API Overview

Recent Revisions to This Document

Payer Authentication Developer Guide

Introduction to Payer Authentication
- Why Payer Authentication Is Needed
- EMV 3-D Secure 2.0
- Payer Authentication Customer Workflow
- Payer Authentication Merchant Workflow
- Acquirer Information
- Enable Merchant Account for EMV 3-D Secure
- Payer Authentication Configuration Testing
- Request Endpoints
- Payer Authentication Integrations

Implementing Direct API for Payer Authentication
- Prerequisites
- After Implementation and Before Go Live

Step 1: Setup Service
- Request Fields
- Important Response Fields

Step 2: Device Data Collection
- Which Device Data is Collected
- Building the Iframe
- Initiating the Device Data Collection Iframe
- Submitting the Device Data Collection Iframe
- Receiving the Device Data Collection URL Response

Step 3: Payer Authentication Check Enrollment Service
- Request Fields
- Interpreting the Check Enrollment Response
- Important Response Fields

Step 4: Step-Up Iframe
- Building the Iframe Parameters
- Creating the Iframe
- Invoking the Iframe
- Receiving the Step-Up Results

Step 5: Payer Authentication Validation Service
- Request Fields
- Interpreting the Validation Response
- Redirecting Customers to Pass or Fail Message Page

Combining the Authentication and the Authorization Services
- Combining Check Enrollment and the Authorization Services
- Combining the Validation and the Authorization Services

Implementing SDK Payer Authentication
- Implementation Overview
- Process Flow for SDK Integration
- Prerequisites for SDK Implementation
- What Mobile Device Data is Collected
- Using the Android SDK
- Using the iOS SDK
- Running Payer Authentication with SDK

Payer Authentication
- Setting Up Device Data Collection
- Setting Up Device Data Collection Using Digital Payment (Google Pay)
- Checking Enrollment in Payer Authentication
- Checking Enrollment in Payer Authentication Using Digital Payment (Google Pay)
- Validating a Challenge
- Validating a Challenge Using Digital Payment (Google Pay)
- Validating and Authorizing a Transaction
- Non-Payment Authentication
- Authentication with TMS Tokens
- Authentication with Flex Microform Tokens
- Authentication with Tokenized Cards
- Merchant-Initiated Transactions

Testing Payer Authentication
- Testing Process
- Test Cases for 3-D Secure 2.x
- Payer Authentication Exemption Test Cases
- HTTP Status Codes

Website Modification Reference
- Website Modification Checklist
- EMV 3-D Secure Services Logos
- Informational Message Examples

Alternate Methods for Device Data Collection
- Device Data Collection Overview
- Collecting Device Data

Upgrading Your Payer Authentication Implementation
- Benefits
- PSD2 Impact
- Recommended Integration
- Migrating from EMV 3-D Secure 1.x to 2.x FAQ

Payer Authentication Transaction Details in the Smartpay Fuse Portal
- Payer Authentication Search
- Storing Payer Authentication Data
- Searching for Payer Authentication Details

Payer Authentication Reports
- Payer Authentication Summary Report
- Payer Authentication Detail Report

Glossary

Receiving the Authentication Results

Next onValidated()
(Android SDK) or stepUpDidValidate
(iOS SDK) launches and returns the authentication results and response JWT along with the processor transaction ID as shown in this example.

Decoded Response JWT

{
  "iss": "5a4504be6fe3d1127cdfd94e",
  "iat": 1555075930,
  "exp": 1555083130,
  "jti": "cc532159-636d-4fa8-931d-d4b0f4c83b99",
  "ConsumerSessionId": "0_9a16b7f5-8b94-480d-bf92-09cd302c9230",
  "aud": "d0cf3392-62c5-4107-bf6a-8fc3bb49922b",
  "Payload": {
    "Payment": {
      "Type": "CCA",
      "ProcessorTransactionId": "YGSaOBivyG0dzCFs2Zv0"
    },
    "ErrorNumber": 0,
    "ErrorDescription": "Success"
  }
}