Authentication with TMS Tokens
Setting Up Device Data Collection with a
TMS Token
Running the Setup service identifies the customer's bank and prepares for collecting data
about the device that the customer is using to place the order. In this scenario, a TMS
token is used instead of the card.
Card-Specific Requirements
Some payment cards require specific information to be collected during a
transaction.
- This field is required when the card type is Cartes Bancaires, JCB, UnionPay International, or Meeza.
Country-Specific Requirements
These fields are required for transactions in specific countries.
- consumerAuthenticationInformation. overrideCountryCode
- For Meeza transactions, this value must be set toEGif Egypt was not set as the country in merchant configuration during merchant onboarding.
- This field is required for transactions in the US and Canada.
- orderInformation.billTo.postalCode
- This field is required when theorderInformation.billTo.countryfield value isUSorCA.
- merchantInformation.merchantDescriptor. country
- For Meeza transactions, this value must be set toEGif Egypt was not set as the country in merchant configuration during merchant onboarding.
Endpoint
Production:
POST
https://api.smartpayfuse.barclaycard
/risk/v1/authentication-setupsTest:
POST
https://api.smartpayfuse-test.barclaycard
/risk/v1/authentication-setupsRequired Fields for Setting Up Data Collection When Using
a TMS Token
These fields are the minimum fields required when you request the Payer Authentication Setup
service. Other fields that can be used to collect additional information during a
transaction are listed in the optional fields section. Under certain circumstances,
a field that normally is optional might be required. The circumstance that makes an
optional field required is noted.
Required Fields
- paymentInformation.card.expirationMonth
- paymentInformation.card.expirationYear
- customer.customerId
REST Example: Setting Up Device Data Collection When Using a TMS Token
Checking Enrollment When Using a TMS Token
Running the Check Enrollment service identifies the customer's bank and collects data
about the device that the customer is using to place the order. This use case
demostrates this process while using a TMS token.
Card-Specific Requirements
Some payment cards require additional information to be collected during a
transaction.
- consumerAuthenticationInformation. defaultCard
- This field is recommended for Discover ProtectBuy.
- consumerAuthenticationInformation.mcc
- This field is required when the card type is Cartes Bancaires.
- consumerAuthenticationInformation. productCode
- This field is required for American Express SafeKey (US) when the product code isAIRfor an airline purchase.
- merchantInformation.merchantDescriptor. name
- This field is required for Visa Secure travel.
- orderInformation.shipTo.addess1
- This field is required only for American Express SafeKey (US).
- orderInformation.shipTo.address2
- This field is required only for American Express SafeKey (US.)
- orderInformation.shipTo.administrativeArea
- This field is required only for American Express SafeKey (US).
- orderInformation.shipTo.country
- This field is required only for American Express SafeKey (US).
- orderInformation.shipTo.postalCode
- This field is required for American Express SafeKey (US).
- paymentInformation.card.type
- This field is required when the card type is Cartes Bancaires, JCB, UnionPay International, or Meeza.
Country-Specific Requirements
These fields are required for transactions in specific countries.
- consumerAuthenticationInformation. merchantScore
- This field is required for transactions processed in France.
- consumerAuthenticationInformation. overrideCountryCode
- For Meeza transactions, this value must be set toEGwhen Egypt is not set as the country in the merchant configuration during merchant onboarding.
- merchantInformation.merchantDescriptor. country
- For Meeza transactions, this value must be set toEGwhen Egypt is not set as the country in the merchant configuration during merchant onboarding.
- orderInformation.billTo.administrativeArea
- This field is required for transactions in the US and Canada.
- orderinformation.billTo.locality
- This field is required for transactions in the US and Canada.
- orderInformation.billTo.postalCode
- This field is required when theorderInformation.billTo.countryfield value isUSorCA.
- orderInformation.shipTo.administrativeArea
- This field is required when theorderInformation.shipTo.countryfield value isCAorUS.
- orderInformation.shipTo.postalCode
- This field is required when theorderInformation.shipTo.countryfield value isUSorCA.
