On This Page
REST API

Interpreting the Check Enrollment Response

The responses from running the check enrollment service can have several meanings depending upon the values returned. It is important to check the status values in the response. These possible statuses to the check enrollment response are the same for all card types.

PENDING_AUTHENTICATION

  • VERes enrolled =
    Y
  • PARes status =
    C
The account number is enrolled in payer authentication. The cardholder is challenged to authenticate. Authenticate the cardholder before authorizing the transaction.

AUTHENTICATION_SUCCESSFUL

Frictionless authentication was successful/Stepup authentication is not required
  • VERes enrolled =
    Y
  • PARes status =
    Y
The account is enrolled in payer authentication and the cardholder was successfully authenticated. If enrollment and authorization are made in separate calls, the payer authentication data must be included in the authorization request to receive liability shift protection.
Attempts Stand-in Frictionless Authentication
  • VERes enrolled =
    Y
  • PARes status =
    A
Indicates that the account is enrolled in paper authentication, but the issuer does not support the program. This is called stand-in authentication. If check enrollment and authorization are made in separate calls, the payer authentication data must be included in the authorization request to receive liability shift protection.
Card not enrolled
  • VERes enrolled=
    B
     or
    U
Indicates that the account is not eligible for a payer authentication program, authentication was bypassed, or an error or timeout occurred. If enrollment and authorization are made in separate calls, you can request authorization request but there is no liability shift protection.
Unavailable Frictionless Authentication
  • VERes enrolled =
    Y
  • PARes status =
    U
Indicates that the account is enrolled in payer authentication but authentication is currently unavailable. Merchant can attempt to retry authentication or proceed with authorization. If enrollment and authorization are made in separate calls, you can continue and request authorization but there is no liability shift protection. Without authentication of the customer, the merchant remains liable for any chargeback if it should occur with the transaction.

AUTHENTICATION_FAILED

Failed Frictionless Authentication
  • VERes enrolled =
    Y
  • PARes status =
    N
Indicates that the account is enrolled in payer authentication but frictionless authentication failed. Merchants cannot submit this transaction for authorization. Instead ask for another form of payment.
Rejected Frictionless Authentication
  • VERes enrolled =
    Y
  • PARes status =
    R
Indicates that the account is enrolled in payer authentication but frictionless authentication was rejected by the issuing bank without requiring a challenge. Merchants cannot submit this transaction for authorization. Instead ask for another form of payment.
When
an AUTHENTICATION_FAILED
 status occurs, the merchant should display a message from the card issuer to the cardholder using the
consumerAuthenticationInformation.cardholderMessage
 field. The text of the message is provided by the ACS/issuer during a frictionless or decoupled transaction to convey information to cardholder. An example message might be, “Additional authentication is needed for this transaction, contact (issuer name) at xxx-xxx-xxxx.” An example of the entry that would appear in the log for such an occurrence is: "cardholderInfo":"You're unable to complete this purchase right now. For help call CommBank on 13 2221"