggered to bypass authentication in this use case NOTE:
If the Enrolled value is NOT Y, then the Consumer is NOT eligible for
Authentication. "
- type: array
items:
type: string
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will
return the ACSUrl N - No, Bank is not participating in 3D Secure
protocol U - Unavailable, The DS or ACS is not available for
authentication at the time of the request B - Bypass, Merchant
authentication rule is triggered to bypass authentication in this
use case NOTE: If the Enrolled value is NOT Y, then the Consumer
is NOT eligible for Authentication. "
collectionFormat: multi
name: authentication.enrolled
x-alternatives:
- type: string
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return
the ACSUrl N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication rule
is triggered to bypass authentication in this use case NOTE: If the
Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.
"
- type: array
items:
type: string
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will
return the ACSUrl N - No, Bank is not participating in 3D Secure
protocol U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication
rule is triggered to bypass authentication in this use case NOTE:
If the Enrolled value is NOT Y, then the Consumer is NOT eligible for
Authentication. "
collectionFormat: multi
name: authentication.enrolled
- name: authentication.error_desc
in: query
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
schema:
type: string
x-alternatives:
- type: string
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
- type: array
items:
type: string
description:
"Application error description for the associated error
number(s). NOTE: Multiple error descriptions are separated by a comma."
collectionFormat: multi
name: authentication.error_desc
x-alternatives:
- type: string
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
- type: array
items:
type: string
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
collectionFormat: multi
name: authentication.error_desc
- name: authentication.error_no
in: query
description:
"Application error number(s). A non-zero value represents the
error encountered while attempting to process the message request. NOTE:
Multiple error numbers are separated by a comma."
schema:
type: string
x-alternatives:
- type: string
description:
"Application error number(s). A non-zero value represents
the error encountered while attempting to process the message request.
NOTE: Multiple error numbers are separated by a comma."
- type: array
items:
type: string
description:
"Application error number(s). A non-zero value represents
the error encountered while attempting to process the message request.
NOTE: Multiple error numbers are separated by a comma."
collectionFormat: multi
name: authentication.error_no
x-alternatives:
- type: string
description:
"Application error number(s). A non-zero value represents the
error encountered while attempting to process the message request. NOTE:
Multiple error numbers are separated by a comma."
- type: array
items:
type: string
description:
"Application error number(s). A non-zero value represents
the error encountered while attempting to process the message request.
NOTE: Multiple error numbers are separated by a comma."
collectionFormat: multi
name: authentication.error_no
- name: authentication.network_score
in: query
description: The global score calculated by the CB Scoring platform.
schema:
maxLength: 2
type: string
x-alternatives:
- type: string
description: The global score calculated by the CB Scoring platform.
maxLength: 2
- type: array
items:
type: string
description: The global score calculated by the CB Scoring platform.
maxLength: 2
collectionFormat: multi
name: authentication.network_score
x-alternatives:
- type: string
description: The global score calculated by the CB Scoring platform.
maxLength: 2
- type: array
items:
type: string
description: The global score calculated by the CB Scoring platform.
maxLength: 2
collectionFormat: multi
name: authentication.network_score
- name: authentication.order_id
in: query
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant and unique
BIN range to 3DS services.
schema:
type: string
x-alternatives:
- type: string
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant and
unique BIN range to 3DS services.
- type: array
items:
type: string
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant
and unique BIN range to 3DS services.
collectionFormat: multi
name: authentication.order_id
x-alternatives:
- type: string
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant and
unique BIN range to 3DS services.
- type: array
items:
type: string
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant and
unique BIN range to 3DS services.
collectionFormat: multi
name: authentication.order_id
- name: authentication.pares_status
in: query
description:
"Transactions status result identifier. Possible Values: Y -
Successful Authentication N - Failed Authentication U - Unable to Complete
Authentication A - Successful Attempts Transaction C - Challenge Required
for Authentication R - Authentication Rejected (Merchant must not submit
for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication
2.0.,"
schema:
type: string
x-alternatives:
- type: string
description:
"Transactions status result identifier. Possible Values:
Y - Successful Authentication N - Failed Authentication U - Unable to
Complete Authentication A - Successful Attempts Transaction C - Challenge
Required for Authentication R - Authentication Rejected (Merchant must
not submit for authorization) NOTE: Statuses of C and R only apply to
Consumer Authentication 2.0.,"
- type: array
items:
type: string
description:
"Transactions status result identifier. Possible Values:
Y - Successful Authentication N - Failed Authentication U - Unable
to Complete Authentication A - Successful Attempts Transaction C -
Challenge Required for Authentication R - Authentication Rejected
(Merchant must not submit for authorization) NOTE: Statuses of C and
R only apply to Consumer Authentication 2.0.,"
collectionFormat: multi
name: authentication.pares_status
x-alternatives:
- type: string
description:
"Transactions status result identifier. Possible Values: Y
- Successful Authentication N - Failed Authentication U - Unable to Complete
Authentication A - Successful Attempts Transaction C - Challenge Required
for Authentication R - Authentication Rejected (Merchant must not submit
for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication
2.0.,"
- type: array
items:
type: string
description:
"Transactions status result identifier. Possible Values:
Y - Successful Authentication N - Failed Authentication U - Unable to
Complete Authentication A - Successful Attempts Transaction C - Challenge
Required for Authentication R - Authentication Rejected (Merchant must
not submit for authorization) NOTE: Statuses of C and R only apply to
Consumer Authentication 2.0.,"
collectionFormat: multi
name: authentication.pares_status
- name: authentication.payload
in: query
description:
"The encoded payment request generated by Centinel. NOTE: Available
if Enrolled = Y"
schema:
type: string
x-alternatives:
- type: string
description:
"The encoded payment request generated by Centinel. NOTE:
Available if Enrolled = Y"
- type: array
items:
type: string
description:
"The encoded payment request generated by Centinel. NOTE:
Available if Enrolled = Y"
collectionFormat: multi
name: authentication.payload
x-alternatives:
- type: string
description:
"The encoded payment request generated by Centinel. NOTE: Available
if Enrolled = Y"
- type: array
items:
type: string
description:
"The encoded payment request generated by Centinel. NOTE:
Available if Enrolled = Y"
collectionFormat: multi
name: authentication.payload
- name: authentication.reason_code
in: query
description: The error code indicating a problem with this transaction.
schema:
type: string
x-alternatives:
- type: string
description: The error code indicating a problem with this transaction.
- type: array
items:
type: string
description: The error code indicating a problem with this transaction.
collectionFormat: multi
name: authentication.reason_code
x-alternatives:
- type: string
description: The error code indicating a problem with this transaction.
- type: array
items:
type: string
description: The error code indicating a problem with this transaction.
collectionFormat: multi
name: authentication.reason_code
- name: authentication.reason_desc
in: query
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message"
schema:
type: string
x-alternatives:
- type: string
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message"
- type: array
items:
type: string
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail
from the authentication response message"
collectionFormat: multi
name: authentication.reason_desc
x-alternatives:
- type: string
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message"
- type: array
items:
type: string
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message"
collectionFormat: multi
name: authentication.reason_desc
- name: authentication.signature_verification
in: query
description:
"Transaction Signature status identifier. Possible Values: Y
- Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes could
not be validated. This result could be for a variety of reasons; tampering,
certificate expiration, etc., and the result should not be trusted."
schema:
type: string
x-alternatives:
- type: string
description:
"Transaction Signature status identifier. Possible Values:
Y - Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes
could not be validated. This result could be for a variety of reasons;
tampering, certificate expiration, etc., and the result should not be
trusted."
- type: array
items:
type: string
description:
"Transaction Signature status identifier. Possible Values:
Y - Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes
could not be validated. This result could be for a variety of reasons;
tampering, certificate expiration, etc., and the result should not
be trusted."
collectionFormat: multi
name: authentication.signature_verification
x-alternatives:
- type: string
description:
"Transaction Signature status identifier. Possible Values:
Y - Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes
could not be validated. This result could be for a variety of reasons;
tampering, certificate expiration, etc., and the result should not be
trusted."
- type: array
items:
type: string
description:
"Transaction Signature status identifier. Possible Values:
Y - Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes
could not be validated. This result could be for a variety of reasons;
tampering, certificate expiration, etc., and the result should not be
trusted."
collectionFormat: multi
name: authentication.signature_verification
- name: authentication.status_reason
in: query
description:
"Provides additional information as to why the PAResStatus has
the specific value. NOTE: Required for Payment (e.g. Authentication Indicator
equals 01 on Lookup Request) transactions when PAResStatus is equal to N,
U, or R in the Lookup Response."
schema:
type: string
x-alternatives:
- type: string
description:
"Provides additional information as to why the PAResStatus
has the specific value. NOTE: Required for Payment (e.g. Authentication
Indicator equals 01 on Lookup Request) transactions when PAResStatus
is equal to N, U, or R in the Lookup Response"
- type: array
items:
type: string
description:
"Provides additional information as to why the PAResStatus
has the specific value. NOTE: Required for Payment (e.g. Authentication
Indicator equals 01 on Lookup Request) transactions when PAResStatus
is equal to N, U, or R in the Lookup Response"
collectionFormat: multi
name: authentication.status_reason
x-alternatives:
- type: string
description:
"Provides additional information as to why the PAResStatus
has the specific value. NOTE: Required for Payment (e.g. Authentication
Indicator equals 01 on Lookup Request) transactions when PAResStatus is
equal to N, U, or R in the Lookup Response"
- type: array
items:
type: string
description:
"Provides additional information as to why the PAResStatus
has the specific value. NOTE: Required for Payment (e.g. Authentication
Indicator equals 01 on Lookup Request) transactions when PAResStatus
is equal to N, U, or R in the Lookup Response"
collectionFormat: multi
name: authentication.status_reason
- name: authentication.threeds_version
in: query
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0 NOTE:
Required for Mastercard Identity Check transactions in Authorization "
schema:
type: string
x-alternatives:
- type: string
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0 NOTE:
Required for Mastercard Identity Check transactions in Authorization "
- type: array
items:
type: string
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0
NOTE: Required for Mastercard Identity Check transactions in Authorization "
collectionFormat: multi
name: authentication.threeds_version
x-alternatives:
- type: string
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0 NOTE:
Required for Mastercard Identity Check transactions in Authorization "
- type: array
items:
type: string
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0 NOTE:
Required for Mastercard Identity Check transactions in Authorization "
collectionFormat: multi
name: authentication.threeds_version
- name: authentication.xid
in: query
description:
"Third Party Token that is returned from the token provider after
a card number is specified on the request. NOTE: This field is returned
if Tokenization is enabled in the Merchant profile setting AND the Merchant
is using a third party token provider."
schema:
type: string
x-alternatives:
- type: string
description:
"Third Party Token that is returned from the token provider
after a card number is specified on the request. NOTE: This field is
returned if Tokenization is enabled in the Merchant profile setting
AND the Merchant is using a third party token provider."