Endpoint
Production:
POST
https://api.smartpayfuse.barclaycard
/risk/v1/authenticationsTest:
POST
https://api.smartpayfuse-test.barclaycard
/risk/v1/authenticationsRequired Fields for Checking Enrollment in Payer
Authentication While Using a TMS Token
These fields are the minimum fields required for verifying that a customer is
enrolled in a payer authentication program. It doesn't matter if the enrollment
check is frictionless or results in a challenge, the same fields are required in the
request. The fields in the response will differ.
Required Fields
- consumerAuthenticationInformation.deviceChannel
- consumerAuthenticationInformation.referenceId
- paymentInformation.customer.customerId
- deviceInformation.httpAcceptBrowserValue
- deviceInformation.httpAcceptContent
- deviceInformation.httpBrowserColorDepth
- deviceInformation.httpBrowserJavaEnabled
- deviceInformation.httpBrowserJavaScript Enabled
- deviceInformation.httpBrowserLanguage
- deviceInformation.httpBrowserScreenHeight
- *deviceInformation.httpBrowserScreenWidth
- deviceInformation.httpBrowserTimeDif ference
- deviceInformation.ipAddress
- deviceInformation.userAgentBrowserValu
- When the customer’s browser provides this value, you must include that value in your request.
- orderInformation.amountDetails.currency
- orderInformation.amountDetails.totalAmount
- This field is required when theorderInformation.lineItems.unitPricefield is not used.
- orderInformation.billTo.address1
- orderInformation.billTo.address2
- orderInformation.billTo.administrativeArea
- This field is required for the US and Canada.
- orderInformation.billTo.country
- This field is required for the US and Canada.
- orderInformation.billTo.email
- orderInformation.billTo.firstName
- orderInformation.billTo.lastName
- orderinformation.billTo.locality
- orderInformation.billTo.phoneNumber
- orderInformation.billTo.postalCode
- paymentInformation.card.expirationYear
- paymentInformation.card.expirationMonth
- paymentInformation.card.type
REST Example: Checking Enrollment When Using a TMS Token (Frictionless)
REST Example: Checking Enrollment When Using a TMS Token (Challenge)
Validating a Challenge When Using a TMS Token
Running the Validation service compares the customer's response to the challenge from the issuing bank to
validate the customer identity.
Card-Specific Requirements
Some payment cards require additional information to be collected during a
transaction.
- consumerAuthenticationInformation. defaultCard
- This field is recommended for Discover ProtectBuy.
- consumerAuthenticationInformation.mcc
- This field is required when the card type is Cartes Bancaires.
- consumerAuthenticationInformation. productCode
- This field is required for American Express SafeKey (US) when the product code isAIRfor an airlinepurchase).
- merchantInformation.merchantDescriptor. name
- This field is required for Visa Secure travel.
- rderInformation.shipTo.addess1
- This field is required only for American Express SafeKey (US).
- orderInformation.shipTo.address2
- This field is required only for American Express SafeKey (US)
Country-Specific Requirements
These fields are required for transactions in specific countries.
- consumerAuthenticationInformation. merchantScore
- This field is required for transactions processed in France.
- orderInformation.billTo.administrativeArea
- This field is required for transactions in the US and Canada.
- orderinformation.billTo.locality
- This field is required for transactions in the US and Canada.
- orderInformation.billTo.postalCode
- This field is required when theorderInformation.billTo.countryfield value isUSorCA.
Endpoint
Production:
POST
https://api.smartpayfuse.barclaycard
/risk/v1/authentication-resultsTest:
POST
https://api.smartpayfuse-test.barclaycard
/risk/v1/authentication-resultsRequired Fields for Validating a Challenge When Using a
TMS Token
These fields are the minimum fields required when you request the Payer Authentication Validation
service. Other fields that can be used to collect additional information during a
transaction are listed in the optional fields section. Under certain circumstances,
a field that normally is optional might be required. The circumstance that makes an
optional field required is noted.
