API Overview

Recent Revisions to This Document

Payer Authentication Developer Guide

Introduction to Payer Authentication
- Why Payer Authentication Is Needed
- EMV 3-D Secure 2.0
- Payer Authentication Customer Workflow
- Payer Authentication Merchant Workflow
- Acquirer Information
- Enable Merchant Account for EMV 3-D Secure
- Payer Authentication Configuration Testing
- Request Endpoints
- Payer Authentication Integrations

Implementing Direct API for Payer Authentication
- Prerequisites
- After Implementation and Before Go Live

Step 1: Setup Service
- Request Fields
- Important Response Fields

Step 2: Device Data Collection
- Which Device Data is Collected
- Building the Iframe
- Initiating the Device Data Collection Iframe
- Submitting the Device Data Collection Iframe
- Receiving the Device Data Collection URL Response

Step 3: Payer Authentication Check Enrollment Service
- Request Fields
- Interpreting the Check Enrollment Response
- Important Response Fields

Step 4: Step-Up Iframe
- Building the Iframe Parameters
- Creating the Iframe
- Invoking the Iframe
- Receiving the Step-Up Results

Step 5: Payer Authentication Validation Service
- Request Fields
- Interpreting the Validation Response
- Redirecting Customers to Pass or Fail Message Page

Combining the Authentication and the Authorization Services
- Combining Check Enrollment and the Authorization Services
- Combining the Validation and the Authorization Services

Implementing SDK Payer Authentication
- Implementation Overview
- Process Flow for SDK Integration
- Prerequisites for SDK Implementation
- What Mobile Device Data is Collected
- Using the Android SDK
- Using the iOS SDK
- Running Payer Authentication with SDK

Payer Authentication
- Setting Up Device Data Collection
- Setting Up Device Data Collection Using Digital Payment (Google Pay)
- Checking Enrollment in Payer Authentication
- Checking Enrollment in Payer Authentication Using Digital Payment (Google Pay)
- Validating a Challenge
- Validating a Challenge Using Digital Payment (Google Pay)
- Validating and Authorizing a Transaction
- Non-Payment Authentication
- Authentication with TMS Tokens
- Authentication with Flex Microform Tokens
- Authentication with Tokenized Cards
- Merchant-Initiated Transactions

Testing Payer Authentication
- Testing Process
- Test Cases for 3-D Secure 2.x
- Payer Authentication Exemption Test Cases
- HTTP Status Codes

Website Modification Reference
- Website Modification Checklist
- EMV 3-D Secure Services Logos
- Informational Message Examples

Alternate Methods for Device Data Collection
- Device Data Collection Overview
- Collecting Device Data

Upgrading Your Payer Authentication Implementation
- Benefits
- PSD2 Impact
- Recommended Integration
- Migrating from EMV 3-D Secure 1.x to 2.x FAQ

Payer Authentication Transaction Details in the Smartpay Fuse Portal
- Payer Authentication Search
- Storing Payer Authentication Data
- Searching for Payer Authentication Details

Payer Authentication Reports
- Payer Authentication Summary Report
- Payer Authentication Detail Report

Glossary

Building the Iframe

The iframe has these parameters:

Form POST Action: The POST goes to the URL that is opened within an iframe. This URL is the value provided by the

consumerAuthenticationInformation.deviceDataCollectionUrl

response field discussed in Step 1: Setup Service.

JWT POST Parameter: Use the value from the

consumerAuthenticationInformation.accessToken

response field discussed in Step 1: Setup Service.