- type: array
items:
type: string
description:
"Third Party Token that is returned from the token provider
after a card number is specified on the request. NOTE: This field
is returned if Tokenization is enabled in the Merchant profile setting
AND the Merchant is using a third party token provider."
collectionFormat: multi
name: authentication.xid
x-alternatives:
- type: string
description:
"Third Party Token that is returned from the token provider
after a card number is specified on the request. NOTE: This field is returned
if Tokenization is enabled in the Merchant profile setting AND the Merchant
is using a third party token provider."
- type: array
items:
type: string
description:
"Third Party Token that is returned from the token provider
after a card number is specified on the request. NOTE: This field is
returned if Tokenization is enabled in the Merchant profile setting
AND the Merchant is using a third party token provider."
collectionFormat: multi
name: authentication.xid
- name: encrypted_card
in: query
description:
"Client encrypted cardholder data. The cardholder data encrypted\
\ using the Verifone provided public key. This needs to be provided in\
\ base64 encoded format. The data to encrypt is a JSON with possible tags\
\ being cardNumber, sequenceNumber, cardholderName, startMonth, startYear,\
\ expiryMonth, expiryYear, cvv. Additionally a tag called captureTime must\
\ be presenting indicating the time the card was captured in UTC in format\
\ RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. Sample JSON to encrypt:\
\ \n \n {\n \"captureTime\": '2019-08-24T14:15:22Z',\n\
\ \"cardNumber\": '5555555555554444',\n \"expiryMonth\"\
: 1,\n \"expiryYear\": 2025,\n \"cvv\": '123',\n \
\ } \n Note: encrypted_card is required if card or reuse_token is\
\ not provided."
schema:
type: string
x-alternatives:
- type: string
description:
"Client encrypted cardholder data. The cardholder data encrypted\
\ using the Verifone provided public key. This needs to be provided\
\ in base64 encoded format. The data to encrypt is a JSON with possible\
\ tags being cardNumber, sequenceNumber, cardholderName, startMonth,\
\ startYear, expiryMonth, expiryYear, cvv. Additionally a tag called\
\ captureTime must be presenting indicating the time the card was captured\
\ in UTC in format RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z.\
\ Sample JSON to encrypt: \n \n {\n \"captureTime\"\
: '2019-08-24T14:15:22Z',\n \"cardNumber\": '5555555555554444',\n\
\ \"expiryMonth\": 1,\n \"expiryYear\": 2025,\n\
\ \"cvv\": '123',\n } \n Note: encrypted_card is required\
\ if card or reuse_token is not provided."
- type: array
items:
type: string
description:
"Client encrypted cardholder data. The cardholder data\
\ encrypted using the Verifone provided public key. This needs to\
\ be provided in base64 encoded format. The data to encrypt is a\
\ JSON with possible tags being cardNumber, sequenceNumber, cardholderName,\
\ startMonth, startYear, expiryMonth, expiryYear, cvv. Additionally\
\ a tag called captureTime must be presenting indicating the time\
\ the card was captured in UTC in format RFC 3339, section 5.6. eg.\
\ 2019-08-24T14:15:22Z. Sample JSON to encrypt: \n \n {\n\
\ \"captureTime\": '2019-08-24T14:15:22Z',\n \
\ \"cardNumber\": '5555555555554444',\n \"expiryMonth\"\
: 1,\n \"expiryYear\": 2025,\n \"cvv\": '123',\n\
\ } \n Note: encrypted_card is required if card or reuse_token\
\ is not provided."
collectionFormat: multi
name: encrypted_card
x-alternatives:
- type: string
description:
"Client encrypted cardholder data. The cardholder data encrypted\
\ using the Verifone provided public key. This needs to be provided\
\ in base64 encoded format. The data to encrypt is a JSON with possible\
\ tags being cardNumber, sequenceNumber, cardholderName, startMonth,\
\ startYear, expiryMonth, expiryYear, cvv. Additionally a tag called\
\ captureTime must be presenting indicating the time the card was captured\
\ in UTC in format RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. \
\ Sample JSON to encrypt: \n \n {\n \"captureTime\"\
: '2019-08-24T14:15:22Z',\n \"cardNumber\": '5555555555554444',\n\
\ \"expiryMonth\": 1,\n \"expiryYear\": 2025,\n\
\ \"cvv\": '123',\n } \n Note: encrypted_card is required\
\ if card or reuse_token is not provided."
- type: array
items:
type: string
description:
"Client encrypted cardholder data. The cardholder data encrypted\
\ using the Verifone provided public key. This needs to be provided\
\ in base64 encoded format. The data to encrypt is a JSON with possible\
\ tags being cardNumber, sequenceNumber, cardholderName, startMonth,\
\ startYear, expiryMonth, expiryYear, cvv. Additionally a tag called\
\ captureTime must be presenting indicating the time the card was captured\
\ in UTC in format RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z.\
\ Sample JSON to encrypt: \n \n {\n \"captureTime\"\
: '2019-08-24T14:15:22Z',\n \"cardNumber\": '5555555555554444',\n\
\ \"expiryMonth\": 1,\n \"expiryYear\": 2025,\n\
\ \"cvv\": '123',\n } \n Note: encrypted_card is required\
\ if card or reuse_token is not provided."
collectionFormat: multi
name: encrypted_card
- name: public_key_alias
in: query
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided."
schema:
type: string
x-alternatives:
- type: string
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not
provided."
- type: array
items:
type: string
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is
not provided."
collectionFormat: multi
name: public_key_alias
x-alternatives:
- type: string
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided."
- type: array
items:
type: string
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not
provided."
collectionFormat: multi
name: public_key_alias
- name: _id!
in: query
description: ThreeDSAuthentication id
schema:
type: string
- name: amount!
in: query
description: The amount of the transaction.
schema:
maximum: 9007199254740991
type: number
- name: card!
in: query
description: The ID of the card that is checked for enrollment.
schema:
type: string
- name: created_at!
in: query
description: The time at which the authentication was created.
schema:
type: string
format: date
- name: currency_code!
in: query
description: Alphabetical ISO 4217 currency code for the sale amount.
schema:
maxLength: 3
minLength: 3
type: string
- name: entity_id!
in: query
description: The ID of the entity, which this authentication belongs to.
schema:
type: string
- name: threeds_contract_id!
in: query
description: The ID of the threeDSContractId used.
schema:
type: string
- name: transaction_id!
in: query
description:
To complete the transaction, the value is required to be passed
on the Cardinal.Continue().
schema:
type: string
- name: authentication.acs_rendering_type!
in: query
description:
"Identifies the UI Type the ACS will use to complete the challenge.
NOTE: Only available for App transactions using the Cardinal Mobile SDK
and is optional for an Issuer to return."
schema:
type: string
- name: authentication.acs_transaction_id!
in: query
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
schema:
type: string
- name: authentication.acs_url!
in: query
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled = Y"
schema:
type: string
- name: authentication.authentication_type!
in: query
description:
"Indicates the type of authentication that will be used to challenge
the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out
of Band)"
schema:
type: string
- name: authentication.authorization_payload!
in: query
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
schema:
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
type: string
- name: authentication.card_brand!
in: query
description: Card Brand
schema:
type: string
- name: authentication.cardholder_info!
in: query
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the ACS. The
Issuing Bank can optionally support this value.
schema:
type: string
- name: authentication.cavv_algorithm!
in: query
description:
"Indicates the algorithm used to generate the CAVV value. Possible
Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
schema:
type: string
- name: authentication.cavv!
in: query
description:
Cardholder Authentication Verification Value (CAVV). This value
should be appended to the authorization message signifying that the transaction
has been successfully authenticated. It will be encoded according to the
Merchant's configuration in either Base64 encoding or Hex encoding. A Base64
encoding Merchant configuration will produce values of 28 or 32 characters.
A Hex encoding Merchant configuration will produce values of 40 or 48 characters.
The value when decoded will either be 20 bytes for CAVV.
schema:
type: string
- name: authentication.challenge_cancel!
in: query
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future EMVCo
use (values invalid until defined by EMVCo). 03 - Transaction Timed Out—Decoupled
Authentication 04 - Transaction timed out at ACS—other timeouts 05 - Transaction
Timed out at ACS - First CReq not received by ACS 06 - Transaction Error
07 - Unknown 08 = Transaction Timed Out at SDK NOTE: Only present when the
Consumer cancels the challenge. Decoupled authentication is not supported
at this time."
schema:
type: string
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- "8.0"
- name: authentication.challenge_required!
in: query
description:
"Indicates whether a challenge is required to complete authentication.