Required Fields
- consumerAuthenticationInformation.authenticationTransactionId
REST Example: Validating a Challenge When Using a TMS Token
Request
123456789{"paymentInformation": { "card": { "expirationMonth": "05", "expirationYear": "2029" }, "customer": { "customerId": "1108590036500854" } }}
Response to a Successful Request
12345678910111213{"clientReferenceInformation": { "code": "cybs_test" }, "consumerAuthenticationInformation": { "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.ey JqdGkiOiIxZmQ5ZWIyNi1jOTY1LTRkZmEtYTM5Yy1hZDExMGU2NjQ3ZmMiLCJpYXQi OjE3MjUzNDcwNDksImlzcyI6IjVkZDgzYmYwMGU0MjNkMTQ5OGRjYmFjYSIsImV4 cCI6MTcyNTM1MDY0OSwiT3JnVW5pdElkIjoiNjY0MWRiMGZmOTRmNzI3ZjU0Y2RlO TQ2IiwiUmVmZXJlbmNlSWQiOiIzZGM2ZDhmZS1lM2I1LTQyMTItYWY5MC1jNDcxYj czMTYwMjAifQ.90_yhusiQL9Yq10221zB04vZAKaiGnQ2ryvakeyuk1k", "deviceDataCollectionUrl": "https://centinelapistag.cardinalcommerce.com/V1/Cruise/Collect", "referenceId": "3dc6d8fe-e3b5-4212-af90-c471b7316020", "token": "AxizbwSTiTYf1D7m/jQkAG8BT34jOu4gAhLwyaSZejF9z2oA8AAA0gbV" }, "id": "7253470490136808404004", "status": "COMPLETED", "submitTimeUtc": "2024-09-03T07:04:09Z" }
Request
1234567891011121314151617181920212223242526272829303132333435363738394041424344{"orderInformation": { "amountDetails": { "currency": "USD", "totalAmount": "10.99" }, "billTo": { "address1": "1 Market St", "address2": "Address 2", "administrativeArea": "CA", "country": "US", "locality": "san francisco", "firstName": "John", "lastName": "Doe", "phoneNumber": "4158880000", "email": "test@cybs.com", "postalCode": "94105" } }, "paymentInformation": { "card": { "expirationMonth": "05", "expirationYear": "2029" }, "customer": { "customerId": "1108590036500854" } }, "deviceInformation": { "httpAcceptBrowserValue": "data", "httpAcceptContent": "pa_http_user_accept_value", "httpBrowserLanguage": "en_us", "httpBrowserJavaEnabled": false, "httpBrowserJavaScriptEnabled": false, "httpBrowserColorDepth": "24", "httpBrowserScreenHeight": "864", "httpBrowserScreenWidth": "1536", "httpBrowserTimeDifference": "300", "userAgentBrowserValue": "123" }, "consumerAuthenticationInformation": { "deviceChannel": "Browser", "referenceId": "CybsCruiseTester-6259e7e2" }}
Response to a Successful Request
123456789101112131415161718192021222324252627282930313233{"clientReferenceInformation": { "code": "cybs_test" }, "consumerAuthenticationInformation": { "eciRaw": "05", "authenticationTransactionId": "e2elnNP8zJ2J67lKcaX0", "strongAuthentication": { "OutageExemptionIndicator": "0" }, "eci": "05", "token": "AxjzbwSTiTYllZBAC15FAG8BT34jOzxHSBcS0JeGTSTL0Yvue1AHgAAAyxUk", "cavv": "AJkBBkhgQQAAAE4gSEJydQAAAAA=", "paresStatus": "Y", "acsReferenceNumber": "Cardinal ACS", "xid": "AJkBBkhgQQAAAE4gSEJydQAAAAA=", "directoryServerTransactionId": "3859eace-2a42-4bd7-9252-8507f02d5edd", "veresEnrolled": "Y", "threeDSServerTransactionId": "932a3c41-880d-4791-a98f-c6beaef90b23", "acsOperatorID": "MerchantACS", "ecommerceIndicator": "vbv", "specificationVersion": "2.1.0", "acsTransactionId": "54ef7fd4-e93d-42de-82ba-ad91dd21c94c" }, "id": "7253472110066822504005", "paymentInformation": { "card": { "bin": "400009", "type": "VISA" } }, "status": "AUTHENTICATION_SUCCESSFUL", "submitTimeUtc": "2024-09-03T07:06:51Z" }
Request
