API Overview

Recent Revisions to This Document

Payer Authentication Developer Guide
- VISA Platform Connect: Specifications and Conditions for Resellers/Partners

Introduction to Payer Authentication
- Why Payer Authentication Is Needed
- EMV 3-D Secure 2.0
- Payer Authentication Customer Workflow
- Payer Authentication Merchant Workflow
- Acquirer Information
- Enable Merchant Account for EMV 3-D Secure
- Payer Authentication Configuration Testing
- Request Endpoints
- Payer Authentication Integrations

Implementing Direct API for Payer Authentication

Step 1: Setup Service

Step 2: Device Data Collection

Step 3: Payer Authentication Check Enrollment Service

Step 4: Step-Up Iframe

Step 5: Payer Authentication Validation Service

Combining the Authentication and the Authorization Services
- Combining Check Enrollment and the Authorization Services
  - Check Enrollment Response Fields and Their Equivalent Authorization Request Fields
- Combining the Validation and the Authorization Services
  - Validation Fields and their Equivalent Authorization Fields

Implementing SDK Payer Authentication
- Implementation Overview
- Process Flow for SDK Integration
- Prerequisites for SDK Implementation
  - Credentials/API Keys
    - Generating your API Key:
- Mobile Device Data Collected
- Using the Android SDK
- Using the iOS SDK
- Running Payer Authentication with SDK

Authentication Examples Using Primary Account Numbers
- Setting Up Device Data Collection
- Checking Enrollment in Payer Authentication
- Checking Enrollment and Authorizing a Transaction
- Validating a Challenge
- Validating and Authorizing a Transaction
- Non-Payment Authentication

Examples Using 3-D Secure Data Only
- Visa Data Only
- Mastercard Data Only

Authentication Examples Using Digital Payment (Google Pay)
- Setting Up Device Data Collection Using Digital Payment (Google Pay)
- Checking Enrollment in Payer Authentication Using Digital Payment (Google Pay)
  - pa2-use-check-enroll-reqd-fields-google
  - pa2-use-check-enroll-opt-fields-google
  - REST Example: Checking Enrollment in Payer Authentication Using Google Pay
- Validating a Challenge Using Digital Payment (Google Pay)
  - pa2-use-validate-reqd-fields-google
  - pa2-use-validation-opt-fields-google
  - REST Example: Validating a Challenge When Using Google Pay

Authentication Examples Using TMS Tokens
- Setting Up Device Data Collection with a TMS Token
- Checking Enrollment When Using a TMS Token
- Validating a Challenge When Using a TMS Token

Authentication Examples Using Flex Microform Tokens
- Setting Up Device Data Collection When Using a Flex Microform Token
- Checking Enrollment When Using a Flex Microform Token
- Validating a Challenge When Using a Flex Microform Token

Authentication Examples Using Network Token/Tokenized Cards
- Setting Up Device Data Collection with a Network Token/Tokenized Card
- Checking Enrollment with a Network Token/Tokenized Card

Authentication Examples of Merchant-Initiated Transactions
- Challenge Reponses to 3RI Transactions
- Network-Specific Values for Multi-Party Commerce/Online Travel Agency (OTA)
- 1a: Initial Recurring Transaction
- 1b: Recurring Payments - Subsequent Transaction (Mastercard)
- 2a: Installment - Customer Initiated Transaction (Mastercard)
- 3a: Split/Partial Shipment (Mastercard)
- 3b: Split/Delayed Shipment (Mastercard)
- 4a: Multi-Party Commerce or OTA (Visa)
- 4b: Multi-Party Commerce or OTA (MasterCard)
- 4c: Multi-Party Commerce or OTA (MasterCard)