For example, regional mandates. Possible Values: Y - Challenge Required
N - Challenge Not Required"
schema:
type: string
- name: authentication.ds_transaction_id!
in: query
description:
"Unique transaction identifier assigned by the Directory Server
(DS) to identify a single transaction. NOTE: Required for Mastercard Identity
Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0)
transactions."
schema:
type: string
- name: authentication.eci_flag!
in: query
description:
"Electronic Commerce Indicator (ECI). The ECI value is part of
the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 - Attempted
Authentication Transaction 00 or 07 - Non 3D Secure Transaction Mastercard
- 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS
CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
schema:
type: string
- name: authentication.enrolled!
in: query
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return
the ACSUrl N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication rule
is triggered to bypass authentication in this use case NOTE: If the
Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.
"
schema:
type: string
- name: authentication.error_desc!
in: query
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
schema:
type: string
- name: authentication.error_no!
in: query
description:
"Application error number(s). A non-zero value represents the
error encountered while attempting to process the message request. NOTE:
Multiple error numbers are separated by a comma."
schema:
type: string
- name: authentication.network_score!
in: query
description: The global score calculated by the CB Scoring platform.
schema:
maxLength: 2
type: string
- name: authentication.order_id!
in: query
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant and unique
BIN range to 3DS services.
schema:
type: string
- name: authentication.pares_status!
in: query
description:
"Transactions status result identifier. Possible Values: Y -
Successful Authentication N - Failed Authentication U - Unable to Complete
Authentication A - Successful Attempts Transaction C - Challenge Required
for Authentication R - Authentication Rejected (Merchant must not submit
for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication
2.0.,"
schema:
type: string
- name: authentication.payload!
in: query
description:
"The encoded payment request generated by Centinel. NOTE: Available
if Enrolled = Y"
schema:
type: string
- name: authentication.reason_code!
in: query
description: The error code indicating a problem with this transaction.
schema:
type: string
- name: authentication.reason_desc!
in: query
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message"
schema:
type: string
- name: authentication.signature_verification!
in: query
description:
"Transaction Signature status identifier. Possible Values: Y
- Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes could
not be validated. This result could be for a variety of reasons; tampering,
certificate expiration, etc., and the result should not be trusted."
schema:
type: string
- name: authentication.status_reason!
in: query
description:
"Provides additional information as to why the PAResStatus has
the specific value. NOTE: Required for Payment (e.g. Authentication Indicator
equals 01 on Lookup Request) transactions when PAResStatus is equal to N,
U, or R in the Lookup Response."
schema:
type: string
- name: authentication.threeds_version!
in: query
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0 NOTE:
Required for Mastercard Identity Check transactions in Authorization "
schema:
type: string
- name: authentication.xid!
in: query
description:
"Third Party Token that is returned from the token provider after
a card number is specified on the request. NOTE: This field is returned
if Tokenization is enabled in the Merchant profile setting AND the Merchant
is using a third party token provider."
schema:
type: string
- name: encrypted_card!
in: query
description:
"Client encrypted cardholder data. The cardholder data encrypted\
\ using the Verifone provided public key. This needs to be provided in\
\ base64 encoded format. The data to encrypt is a JSON with possible tags\
\ being cardNumber, sequenceNumber, cardholderName, startMonth, startYear,\
\ expiryMonth, expiryYear, cvv. Additionally a tag called captureTime must\
\ be presenting indicating the time the card was captured in UTC in format\
\ RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. Sample JSON to encrypt:\
\ \n \n {\n \"captureTime\": '2019-08-24T14:15:22Z',\n\
\ \"cardNumber\": '5555555555554444',\n \"expiryMonth\"\
: 1,\n \"expiryYear\": 2025,\n \"cvv\": '123',\n \
\ } \n Note: encrypted_card is required if card or reuse_token is\
\ not provided."
schema:
type: string
- name: public_key_alias!
in: query
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided."
schema:
type: string
- name: _id~
in: query
description: ThreeDSAuthentication id
schema:
type: string
- name: card~
in: query
description: The ID of the card that is checked for enrollment.
schema:
type: string
- name: currency_code~
in: query
description: Alphabetical ISO 4217 currency code for the sale amount.
schema:
maxLength: 3
minLength: 3
type: string
- name: entity_id~
in: query
description: The ID of the entity, which this authentication belongs to.
schema:
type: string
- name: threeds_contract_id~
in: query
description: The ID of the threeDSContractId used.
schema:
type: string
- name: transaction_id~
in: query
description:
To complete the transaction, the value is required to be passed
on the Cardinal.Continue().
schema:
type: string
- name: authentication.acs_rendering_type~
in: query
description:
"Identifies the UI Type the ACS will use to complete the challenge.
NOTE: Only available for App transactions using the Cardinal Mobile SDK
and is optional for an Issuer to return."
schema:
type: string
- name: authentication.acs_transaction_id~
in: query
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
schema:
type: string
- name: authentication.acs_url~
in: query
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled = Y."
schema:
type: string
- name: authentication.authentication_type~
in: query
description:
"Indicates the type of authentication that will be used to challenge
the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out
of Band)"
schema:
type: string
- name: authentication.authorization_payload~
in: query
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
schema:
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
type: string
- name: authentication.card_brand~
in: query
description: Card Brand
schema:
type: string
- name: authentication.cardholder_info~
in: query
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the ACS. The
Issuing Bank can optionally support this value.
schema:
type: string
- name: authentication.cavv_algorithm~
in: query
description:
"Indicates the algorithm used to generate the CAVV value. Possible
Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
schema:
type: string
- name: authentication.cavv~
in: query
description:
Cardholder Authentication Verification Value (CAVV). This value
should be appended to the authorization message signifying that the transaction
has been successfully authenticated. It will be encoded according to the
Merchant's configuration in either Base64 encoding or Hex encoding. A Base64
encoding Merchant configuration will produce values of 28 or 32 characters.
A Hex encoding Merchant configuration will produce values of 40 or 48 characters.
The value when decoded will either be 20 bytes for CAVV.
schema:
type: string
- name: authentication.challenge_cancel~
in: query
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future EMVCo
use (values invalid until defined by EMVCo). 03 - Transaction Timed Out—Decoupled
Authentication 04 - Transaction timed out at ACS—other timeouts 05 - Transaction
Timed out at ACS - First CReq not received by ACS 06 - Transaction Error
07 - Unknown 08 = Transaction Timed Out at SDK NOTE: Only present when the
Consumer cancels the challenge. Decoupled authentication is not supported
at this time."
schema:
type: string
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- "8.0"
- name: authentication.challenge_required~
in: query
description:
"Indicates whether a challenge is required to complete authentication.
For example, regional mandates. Possible Values: Y - Challenge Required
N - Challenge Not Required"
schema:
type: string
- name: authentication.ds_transaction_id~
in: query
description:
"Unique transaction identifier assigned by the Directory Server
(DS) to identify a single transaction. NOTE: Required for Mastercard Identity
Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0)
transactions"
schema:
type: string
- name: authentication.eci_flag~
in: query
description:
"Electronic Commerce Indicator (ECI). The ECI value is part of
the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 - Attempted
Authentication Transaction 00 or 07 - Non 3D Secure Transaction Mastercard
- 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS
CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
schema:
type: string
- name: authentication.enrolled~
in: query
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return
the ACSUrl N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication rule
is triggered to bypass authentication in this use case NOTE: If the
Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.
"
schema:
type: string
- name: authentication.error_desc~
in: query
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
schema:
type: string
- name: authentication.error_no~
in: query
description:
"Application error number(s). A non-zero value represents the
error encountered while attempting to process the message request. NOTE:
Multiple error numbers are separated by a comma."
schema:
type: string
- name: authentication.network_score~
in: query
description: The global score calculated by the CB Scoring platform.
schema:
maxLength: 2
type: string
- name: authentication.order_id~
in: query
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant and unique
BIN range to 3DS services.
schema:
type: string
- name: authentication.pares_status~
in: query
description:
"Transactions status result identifier. Possible Values: Y -
Successful Authentication N - Failed Authentication U - Unable to Complete
Authentication A - Successful Attempts Transaction C - Challenge Required
for Authentication R - Authentication Rejected (Merchant must not submit
for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication
2.0.,"
schema:
type: string
- name: authentication.payload~
in: query
description:
"The encoded payment request generated by Centinel. NOTE: Available
if Enrolled = Y"
schema:
type: string
- name: authentication.reason_code~
in: query
description: The error code indicating a problem with this transaction.
schema:
type: string
- name: authentication.reason_desc~
in: query
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message"
schema:
type: string
- name: authentication.signature_verification~
in: query
description:
"Transaction Signature status identifier. Possible Values: Y
- Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes could
not be validated. This result could be for a variety of reasons; tampering,
certificate expiration, etc., and the result should not be trusted."
schema:
type: string
- name: authentication.status_reason~
in: query
description:
"Provides additional information as to why the PAResStatus has
the specific value. NOTE: Required for Payment (e.g. Authentication Indicator
equals 01 on Lookup Request) transactions when PAResStatus is equal to N,
U, or R in the Lookup Response."
schema:
type: string
- name: authentication.threeds_version~
in: query
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0 NOTE:
Required for Mastercard Identity Check transactions in Authorization "
schema:
type: string
- name: authentication.xid~
in: query
description:
"Third Party Token that is returned from the token provider after
a card number is specified on the request. NOTE: This field is returned
if Tokenization is enabled in the Merchant profile setting AND the Merchant
is using a third party token provider."
schema:
type: string
- name: encrypted_card~
in: query
description:
"Client encrypted cardholder data. The cardholder data encrypted\
\ using the Verifone provided public key. This needs to be provided in\
\ base64 encoded format. The data to encrypt is a JSON with possible tags\
\ being cardNumber, sequenceNumber, cardholderName, startMonth, startYear,\
\ expiryMonth, expiryYear, cvv. Additionally a tag called captureTime must\
\ be presenting indicating the time the card was captured in UTC in format\
\ RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. Sample JSON to encrypt:\
\ \n \n {\n \"captureTime\": '2019-08-24T14:15:22Z',\n\
\ \"cardNumber\": '5555555555554444',\n \"expiryMonth\"\
: 1,\n \"expiryYear\": 2025,\n \"cvv\": '123',\n \
\ } \n Note: encrypted_card is required if card or reuse_token is\
\ not provided."