12345678910111213141516171819202122232425262728293031323334353637383940414243{"orderInformation": { "amountDetails": { "currency": "USD", "totalAmount": "10.99" }, "billTo": { "address1": "1 Market St", "address2": "Address 2", "administrativeArea": "CA", "country": "US", "locality": "san francisco", "firstName": "John", "lastName": "Doe", "phoneNumber": "4158880000", "email": "test@cybs.com", "postalCode": "94105" } }, "paymentInformation": { "card": { "expirationMonth": "05", "expirationYear": "2029" }, "customer": { "customerId": "1743178272940847" } }, "deviceInformation": { "httpAcceptBrowserValue": "data", "httpAcceptContent": "pa_http_user_accept_value", "httpBrowserLanguage": "en_us", "httpBrowserJavaEnabled": false, "httpBrowserJavaScriptEnabled": false, "httpBrowserColorDepth": "24", "httpBrowserScreenHeight": "864", "httpBrowserScreenWidth": "1536", "httpBrowserTimeDifference": "300", "userAgentBrowserValue": "123" }, "consumerAuthenticationInformation": { "deviceChannel": "Browser", "referenceId": "CybsCruiseTester-388d1758" }}
Response to a Successful Request
123456789101112131415161718192021222324252627282930313233{"clientReferenceInformation": { "code": "cybs_test" }, "consumerAuthenticationInformation": { "eciRaw": "05", "authenticationTransactionId": "e2elnNP8zJ2J67lKcaX0", "strongAuthentication": { "OutageExemptionIndicator": "0" }, "eci": "05", "token": "AxjzbwSTiTYllZBAC15FAG8BT34jOzxHSBcS0JeGTSTL0Yvue1AHgAAAyxUk", "cavv": "AJkBBkhgQQAAAE4gSEJydQAAAAA=", "paresStatus": "Y", "acsReferenceNumber": "Cardinal ACS", "xid": "AJkBBkhgQQAAAE4gSEJydQAAAAA=", "directoryServerTransactionId": "3859eace-2a42-4bd7-9252-8507f02d5edd", "veresEnrolled": "Y", "threeDSServerTransactionId": "932a3c41-880d-4791-a98f-c6beaef90b23", "acsOperatorID": "MerchantACS", "ecommerceIndicator": "vbv", "specificationVersion": "2.1.0", "acsTransactionId": "54ef7fd4-e93d-42de-82ba-ad91dd21c94c" }, "id": "7253472110066822504005", "paymentInformation": { "card": { "bin": "400009", "type": "VISA" } }, "status": "AUTHENTICATION_SUCCESSFUL", "submitTimeUtc": "2024-09-03T07:06:51Z" }
Request
12345678910{"clientReferenceInformation": { "code": "pavalidatecheck", "partner": { "developerId": "7891234", "solutionId": "89012345" } }, "consumerAuthenticationInformation": { "authenticationTransactionId": "z7BruZ1qn416WGknmAX0" }}
Response to a Successful Request
1234567891011121314151617181920212223242526272829303132333435{"clientReferenceInformation": { "code": "pavalidatecheck", "partner": { "developerId": "7891234", "solutionId": "89012345" } }, "consumerAuthenticationInformation": { "indicator": "vbv", "eciRaw": "05", "authenticationResult": "0", "strongAuthentication": { "OutageExemptionIndicator": "0" }, "authenticationStatusMsg": "Success", "eci": "05", "token": "AxijLwSTiTcQGTMcD52lAG9PfiNA2ogCEvDJpJl6MX3PagAAmh21", "cavv": "AAIBBYNoEwAAACcKhAJkdQAAAAA=", "paresStatus": "Y", "xid": "AAIBBYNoEwAAACcKhAJkdQAAAAA=", "directoryServerTransactionId": "2f44602b-ce95-4a7e-9ad1-920e7ace0676", "threeDSServerTransactionId": "4e50f586-b15c-4c03-a186-eafb40d50b80", "specificationVersion": "2.1.0", "acsTransactionId": "3888e153-6b97-4f43-afee-60527c2e0b91" }, "id": "7253538119946872004005", "paymentInformation": { "card": { "bin": "400009", "type": "VISA" } }, "status": "AUTHENTICATION_SUCCESSFUL", "submitTimeUtc": "2024-09-03T08:56:52Z" }