Testing Payer Authentication
- Testing Process
  - Enrollment Check Response Fields
  - Authentication Validation Response Fields
- Test Cases for 3-D Secure 2.x
  - 2.1: Frictionless Authentication Is Successful
  - 2.2: Frictionless Authentication Is Unsuccessful
  - 2.3: Stand-In Frictionless Authentication is Attempted
  - 2.4: Frictionless Authentication Is Unavailable
  - 2.5: Frictionless Authentication Is Rejected
  - 2.6: Authentication Is Not Available
  - 2.7: Check Enrollment Error
  - 2.8: Time Out
  - 2.9: Step-Up Authentication Is Successful
  - 2.10: Step-Up Authentication Is Unsuccessful
  - 2.11: Step-Up Authentication Is Unavailable
  - 2.12: Error During Authentication
  - 2.13: Authentication Is Bypassed
  - 2.14: Require Method URL
- Additional Test Cases
  - 1a: First Recurring Transaction: Fixed Amount
  - 2a: Card Authentication Failed
  - 2b: Suspected Fraud
  - 2c: Cardholder Not Enrolled in Service
  - 2d: Transaction Timed Out at the ACS
  - 2e: Non-Payment Transaction Not Supported
  - 2f: 3RI Transaction Not Supported
  - 3a: TRA Exemption—Low Value: Mastercard EMV 3-D Secure 2.1 and 2.2
  - 3b: TRA—Low Value: Visa
  - 4a: Trusted Beneficiary Prompt for Trustlist
  - 4b: Use Trusted Beneficiary Exemption
  - 5a: Visa Data Only
  - 5b: Identity Check Insights (ScoreRequest = Y)

Website Modification Reference
- Website Modification Checklist
- EMV 3-D Secure Service Logos
- Informational Message Examples

Finding Payer Authentication Transaction Details in the Gateway Portal
- Searching for Transactions
- Storing Payer Authentication Data
- Searching for Payer Authentication Details
  - Enrolling a Card
  - Card Not Enrolled

Payer Authentication Reports
- Payer Authentication Summary Report
  - Download the Report
  - Matching the Report to the Transaction Search Results
  - Interpreting the Report
  - Comparing Payer Authentication and Payment Reports
- Payer Authentication Detail Report
  - Report Element
  - PayerAuthDetail Element
  - PAReq Element
  - PARes Element
  - AuthInfo Element
  - Report Examples

HTTP Status Codes

Glossary

On This Page

2.3: Stand-In Frictionless Authentication is Attempted

This test verifies how your system reacts when the cardholder is enrolled in 3-D Secure but the card issuer does not support 3-D Secure, requiring a stand-in authentication experience.

American Express (Card Type = 003)

`3-D Secure` 2.1.0 Test Card Number	`3-D Secure` 2.2.0 Test Card Number
—	34XXX XX XXXX 2872

JCB J/Secure (Card Type = 007)

`3-D Secure` 2.1.0 Test Card Number	`3-D Secure` 2.2.0 Test Card Number
—	3338XX XX XXXX X585

Mastercard (Card Type = 002)

`3-D Secure` 2.1.0 Test Card Number	`3-D Secure` 2.2.0 Test Card Number
—	52XXXX XX XXXX 2482

Visa (Card Type = 001)

`3-D Secure` 2.1.0 Test Card Number	`3-D Secure` 2.2.0 Test Card Number
—	4XXXXX XX XXXX 2719

Results for the Check Enrollment Service

Status

=

AUTHENTICATION_SUCCESSFUL

The cardholder is enrolled in Payer Authentication. Authenticate the cardholder before continuing with the transaction.

VERes enrolled =

Y

PARes status =

A

CAVV =

<CAVV value>

AVV =

<AVV value>

(Mastercard only)

XID =

<XID value>

(American Express only)

E-Commerce Indicator (ECI) Values

This table lists the expected ECI raw values and their respective string values. These values indicate whether the payer was authenticated by the card network. These values should be passed under this test condition when a transaction is submitted for payment authorization.

Network	ECI Raw Value	ECI String Value
American Express	06	aesk_attempted
JCB J/Secure	06	js_attempted
Mastercard	01	spa
Visa	06	vbv_attempted

Results for the Validation Authentication Service

No results are returned.

Action

If you request Check Enrollment and Authorization services separately, add the required payer authentication values (CAVV and ECI) to your authorization request. If you request the Check Enrollment and Authorization services together, the process described above occurs automatically.

Back to top