schema:
type: string
- name: public_key_alias~
in: query
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided."
schema:
type: string
- name: amount>
in: query
description: The amount of the transaction.
schema:
maximum: 9007199254740991
type: number
- name: created_at>
in: query
description: The time at which the authentication was created.
schema:
type: string
format: date
- name: amount<
in: query
description: The amount of the transaction.
schema:
maximum: 9007199254740991
type: number
- name: created_at<
in: query
description: The time at which the authentication was created.
schema:
type: string
format: date
responses:
200:
description: Successful
content:
application/json:
schema:
$ref: "#/components/schemas/Model2"
400:
description: Bad Request
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
401:
description: Unauthorized
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
403:
description: Forbidden
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
404:
description: Not Found
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
500:
description: Internal Server Error
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
504:
description: Gateway Time-out
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
/v2/3d/{id}:
get:
tags:
- V2
summary: Get ThreeDSAuthentication by ID
security:
- BasicAuth: []
description:
"The API returns details about a particular threeDSAuthentication associated with
the provided ID."
operationId: getV23dId
parameters:
- name: id
in: path
description: ThreeDSAuthentication id
required: true
schema:
type: string
responses:
200:
description: Successful
content:
application/json:
schema:
$ref: "#/components/schemas/ThreeDSAuthenticationObject"
400:
description: Bad Request
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
401:
description: Unauthorized
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
403:
description: Forbidden
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
404:
description: Not Found
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
500:
description: Internal Server Error
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
504:
description: Gateway Time-out
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
/v2/lookup:
post:
tags:
- V2
summary: Cardholder Authentication API for 3DS
security:
- BasicAuth: []
description: The Cardholder Authentication API for 3DS authenticates the cardholder and leads to a challenge flow or a frictionless flow adhering to the Strong Customer Authentication (SCA) directive. For further details, refer to Server-to-Server Payments with 3D Secure.
operationId: postV2Lookup
requestBody:
content:
"application/json":
schema:
$ref: "#/components/schemas/Model3"
required: false
responses:
200:
description: Successful
content:
application/json:
schema:
$ref: "#/components/schemas/Model4"
400:
description: Bad Request
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
401:
description: Unauthorized
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
403:
description: Forbidden
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
404:
description: Not Found
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
500:
description: Internal Server Error
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
504:
description: Gateway Time-out
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
x-codegen-request-body-name: body
/v2/jwt/create:
post:
tags:
- V2
summary: Create a JWT for 3DS Client SDK
security:
- BasicAuth: []
description:
"The API creates a JSON Web Token (JWT) which is then used as a method of authentication between
the merchant and the 3DS Client SDK."
operationId: postV2JwtCreate
requestBody:
content:
"application/json":
schema:
$ref: "#/components/schemas/Model5"
required: false
responses:
201:
description: Created
content:
application/json:
schema:
$ref: "#/components/schemas/Model6"
400:
description: Bad Request
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
401:
description: Unauthorized
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
403:
description: Forbidden
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
404:
description: Not Found
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
500:
description: Internal Server Error
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
504:
description: Gateway Time-out
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
x-codegen-request-body-name: body
/v2/jwt/validate:
post:
tags:
- V2
summary: Validate a JWT for 3DS Client SDK
security:
- BasicAuth: []
description:
"The API validates the JSON Web Token (JWT) and returns the consumer authentication outcome
to the merchant."
operationId: postV2JwtValidate
requestBody:
content:
"application/json":
schema:
$ref: "#/components/schemas/Model7"
required: false
responses:
201:
description: Created
content:
application/json:
schema:
$ref: "#/components/schemas/Model8"
400:
description: Bad Request
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
401:
description: Unauthorized
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
403:
description: Forbidden
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
404:
description: Not Found
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
500:
description: Internal Server Error
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
504:
description: Gateway Time-out
content:
application/json:
schema:
$ref: "#/components/schemas/Model1"
x-codegen-request-body-name: body
components:
schemas:
authentication:
type: object
properties:
threeds_version:
type: string
example: 2.2.0
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0 NOTE:
Required for Mastercard Identity Check transactions in Authorization "
enrolled:
type: string
example: Y
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return
the ACSUrl N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication rule
is triggered to bypass authentication in this use case NOTE: If the
Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.
"
error_desc:
type: string
example: Error Processing Message Request
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
error_no:
type: string
example: "0"
description:
"Application error number(s). A non-zero value represents the
error encountered while attempting to process the message request. NOTE:
Multiple error numbers are separated by a comma."
order_id:
type: string
example: "8000725863630542"
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant and
unique BIN range to 3DS services.
eci_flag:
type: string
example: "05"
description:
"Electronic Commerce Indicator (ECI). The ECI value is part
of the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 -
Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction
Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05,
06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
signature_verification:
type: string
example: Y
description:
"Transaction Signature status identifier. Possible Values:
Y - Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes
could not be validated. This result could be for a variety of reasons;
tampering, certificate expiration, etc., and the result should not be
trusted."
ds_transaction_id:
type: string
example: 78841adc-0252-4d14-89e6-9a4747a145da
description:
"Unique transaction identifier assigned by the Directory Server
(DS) to identify a single transaction. NOTE: Required for Mastercard Identity
Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0)
transactions"
acs_url:
type: string
example: https://0merchantacsstag.cardinalcommerce.com/MerchantACSWeb/creq.jsp
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled =
Y"
card_brand:
type: string
example: VISA
description: Card Brand
network_score:
maxLength: 2
type: string
example: "99"
description: The global score calculated by the CB Scoring platform.
challenge_cancel:
type: string
example: "01"
description:
"An indicator as to why the transaction was canceled. Possible
Values: 01 - Cardholder selected Cancel 02 - Reserved for future
EMVCo use (values invalid until defined by EMVCo). 03 - Transaction Timed
Out—Decoupled Authentication 04 - Transaction timed out at ACS—other timeouts
05 - Transaction Timed out at ACS - First CReq not received by ACS 06
- Transaction Error 07 - Unknown 08 = Transaction Timed Out at SDK NOTE:
Only present when the Consumer cancels the challenge. Decoupled authentication
is not supported at this time."
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- "8.0"
authorization_payload:
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
type: string
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
cavv:
type: string
example: MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=
description:
Cardholder Authentication Verification Value (CAVV). This value
should be appended to the authorization message signifying that the transaction
has been successfully authenticated. It will be encoded according to the
Merchant's configuration in either Base64 encoding or Hex encoding. A
Base64 encoding Merchant configuration will produce values of 28 or 32
characters. A Hex encoding Merchant configuration will produce values
of 40 or 48 characters. The value when decoded will either be 20 bytes
for CAVV.
cavv_algorithm:
type: string
example: "2"
description:
"Indicates the algorithm used to generate the CAVV value. Possible
Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
pares_status:
type: string
example: Y
description:
"Transactions status result identifier. Possible Values: Y
- Successful Authentication N - Failed Authentication U - Unable to Complete
Authentication A - Successful Attempts Transaction C - Challenge Required
for Authentication R - Authentication Rejected (Merchant must not submit
for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication
2.0.,"
payload:
type: string
example: eyJtZXNzYWdlVHlwZSI6IkNSZXEiLCJtZXNzYWdlVmVyc2lvbiI6IjIuMi4wIiwidGhyZWVEU1NlcnZlclRyYW5zSUQiOiI4MmIwZmEwNS0yYzJkLTQyYzUtYWIyMi01ZjFhZjRjMGU4ZDEiLCJhY3NUcmFuc0lEIjoiN2NkMmNkZmEtNjA2YS00ODg4LWFjMmYtZGMyZTc1ODFlMjMwIiwiY2hhbGxlbmdlV2luZG93U2l6ZSI6IjAyIn0
description:
"The encoded payment request generated by Centinel. NOTE: Available
if Enrolled = Y."
xid:
type: string
description:
"Third Party Token that is returned from the token provider
after a card number is specified on the request. NOTE: This field is returned
if Tokenization is enabled in the Merchant profile setting AND the Merchant
is using a third party token provider."
reason_code:
type: string
example: "1001"
description: The error code indicating a problem with this transaction.
reason_desc:
type: string
example: Error Processing Message Request
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message."
cardholder_info:
type: string
example: Additional authentication is required by the issuing bank for this transaction, please contact Anybank at 123-456-7890.
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the ACS. The
Issuing Bank can optionally support this value.
acs_rendering_type:
type: string
example: "01"
description:
"Identifies the UI Type the ACS will use to complete the challenge.
NOTE: Only available for App transactions using the Cardinal Mobile SDK
and is optional for an Issuer to return."
acs_transaction_id:
type: string
example: 9fe9a7d5-5e07-48c2-9fdd-a21fa274b1e9
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
authentication_type:
type: string
example: "01"
description:
"Indicates the type of authentication that will be used to
challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03
- OOB (Out of Band)"
challenge_required:
type: string
example: N
description:
"Indicates whether a challenge is required to complete authentication.
