On This Page
Non-Payment Authentication
Non-Payment Authentication (NPA) requests enable a merchant to authenticate a customer
without a transaction. A non-payment use case can be used for such tasks as adding a
card to a merchant website, updating cardholder information on file, or to verify a
cardholder's identity when creating a token for future use. The same authentication used
during the checking enrollment process is used for NPA. Non-payment use cases are
enabled using a combination of the
consumerAuthenticationInformation.messageCategory
and consumerAuthenticationInformation.strongAuthentication.authenticationIndicator
values. For
example to add a card to a loyalty program, set the Message Category value to
02
and the Authentication Indicator value to 04
.
For other possible NPA use cases, refer to the other possible values for consumerAuthenticationInformation.messageCategory
. The consumerAuthenticationInformation.messageCategory
value must be set to
02
(non-payment authentication) to specify that the authentication
is not for a transaction.Card-Specific Requirements
Some payment cards require information to be collected during a transaction.
- consumerAuthenticationInformation. defaultCard
- consumerAuthenticationInformation.mcc
- consumerAuthenticationInformation. productCode
- This field is required for American Express SafeKey (U.S.) when the product code isAIRfor an airline purchase.
- merchantInformation.merchantDescriptor. name
- This field is required for Visa Secure travel.
- orderInformation.shipTo.addess1
- This field is required only for American Express SafeKey (US).
- orderInformation.shipTo.address2
- This field is required only for American Express SafeKey (US.)
- orderInformation.shipTo.administrativeArea
- This field is required only for American Express SafeKey (US).
- orderInformation.shipTo.country
- This field is required only for American Express SafeKey (US).
- orderInformation.shipTo.postalCode
- This field is required for American Express SafeKey (US).
- paymentInformation.card.type
- This field is required when the card type isJCB.
Country-Specific Requirements
These fields are required for transactions in specific countries.
- consumerAuthenticationInformation. merchantScore
- This field is required for transactions processed in France.
- consumerAuthenticationInformation. overrideCountryCode
- invoiceHeader_ merchantDescriptorCountry
- orderInformation.billTo.administrativeArea
- This field is required for transactions in the US and Canada.
- orderinformation.billTo.locality
- This field is required for transactions in the US and Canada.
- orderInformation.billTo.postalCode
- This field is required when theorderInformation.billTo.countryfield value isUSorCA.
- orderInformation.shipTo.administrativeArea
- This field is required when theorderInformation.shipTo.countryfield value isCA,US, orChina.
- orderInformation.shipTo.postalCode
- This field is required when theorderInformation.shipTo.countryfield value isUSorCA.
Processor-Specific Requirements
These fields are required by specific processors for transactions.
- This field is required only for merchants in Saudi Arabia.
Endpoint
Production:
POST
https://nabgateway-api.nab.com.au
/risk/v1/authenticationsTest:
POST
https://nabgateway-api-test.nab.com.au
/risk/v1/authenticationsREST Example: Checking Enrollment for Non-Payment
Authentication
Request
{ "orderInformation": { "amountDetails": { "currency": "USD", "totalAmount": "10.99" }, "billTo": { "address1": "1 Market St", "address2": "Address 2", "administrativeArea": "CA", "country": "US", "locality": "san francisco", "firstName": "John", "lastName": "Doe", "phoneNumber": "4158880000", "email": "[email protected]", "postalCode": "94105" } }, "paymentInformation": { "card": { "type": "001", "expirationMonth": "12", "expirationYear": "2025", "number": "4XXXXXXXXXXX2503" } }, "buyerInformation": { "mobilePhone": 1245789632 }, "deviceInformation": { "ipAddress": "139.130.4.5", "httpAcceptContent": "test", "httpBrowserLanguage": "en_us", "httpBrowserJavaEnabled": false, "httpBrowserJavaScriptEnabled": false, "httpBrowserColorDepth": "24", "httpBrowserScreenHeight": "100000", "httpBrowserScreenWidth": "100000", "httpBrowserTimeDifference": "300", "userAgentBrowserValue": "GxKnLy8TFDUFxJP1t" }, "consumerAuthenticationInformation": { "deviceChannel": "BROWSER", "messageCategory": "02", "transactionMode": "eCommerce" } }
Response
{ "clientReferenceInformation": { "code": "1729234929433" }, "consumerAuthenticationInformation": { "challengeRequired": "N", "authenticationTransactionId": "MXvfrk1911nHJpC18OI0", "strongAuthentication": { "OutageExemptionIndicator": "0" }, "token": "AxjzbwSTi1GtFWKe0Yg5ABEBTyDdd93DSBcS0MRdrSTL0YrmYUwDgAAAWBV8", "acsUrl": "https://0merchantacsstag.cardinalcommerce.com/MerchantACSWeb/creq.jsp", "acsReferenceNumber": "Cardinal ACS", "stepUpUrl": "https://centinelapistag.cardinalcommerce.com/V2/Cruise/StepUp", "pareq": "eyJtZXNzYWdlVHlwZSI6IkNSZXEiLCJtZXNzYWdlVmVyc2lvbiI6IjIuMi4wIiwidGhyZWVEU1NlcnZlclRyYW5zSUQiOiJkOTkzM2U5ZS05MGI4LTQ2YWMtOGEwNy04NzM5YzVlODJiNWMiLCJhY3NUcmFuc0lEIjoiZGUwYTExMjUtODFiNC00YjM4LTlhYTAtZThjNzJkZTAwMzk5IiwiY2hhbGxlbmdlV2luZG93U2l6ZSI6IjAyIn0", "directoryServerTransactionId": "0656bace-7519-4dd9-9450-98dfc6f35d7c", "veresEnrolled": "Y", "threeDSServerTransactionId": "d9933e9e-90b8-46ac-8a07-8739c5e82b5c", "acsOperatorID": "MerchantACS", "specificationVersion": "2.2.0", "acsTransactionId": "de0a1125-81b4-4b38-9aa0-e8c72de00399" }, "errorInformation": { "reason": "CONSUMER_AUTHENTICATION_REQUIRED", "message": "The cardholder is enrolled in Payer Authentication. Please authenticate the cardholder before continuing with the transaction." }, "id": "7292349292916631504953", "paymentInformation": { "card": { "bin": "400000", "type": "VISA" } }, "status": "PENDING_AUTHENTICATION", "submitTimeUtc": "2024-10-18T07:02:09Z" }