For example, regional mandates. Possible Values: Y - Challenge Required
N - Challenge Not Required"
status_reason:
type: string
example: "01"
description:
"Provides additional information as to why the PAResStatus
has the specific value. NOTE: Required for Payment (e.g. Authentication
Indicator equals 01 on Lookup Request) transactions when PAResStatus is
equal to N, U, or R in the Lookup Response"
ThreeDSAuthenticationObject:
type: object
properties:
_id:
type: string
example: f1aeb720-9bd9-4667-a24f-979fb8175c65
description: ThreeDSAuthentication id
amount:
maximum: 9007199254740991
type: number
example: 20cde61c-cdd0-4a5a-90f6-47ba4f1e5704
description: The amount of the transaction.
threeds_contract_id:
type: string
example: 7076974d-04b9-4375-9814-e9313f6bd036
description: The ID of the threeDSContractId used.
authentication:
$ref: "#/components/schemas/authentication"
card:
type: string
description: The ID of the card that is checked for enrollment.
currency_code:
maxLength: 3
minLength: 3
type: string
example: USD
description: Alphabetical ISO 4217 currency code for the sale amount.
created_at:
type: string
description: The time at which the authentication was created.
format: date
entity_id:
type: string
example: 516af950-02b8-43fb-9955-1c01d0d67e90
description: The ID of the entity, which this authentication belongs to.
transaction_id:
type: string
example: ppWyiLx7GnvTLlqFZtM1
description:
To complete the transaction, the value is required to be passed
on the Cardinal.Continue().
ListOfThreeDSAuthenticationObjects:
type: array
items:
$ref: "#/components/schemas/ThreeDSAuthenticationObject"
details:
type: object
Model1:
required:
- code
- message
type: object
properties:
code:
type: number
description: A 3-digit code which uniquely identify an error.
details:
$ref: "#/components/schemas/details"
message:
type: string
description: A description of the error.
timestamp:
type: number
description: Error timestamp
Model2:
required:
- count
type: object
properties:
count:
type: number
description: count.
device_data_info:
type: object
properties:
browser_java_enabled:
type: boolean
description:
A Boolean value that represents the ability of the cardholder
browser to execute Java. Value is returned from the navigator.javaEnabled
property.
browser_header:
maxLength: 2048
type: string
example: text/html,application/xhtml+xml,application/xml;q=0.9
description:
"The exact content of the HTTP accept headers sent from the
cardholder's browser. Example: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
browser_language:
maxLength: 8
type: string
example: en-US
description:
"Value represents the browser language as defined in IETF BCP47
. Example: en-US"
browser_color_depth:
maxLength: 2
type: string
example: "24"
description:
"Value represents the bit depth of the color palette for displaying
images, in bits per pixel Example: 24"
browser_screen_height:
maxLength: 6
type: string
example: "864"
description:
"Total height of the Cardholder's screen in pixels. Example:
864"
browser_screen_width:
maxLength: 6
type: string
example: "1536"
description:
"Total width of the cardholder's screen in pixels. Example:
1536"
browser_time_zone:
maxLength: 5
type: string
example: "300"
description:
"Time difference between UTC time and the cardholder browser
local time, in minutes Example: 300"
user_agent:
maxLength: 2048
type: string
example: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
description:
"The exact content of the HTTP user agent header. Example:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
Gecko) Chrome/71.0.3578.98 Safari/537.36"
ip_address:
type: string
example: 1.12.123.255
description:
"The IP address of the Consumer. NOTE: IPv4 and IPv6 are
supported. Example: IPv4 address: 1.12.123.255 IPv6 address: 2011:0db8:85
a3:0101:0101:8a2e:03 70:7334"
x-format:
ip:
version:
- ipv4
- ipv6
cidr: optional
browser_javascript_enabled:
type: boolean
description:
A Boolean value that represents the ability of the cardholder
browser to execute JavaScript.
Model3:
required:
- amount
- billing_address_1
- billing_city
- billing_country_code
- billing_first_name
- billing_last_name
- currency_code
- device_info_id
- email
- merchant_reference
- threeds_contract_id
type: object
properties:
account_age_indicator:
type: string
description:
"Length of time cardholder has had account. Possible Values: *
01 - No account * 02 - Created during transaction * 03 - Less than 30
days * 04 - 30-60 days * 05 - More than 60 days"
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
account_change_date:
type: string
description:
"Date the cardholder's account was last changed. This includes
changes to the billing or shipping address, new payment accounts or new
users added.` Format: YYYYMMDD`"
format: date
account_change_indicator:
type: string
description:
"Length of time since the last change to the cardholder account.
This includes shipping address, new payment account or new user added.
Possible Values: * 01 - Changed during transaction * 02 - Less than 30
days * 03 - 30-60 days * 04 - More than 60 days"
enum:
- "01"
- "02"
- "03"
- "04"
account_create_date:
type: string
description: "Date the cardholder opened the account. `Format: YYYYMMDD`"
format: date
account_id:
maxLength: 64
type: string
example: "123456789"
description: Additional cardholder account information.
account_purchases:
maximum: 9999
type: number
description:
Number of purchases with this cardholder account during the
previous six months.
account_pwd_change_date:
type: string
description:
"Date the cardholder last changed or reset password on account.
`Format: YYYYMMDD`"
format: date
account_pwd_change_indicator:
type: string
description:
"Length of time since the cardholder changed or reset the password
on the account. Possible Values: * 01 - No change * 02 - Changed during
transaction * 03 - Less than 30 days * 04 - 30-60 days * 05 - More
than 60 days"
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
acs_window_size:
type: string
description:
"An override field that a merchant can pass in to set the challenge
window size to display to the end cardholder.The ACS will reply with content
that is formatted appropriately to this window size to allow for the best
user experience. The sizes are width x height in pixels of the window
displayed in the cardholder browser window. Possible values: * 01 - 250x400 *
02 - 390x400 * 03 - 500x600 * 04 - 600x400 * 05 - Full page"
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
add_card_attempts:
maximum: 999
type: number
description: Number of add card attempts in the last 24 hours.
address_match:
type: string
description:
"Indicates whether cardholder billing and shipping addresses
match. Possible Values: * Y - Shipping address matches billing address *
N - Shipping address does not match billing address"
enum:
- Y
- N
alias:
maxLength: 128
type: string
description:
"An alias that uniquely identifies the account. NOTE: This
field is required if Tokenization is enabled in the Merchant profile settings."
alternate_authentication_data:
maxLength: 2048
type: string
description:
Data that documents and supports a specific authentication
process that was sent in the AlternateAuthenticationMethod field.
alternate_authentication_date:
type: string
description:
"Date and time in UTC of the cardholder authentication. ` Format:
YYYYMMDDHHMM`"
format: date
alternate_authentication_method:
type: string
description:
"Mechanism used by the cardholder to authenticate to the 3DS
requester. Possible Values: * 01 - No authentication occurred (e.g.
Guest Checkout) * 02 - Login to the cardholder account at the Merchant
system using Merchant system credentials * 03 - Login to the cardholder
account at the Merchant system using a Federated ID * 04 - Login to the
cardholder account at the Merchant system using Issuer credentials *
05 - Login to the cardholder account at the Merchant system using third-party
authentication * 06 - Login to the cardholder account at the Merchant
system using FIDO Authenticator"
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
authentication_indicator:
type: string
description:
Indicates the type of Authentication request. 01 - Payment
transaction 02 - Recurring transaction 03 - Installment transaction 04
- Add card 05 - Maintain card 06 - Cardholder verification as part
of EMV token ID&V
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
amount:
maximum: 9007199254740991
type: number
description: The amount of the transaction.
billing_first_name:
maxLength: 22
type: string
example: Chris
description: Consumer's billing first name.
billing_last_name:
maxLength: 22
type: string
example: Brown
description: Consumer's last name.
billing_phone:
maxLength: 20
type: string
example: 555-8675-309
description:
"Conditional: Consumer's phone number for billing address.
This should be unformatted without hyphens. ITU/E.123 format with international
prefix (+PPNNNNNNNNN...)"
billing_address_1:
maxLength: 50
type: string
example: 8100 Tyler Blvd
description: Consumer's billing address information.
billing_address_2:
maxLength: 50
type: string
example: 1211A Victory Street
description: "Conditional: Consumer's billing address information."
billing_address_3:
maxLength: 50
type: string
example: 2740 Sunset Blvd
description: "Conditional: Consumer's billing address information."
billing_city:
maxLength: 50
type: string
example: Mentor
description: Consumer's city on their billing address.
billing_postal_code:
maxLength: 16
type: string
example: K44060
description:
Consumer's postal code of their billing address. Required unless
market or regional mandate restricts sending this information.
billing_state:
maxLength: 50
type: string
example: OH
description:
Consumer's state or province of their billing address. ISO
3166-2 format as sub division code. Required unless market or regional
mandate restricts sending this information, or State is not applicable
for this country.
billing_country_code:
type: string
example: US
description: Consumer's alpha 2 digit ISO 3166 country code.
card:
type: string
description:
"The ID of the card that is checked for enrollment. Note:
The card is required if encrypted_card or reuse_token is not provided."
encrypted_card:
type: string
example: U3dhZ2dlciByb2Nrcw==
description:
"Client encrypted cardholder data. The cardholder data encrypted\
\ using the Verifone provided public key. This needs to be provided\
\ in base64 encoded format. The data to encrypt is a JSON with possible\
\ tags being cardNumber, sequenceNumber, cardholderName, startMonth,\
\ startYear, expiryMonth, expiryYear, cvv. Additionally a tag called\
\ captureTime must be presenting indicating the time the card was captured\
\ in UTC in format RFC 3339, section 5.6. eg. 2019-08-24T14:15:22Z. \
\ Sample JSON to encrypt: \n \n {\n \"captureTime\"\
: '2019-08-24T14:15:22Z',\n \"cardNumber\": '5555555555554444',\n\
\ \"expiryMonth\": 1,\n \"expiryYear\": 2025,\n\
\ \"cvv\": '123',\n } \n Note: encrypted_card is required\
\ if card or reuse_token is not provided."
public_key_alias:
type: string
description:
"The alias for the public key used to encrypt this card.
Note: public_key_alias is required if card or reuse_token is not provided."
reuse_token:
maxLength: 255
minLength: 16
type: string
description:
"The Verifone issued reuse token used to represent the previously
stored cardholder data. Note: reuse_token is required if card or
encrypted_card is not provided."
currency_code:
maxLength: 3
minLength: 3
type: string
example: USD
description: Alphabetical ISO 4217 currency code for the sale amount.
card_type:
type: string
description:
"Type of cards used for purchase. Possible Values: * VSA
- Visa * MSC - Mastercard * VSD - Visa Delta/Debit (UK) * VSE - Visa
Electron * MAE - Maestro (UK, Spain & Austria) AMX - American Express *
DSC - Discover * DIN - Diners * CBLA - Carte Blanche JCB - JCB * ENR
- EnRoute * JAL - JAL * CTB - Carte Bleue * DNK - Dankort * CSI -
CartaSi * EAN - Encoded Account Number UATP - UATP * MAEI - Maestro
(International) * CB - Cartes Bancaires"
enum:
- VSA
- MSC
- VSD
- VSE
- MAE
- AMX
- DSC
- DIN
- CBLA
- JCB
- ENR
- JAL
- CTB
- DNK
- CSI
- EAN
- UATP
- MAEI
- CB
category_code:
maximum: 9999
type: number
description:
"Merchant category code (MCC) NOTE: This field is required
by Mastercard and Visa Brazil extensions."
challenge_indicator:
type: string
description:
"NOTE: This is a 2.0 required field, Cardinal will default
to 01 on Merchant Configuration - can be overridden by the merchant. Possible
Values: * 01 - No preference * 02 - No challenge requested * 03 - Challenge
requested (3DS Requestor Preference) * 04 - Challenge requested (Mandate)
* 90 - Used to call the CB Scoring platform"
enum:
- "01"
- "02"
- "03"
- "04"
- "90"
device_info_id:
type: string
example: 1_e852b685-6ba3-4f6a-bf30-183cbce64b92
description:
Device infromation ID that relates to the device data that
was previously collected.
delivery_email:
maxLength: 255
type: string
example: john.doe@example.com
description:
For electronic delivery, email address to which the merchandise
was delivered.
x-format:
email:
minDomainSegments: 2
delivery_time_frame:
type: string
description:
"Indicates the delivery timeframe. Possible Values: * 01
- Electronic delivery * 02 - Same day shipping * 03 - Overnight shipping *
04 - Two or more days shipping"
enum:
- "01"
- "02"
- "03"
- "04"
device_channel:
type: string
description:
"Determines the channel that the transaction came through.
Possible Values: * SDK * Browser * 3RI NOTE: SDK will dynamically set
SDK when using the Mobile SDK or Browser when customer is using our JavaScript
SDK. Client will need to set 3RI for Merchant Initiated or 3RI transactions."
enum:
- SDK
- Browser
- 3RI
device_data_info:
$ref: "#/components/schemas/device_data_info"
email:
type: string
example: john.doe@example.com
description: Consumer's email address.
x-format:
email:
minDomainSegments: 2
fraud_activity:
type: string
description:
"Indicates whether the merchant experienced suspicious activity
(including previous fraud) on the account. Possible Values: * 01 - No
suspicious activity * 02 - Suspicious activity observed"
enum:
- "01"
- "02"
gift_card_amount:
maximum: 999999999999999
type: number
description:
"The purchase amount total for prepaid gift cards in major
units. Example: $123.45 USD = 12345"
gift_card_count:
maximum: 99
type: number
description: Total count of individual prepaid gift cards purchased.
gift_card_currency_code:
maxLength: 3
minLength: 3
type: string
example: USD
description: ISO 4217 currency code for the gift card purchased.
installment:
maximum: 999
minimum: 2
type: number
description:
Indicates the maximum number of authorizations for installment
payments. An integer value greater than 1 indicating the maximum number
of permitted authorizations for installment payments. ** Required for
Recurring and Installment transactions, when authenticationIndicator="02"
& "03" **
merchant_reference:
type: string
example: order_123
description:
Order Number or transaction identifier from the Merchant commerce
website.
merchant_score:
maxLength: 20
type: string
example: "100"
description: The global score calculated by the CB Scoring platform.
message_category:
type: string
description:
"Category of the message for a specific use case. Possible\
\ Values: \n * 01 - PA (payment)/ NPA (non payment) with amount 0 \n\
\ * 02 - NPA (non payment) \n NOTE: Default is payment (01). Configured\
\ on Merchant account, or can be overridden on transaction."
enum:
- "01"
- "02"
phone_number:
type: string
example: "+1234567890"
description:
Cardholder's phone number. ITU/E.123 format with international
prefix (+PPNNNNNNNNN...). Required unless market or regional mandate restricts
sending this information.
payment_account_age:
type: string
description:
"Date when the payment account was added to the cardholder account.
` Format: YYYYMMDD`"
format: date
payment_account_indicator:
type: string
description:
"Indicates the length of time that the payment account was
enrolled in the merchant account. Possible Values: * 01 - No account
(guest checkout) * 02 - During the transaction * 03 - Less than 30 days *
04 - 30-60 days * 05 - More than 60 days"
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
payment_use_case:
type: string
description:
"The value from this field will be mapped to the data field\
\ on the CB-USECASE extension.\n NOTE: Required for CB transactions (required\
\ if MessageCategory = PA, or MessageCategory = NPA and AuthenticationIndicator\
\ = 02 or 03).\n - Possible Values:\n \t* 01 - Single Payment \n \t* 02\
\ - Fixed Amount and Term Subscription \n \t* 03 - Payment By Instalments\
\ \n \t* 04 - Payment By Shipment \n \t* 05 - Other Recurring Payments\
\ \n"
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
pre_order_date:
type: string
description:
"Expected date that a pre-ordered purchase will be available.
`Format: YYYYMMDD`"
format: date
pre_order_indicator:
type: string
description:
"Indicates whether the cardholder is placing an order with a future
availability or release date. Possible Values: * 01 - Merchandise available *
02 - Future availability"
enum:
- "01"
- "02"
prior_authentication_data:
maxLength: 2048
type: string
description:
This field carry data that the ACS can use to verify the authentication
process
prior_authentication_method:
type: string
description:
Mechanism used by the Cardholder to previously authenticate
to the 3DS Requestor. * 01 - Frictionless authentication occurred by
ACS * 02 - Cardholder challenge occurred by ACS * 03 - AVS verified *
04 - Other issuer methods
enum:
- "01"
- "02"
- "03"
- "04"
prior_authentication_ref:
maxLength: 36
type: string
example: cfbdce5a-2604-4ab5-b959-90ae2854d281
description:
This data element contains a ACS Transaction ID for a prior
authenticated transaction. For example, the first recurring transaction
that was authenticated with the cardholder
prior_authentication_time:
type: string
description:
"Date and time in UTC of the prior cardholder authentication.
` Format: YYYYMMDDHHMM`"
format: date
product_code:
type: string
description:
"Merchant product code. Possible Values: * PHY - Goods/Service
Purchase * CHA - Check Acceptance * ACF - Account Funding * QCT
- Quasi-Cash Transaction * PAL - Prepaid Activation and Load NOTE:
This value defaults to PHY. This field can be used to override that value
if applicable. "
enum:
- PHY
- CHA
- ACF
- QCT
- PAL
purchase_date:
type: string
description:
'Date of original purchase. `Format: YYYYMMDDHHMMSS` NOTE:
If not passed, SDK will use current date. Required for recurring transactions.
** Required for Recurring and Installment transactions, when authenticationIndicator="02"
& "03" **'
format: date
recurring_end:
type: string
description:
'The date after which no further recurring authorizations should
be performed. `Format: YYYYMMDD` ** Required for Recurring and Installment
transactions, when authenticationIndicator="02" & "03" **'
format: date
recurring_frequency:
maximum: 9999
type: number
description:
'Conditional: Integer value indicating the minimum number of
days between recurring authorizations. A frequency of monthly is indicated
by the value 28. Multiple of 28 days will be used to indicate months.
Example: 6 months = 168 ** Required for Recurring and Installment transactions,
when authenticationIndicator="02" & "03" **'
reorder_indicator:
type: string
description:
"Indicates whether the cardholder is placing an order with a future
availability or release date. Possible Values: * 01 - Merchandise available *
02 - Future availability"
enum:
- "01"
- "02"
requestor_id:
maxLength: 35
type: string
description:
"This value is a Directory Server assigned 3DS Requestor ID
value, each DS may provide a unique ID. NOTE: This is a 2.0 value only
and if passed will override the Requestor ID value that is, configured
on the Merchant's profile."
requestor_name:
maxLength: 40
type: string
description:
"This value is a Directory Server assigned 3DS Requestor Name
value, each DS may provide a unique ID. NOTE: This is a 2.0 value only
and if passed will override the Requestor Name value that is configured
on the Merchant's profile."
sdk_max_timeout:
maximum: 99
type: number
description:
"This field indicates the maximum amount of time for all 3DS
2.0 messages to be communicated between all components (in minutes). Possible
Values: * Greater than or equal to 05 (05 is the minimum timeout to set)
* Cardinal Default is set to 15 * NOTE: This field is a required 3DS 2.0
field and Cardinal sends in a default of 15 if nothing is passed."
shipping_address_1:
maxLength: 50
type: string
example: 8100 Tyler Blvd
description: "Conditional: Consumer's shipping address information."
shipping_address_2:
maxLength: 50
type: string
example: 1234 Test Street
description: "Conditional: Consumer's shipping address information."
shipping_address_3:
maxLength: 50
type: string
example: 5678 Test Street
description: "Conditional: Consumer's shipping address information."
shipping_address_usage_date:
type: string
description:
"Date when the shipping address used for this transaction was
first used. `Format: YYYYMMDD`"
format: date
shipping_address_usage_indicator:
type: string
description:
"Indicates when the shipping address used for transaction was
first used. Possible Values: * 01 - This transaction * 02 - Less than
30 days * 03 - 30-60 days * 04 - More than 60 days"
enum:
- "01"
- "02"
- "03"
- "04"
shipping_city:
maxLength: 50
type: string
example: Mentor
description: "Conditional: Consumer's city of their shipping address."
shipping_country_code:
type: string
example: US
description: "Conditional: Consumer's alpha 2 digit ISO 3166 country code."
shipping_method_indicator:
type: string
description:
"Indicates shipping method chosen for the transaction. Possible
Values: * 01 - Ship to cardholder billing address * 02 - Ship to another
verified address on file with merchant * 03 - Ship to address that is
different than billing address * 04 - Ship to store (store address should
be populated on request) * 05 - Digital goods * 06 - Travel and event
tickets, not shipped * 07 - Other"
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
shipping_name_indicator:
type: string
description:
"Indicates if the cardholder name on the account is identical
to the shipping name used for the transaction. Possible Values: * 01 -
Account and shipping name identical * 02 - Account and shipping name differ"
enum:
- "01"
- "02"
shipping_postal_code:
maxLength: 16
type: string
example: K44060
description: "Conditional: Consumer's postal code of their shipping address."
shipping_state:
maxLength: 50
type: string
example: OH
description:
"Conditional: Consumer's state or province of their shipping
address. ISO 3166-2 format as sub division code."
threeds_contract_id:
type: string
example: 7076974d-04b9-4375-9814-e9313f6bd036
description: The ID of the threeDSContractId used.
three_ri_indicator:
type: string
description:
"Indicates the type of 3RI request. Possible Values: * 01
- Recurring transaction * 02 - Installment transaction * 03 - Add card *
04 - Maintain card * 05 - Account verification * 06 - Split/delayed
shipment * 07 - Top-up * 08 - Mail Order * 09 - Telephone Order *
10 - Whitelist status check * 11 - Other payment"
enum:
- "01"
- "02"
- "03"
- "04"
- "05"
- "06"
- "07"
- "08"
- "09"
- "10"
- "11"
threeds_version:
type: string
description:
This field contains the 3DS version that can be leveraged to
force a transaction down the 1.0 rails.
enum:
- 1.0.2
deprecated: true
token:
maxLength: 100
type: string
example: "1234567890"
description:
"The third party token that will be used to process the transaction
in place of the actual card number. NOTE: This field is required if Tokenization
is enabled in the Merchant profile setting AND the Merchant is using a
third party token in place of the Cardinal token."
transaction_mode:
type: string
description:
"Transaction mode identifier. Identifies the channel the transaction
originates from. Available Options: M - Moto (Mail Order Telephone Order)
P - Mobile Device R - Retail (Physical Store) S - Computer Device T -
Tablet Device"
enum:
- M
- P
- R
- S
- T
transaction_count_day:
maximum: 999
type: number
description:
Number of transactions (successful or abandoned) for this cardholder
account within the last 24 hours.
transaction_count_year:
maximum: 999
type: number
description:
Number of transactions (successful or abandoned) for this cardholder
account within the last year.
total_items:
maxLength: 2
minLength: 2
type: string
description:
"Number of purchased items or services Possible Values:
00-99"
work_phone:
maxLength: 25
type: string
example: "+10987654321"
description:
"Conditional: Consumer's work phone number. ITU/E.123 format
with international prefix (+PPNNNNNNNNN...)"
Model4:
type: object
properties:
acs_rendering_type:
type: string
example: "01"
description:
"Identifies the UI Type the ACS will use to complete the challenge.
NOTE: Only available for App transactions using the Cardinal Mobile SDK
and is optional for an Issuer to return."
acs_transaction_id:
type: string
example: 9fe9a7d5-5e07-48c2-9fdd-a21fa274b1e9
description:
Unique transaction identifier assigned by the ACS to identify
a single transaction.
acs_url:
type: string
example: https://0merchantacsstag.cardinalcommerce.com/MerchantACSWeb/creq.jsp
description:
"The fully qualified URL to redirect the Consumer to complete
the Consumer Authentication transaction. NOTE: Available if Enrolled =
Y"
authentication_id:
type: string
example: 8894172e-52b2-4815-82da-ca3c5f005268
description:
Authentication ID for completing the 3D Secure flow. To complete
the transaction, the value is required to be passed on the Authenticate
message to link the Lookup and Authenticate message together.
authentication_type:
type: string
example: "01"
description:
"Indicates the type of authentication that will be used to
challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03
- OOB (Out of Band)"
authorization_payload:
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
type: string
example: eyJjb250YWluZXJWZXJzaW9uIjoiMSIsImVjaSI6IjA1IiwiYXV0aGVudGljYXRpb25WYWx1ZSI6IkFKa0JCa2hnUVFBQUFFNGdTRUp5ZFFBQUFBQT0iLCJlZmZlY3RpdmVBdXRoVHlwZSI6IkZSIiwiYWNzT3BlcmF0b3JJRCI6Ik1lcmNoYW50QUNTIiwidGhyZWVEU1JlcXVlc3RvckNoYWxsZW5nZUluZCI6IjAxIiwidHJhbnNTdGF0dXMiOiJZIiwiZHNUcmFuc0lEIjoiNzg4NDFhZGMtMDI1Mi00ZDE0LTg5ZTYtOWE0NzQ3YTE0NWRhIiwiYWNzVHJhbnNJRCI6IjlmZTlhN2Q1LTVlMDctNDhjMi05ZmRkLWEyMWZhMjc0YjFlOSIsIm1lc3NhZ2VWZXJzaW9uIjoiMi4yLjAiLCJtZXJjaGFudE5hbWUiOiJWZXJpRm9uZSIsInB1cmNoYXNlRGF0ZSI6IjIwMTkxMjMxMjM1OTU5IiwicHVyY2hhc2VBbW91bnQiOiI5ODg3NTYiLCJyZWN1cnJpbmdFeHBpcnkiOiIyMDE5MDgyMyIsImJyb3dzZXJJUCI6Ijg5LjE0Ni41OC44NyIsIm1lcmNoYW50Q291bnRyeUNvZGUiOiI4NDAiLCJhY3F1aXJlckJJTiI6IjEyMzQ1Njc4IiwiYWNxdWlyZXJNZXJjaGFudElEIjoiMTIzNDU2IiwidGhyZWVEU1JlcXVlc3Rvck5hbWUiOiJ2ZXJpZm9uZSIsInRocmVlRFNSZXF1ZXN0b3JJRCI6InZlcmlmb25lMjAiLCJjYXJkQnJhbmQiOiJWSVNBIn0=
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
cardholder_info:
type: string
example: Additional authentication is required by the issuing bank for this transaction, please contact Anybank at 123-456-7890.
description:
Additional text provided by the Issuing Bank to the Cardholder
during a Frictionless transaction and was not authenticated by the ACS. The
Issuing Bank can optionally support this value.
cavv:
type: string
example: Y2FyZGluYWxjb21tZXJjZWF1dGg=
description:
Cardholder Authentication Verification Value (CAVV). This value
should be appended to the authorization message signifying that the transaction
has been successfully authenticated. It will be encoded according to the
Merchant's configuration in either Base64 encoding or Hex encoding. A
Base64 encoding Merchant configuration will produce values of 28 or 32
characters. A Hex encoding Merchant configuration will produce values
of 40 or 48 characters. The value when decoded will either be 20 bytes
for CAVV.
cavv_algorithm:
type: string
example: "2"
description:
"Indicates the algorithm used to generate the CAVV value. Possible
Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
challenge_required:
type: string
example: N
description:
"Indicates whether a challenge is required to complete authentication.
For example, regional mandates. Possible Values: Y - Challenge Required
N - Challenge Not Required"
card_brand:
type: string
example: VISA
description: Card Brand
ds_transaction_id:
type: string
example: 78841adc-0252-4d14-89e6-9a4747a145da
description:
"Unique transaction identifier assigned by the Directory Server
(DS) to identify a single transaction. NOTE: Required for Mastercard Identity
Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0)
transactions"
eci_flag:
type: string
example: "05"
description:
"Electronic Commerce Indicator (ECI). The ECI value is part
of the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 -
Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction
Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05,
06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
enrolled:
type: string
example: Y
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return
the ACSUrl N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication rule
is triggered to bypass authentication in this use case NOTE: If the
Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.
"
error_desc:
type: string
example: Error Processing Message Request
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
error_no:
type: string
example: "0"
description:
"Application error number(s). A non-zero value represents the
error encountered while attempting to process the message request. NOTE:
Multiple error numbers are separated by a comma."
network_score:
maxLength: 2
type: string
example: "99"
description: The global score calculated by the CB Scoring platform..
order_id:
type: string
example: "8000725863630542"
description:
3DS server generated order identifier. Used to link multiple
actions on a single order to a single identifier. Mod-10 compliant and
unique BIN range to 3DS services.
pares_status:
type: string
example: Y
description:
"Transactions status result identifier. Possible Values: Y
- Successful Authentication N - Failed Authentication U - Unable to Complete
Authentication A - Successful Attempts Transaction C - Challenge Required
for Authentication R - Authentication Rejected (Merchant must not submit
for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication
2.0.,"
payload:
type: string
example: eyJtZXNzYWdlVHlwZSI6IkNSZXEiLCJtZXNzYWdlVmVyc2lvbiI6IjIuMi4wIiwidGhyZWVEU1NlcnZlclRyYW5zSUQiOiI4MmIwZmEwNS0yYzJkLTQyYzUtYWIyMi01ZjFhZjRjMGU4ZDEiLCJhY3NUcmFuc0lEIjoiN2NkMmNkZmEtNjA2YS00ODg4LWFjMmYtZGMyZTc1ODFlMjMwIiwiY2hhbGxlbmdlV2luZG93U2l6ZSI6IjAyIn0
description:
"The encoded payment request generated by Centinel. NOTE: Available
if Enrolled = Y"
reason_code:
type: string
example: "1001"
description: The error code indicating a problem with this transaction.
reason_desc:
type: string
example: Error Processing Message Request
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message"
signature_verification:
type: string
example: Y
description:
"Transaction Signature status identifier. Possible Values:
Y - Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes
could not be validated. This result could be for a variety of reasons;
tampering, certificate expiration, etc., and the result should not be
trusted."
status_reason:
type: string
example: "01"
description:
"Provides additional information as to why the PAResStatus
has the specific value. NOTE: Required for Payment (e.g. Authentication
Indicator equals 01 on Lookup Request) transactions when PAResStatus is
equal to N, U, or R in the Lookup Response"
third_party_token:
type: string
description:
"Third Party Token that is returned from the token provider
after a card number is specified on the request. NOTE: This field is returned
if Tokenization is enabled in the Merchant profile setting AND the Merchant
is using a third party token provider."
threeds_version:
type: string
example: 2.2.0
description:
"This field contains the 3DS version that was used to process
the transaction. Possible Values: 1.0.2 2.1.0 NOTE:
Required for Mastercard Identity Check transactions in Authorization "
token:
type: string
description:
"Server generated order identifier. NOTE: This field is returned
if Tokenization is enabled in the Merchant profile settings."
transaction_id:
type: string
example: 7SsMEhgljpXAbKOLqNA0
description:
To complete the transaction, the value is required to be passed
on the Cardinal.Continue().
xid:
type: string
example: AgIAABTXCmieAEiwml9DlVAsiBI=
description:
"Third Party Token that is returned from the token provider
after a card number is specified on the request. NOTE: This field is returned
if Tokenization is enabled in the Merchant profile setting AND the Merchant
is using a third party token provider."
Model5:
required:
- threeds_contract_id
type: object
properties:
threeds_contract_id:
type: string
example: cfbdce5a-2604-4ab5-b959-90ae2854d281
description: The ID of the threeDSContractId used.
Model6:
required:
- jwt
- threeds_contract_id
type: object
properties:
jwt:
type: string
example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjNmZjZGU3NS02M2MxLTRiMDktODA4MS0xYjdmMGUyZDQ2MmMiLCJpc3MiOiI1ZDEyMmU1OGMxYjQxMjI5M2MwYTUwZDIiLCJPcmdVbml0SWQiOiI1ZDExMmJjMWJiODc2ODIyNDBmOGRjMGQiLCJQYXlsb2FkIjp7fSwiaWF0IjoxNzE1MTgwMDk5fQ.yfNWLd2ssMoUpJt2QOUhf9p1B3dcl0xFOeaPYi8MUxI
description: JWT to handle authentication
threeds_contract_id:
type: string
example: 7076974d-04b9-4375-9814-e9313f6bd036
description: The ID of the threeDSContractId used.
Model7:
required:
- authentication_id
- jwt
- threeds_contract_id
type: object
properties:
authentication_id:
type: string
example: 8894172e-52b2-4815-82da-ca3c5f005268
description:
Authentication ID for completing the 3D Secure flow. To complete
the transaction, the value is required to be passed on the Authenticate
message to link the Lookup and Authenticate message together.
jwt:
type: string
example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjNmZjZGU3NS02M2MxLTRiMDktODA4MS0xYjdmMGUyZDQ2MmMiLCJpc3MiOiI1ZDEyMmU1OGMxYjQxMjI5M2MwYTUwZDIiLCJPcmdVbml0SWQiOiI1ZDExMmJjMWJiODc2ODIyNDBmOGRjMGQiLCJQYXlsb2FkIjp7fSwiaWF0IjoxNzE1MTgwMDk5fQ.yfNWLd2ssMoUpJt2QOUhf9p1B3dcl0xFOeaPYi8MUxI
description: JWT with authentication details.
threeds_contract_id:
type: string
example: af8f5e0d-799d-4421-a8ee-04002a15af53
description: The ID of the threeDSContractId used.
validation_result:
required:
- cavv
- eci_flag
- enrolled
- pares_status
- signature_verification
- xid
type: object
properties:
authorization_payload:
pattern: ^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$
type: string
example: eyJjb250YWluZXJWZXJzaW9uIjoiMSIsImVjaSI6IjA1IiwiYXV0aGVudGljYXRpb25WYWx1ZSI6IkFKa0JCa2hnUVFBQUFFNGdTRUp5ZFFBQUFBQT0iLCJlZmZlY3RpdmVBdXRoVHlwZSI6IkZSIiwiYWNzT3BlcmF0b3JJRCI6Ik1lcmNoYW50QUNTIiwidGhyZWVEU1JlcXVlc3RvckNoYWxsZW5nZUluZCI6IjAxIiwidHJhbnNTdGF0dXMiOiJZIiwiZHNUcmFuc0lEIjoiNzg4NDFhZGMtMDI1Mi00ZDE0LTg5ZTYtOWE0NzQ3YTE0NWRhIiwiYWNzVHJhbnNJRCI6IjlmZTlhN2Q1LTVlMDctNDhjMi05ZmRkLWEyMWZhMjc0YjFlOSIsIm1lc3NhZ2VWZXJzaW9uIjoiMi4yLjAiLCJtZXJjaGFudE5hbWUiOiJWZXJpRm9uZSIsInB1cmNoYXNlRGF0ZSI6IjIwMTkxMjMxMjM1OTU5IiwicHVyY2hhc2VBbW91bnQiOiI5ODg3NTYiLCJyZWN1cnJpbmdFeHBpcnkiOiIyMDE5MDgyMyIsImJyb3dzZXJJUCI6Ijg5LjE0Ni41OC44NyIsIm1lcmNoYW50Q291bnRyeUNvZGUiOiI4NDAiLCJhY3F1aXJlckJJTiI6IjEyMzQ1Njc4IiwiYWNxdWlyZXJNZXJjaGFudElEIjoiMTIzNDU2IiwidGhyZWVEU1JlcXVlc3Rvck5hbWUiOiJ2ZXJpZm9uZSIsInRocmVlRFNSZXF1ZXN0b3JJRCI6InZlcmlmb25lMjAiLCJjYXJkQnJhbmQiOiJWSVNBIn0=
description:
The Base64 encoded JSON Payload of CB specific Authorization
Values returned in the Frictionless Flow.
cavv:
type: string
example: MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=
description:
Cardholder Authentication Verification Value (CAVV). This value
should be appended to the authorization message signifying that the transaction
has been successfully authenticated. It will be encoded according to the
Merchant's configuration in either Base64 encoding or Hex encoding. A
Base64 encoding Merchant configuration will produce values of 28 or 32
characters. A Hex encoding Merchant configuration will produce values
of 40 or 48 characters. The value when decoded will either be 20 bytes
for CAVV.
cavv_algorithm:
type: string
example: "2"
description:
"Indicates the algorithm used to generate the CAVV value. Possible
Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm"
eci_flag:
type: string
example: "05"
description:
"Electronic Commerce Indicator (ECI). The ECI value is part
of the 2 data elements that indicate the transaction was processed electronically.
This should be passed on the authorization transaction to the Gateway/Processor.
Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 -
Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction
Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05,
06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
enrolled:
type: string
example: Y
description:
"Status of Authentication eligibility. Possible Values:
Y - Yes, Bank is participating in 3D Secure protocol and will return
the ACSUrl N - No, Bank is not participating in 3D Secure protocol
U - Unavailable, The DS or ACS is not available for authentication
at the time of the request B - Bypass, Merchant authentication rule
is triggered to bypass authentication in this use case NOTE: If the
Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication.
"
pares_status:
type: string
example: Y
description:
"Transactions status result identifier. Possible Values: Y
- Successful Authentication N - Failed Authentication U - Unable to Complete
Authentication A - Successful Attempts Transaction C - Challenge Required
for Authentication R - Authentication Rejected (Merchant must not submit
for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication
2.0.,"
reason_code:
type: string
example: "1001"
description: The error code indicating a problem with this transaction.
reason_desc:
type: string
example: Error Processing Message Request
description:
"Text and additional detail about the error for this transaction.
NOTE: This field concatenates the errorDescription and errorDetail from
the authentication response message"
signature_verification:
type: string
example: Y
description:
"Transaction Signature status identifier. Possible Values:
Y - Indicates that the signature of the PARes has been validated successfully
and the message contents can be trusted. N - Indicates that the PARes
could not be validated. This result could be for a variety of reasons;
tampering, certificate expiration, etc., and the result should not be
trusted."
xid:
type: string
example: AgIAABTXCmieAEiwml9DlVAsiBI=
description:
"Third Party Token that is returned from the token provider
after a card number is specified on the request. NOTE: This field is returned
if Tokenization is enabled in the Merchant profile setting AND the Merchant
is using a third party token provider."
Model8:
required:
- action_code
- authentication_id
- error_desc
- error_no
type: object
properties:
authentication_id:
type: string
example: 8894172e-52b2-4815-82da-ca3c5f005268
description:
Authentication ID for completing the 3D Secure flow. To complete
the transaction, the value is required to be passed on the Authenticate
message to link the Lookup and Authenticate message together.
action_code:
type: string
description: The resulting state of the transaction
error_no:
type: string
example: "0"
description:
"Application error number(s). A non-zero value represents the
error encountered while attempting to process the message request. NOTE:
Multiple error numbers are separated by a comma."
error_desc:
type: string
example: Error Processing Message Request
description:
"Application error description for the associated error number(s).
NOTE: Multiple error descriptions are separated by a comma."
validation_result:
$ref: "#/components/schemas/validation_result"
securitySchemes:
BasicAuth:
type: http
scheme: basic