Use Case: Checking Enrollment in Payer Authentication

Running the Check Enrollment service identifies the customer's bank and collects data about the device that the customer is using to place the order.

Card-Specific Requirements

Some payment cards require information to be collected during a transaction.
Recommended for Discover ProtectBuy.
Required when the card type is Cartes Bancaires.
Required for American Express SafeKey (U.S.) when the product code is Airlinepurchase (AIR).
Required for Visa Secure travel.
Required only for American Express SafeKey (US).
Required only for American Express SafeKey (US.)
Required only for American Express SafeKey (US).
Required only for American Express SafeKey (US).
Required for American Express SafeKey (US).
Required when the card type is Cartes Bancaires, JCB, UPI, or Meeza.

Country-Specific Requirements

These fields are required for transactions in specific countries.
Required for transactions processed in France.
For Meeza transactions, this value must be set to Egypt if Egypt was not set as the country in merchant configuration during merchant onboarding.
For Meeza transactions, this value must be set to Egypt if Egypt was not set as the country in merchant configuration during merchant onboarding.
Required for transactions in US, Canada, and Mainland China.
Required for transactions in US, Canada, and Mainland China.
Required when the
orderInformation.billTo.country
 field value is
US
 or
CA
.
Required when the
orderInformation.shipTo.country
 field value is
CA
,
US
, or
China
.
Required when the
orderInformation.shipTo.country
 field value is
US
 or
CA
.

Processor-Specific Requirements

These fields are required by specific processors for transactions.
Required only for merchants in Saudi Arabia.

Endpoint

Production:
POST
https://api.cybersource.com
/risk/v1/authentications
Test:
POST
https://apitest.cybersource.com
/risk/v1/authentications

Required Fields for Checking Enrollment in Payer Authentication

These fields are the minimum fields required for verifying that a customer is enrolled in a payer authentation program. Under certain circumstances, a field that normally is optional might be required. The circumstance that makes an optional field required is noted.
For Meeza transactions, this value must be set to Egypt if Egypt was not set as the country in merchant configuration during merchant onboarding.
For Meeza transactions, this value must be set to Egypt if Egypt was not set as the country in merchant configuration during merchant onboarding.
Required when the
orderInformation.lineItems.unitPrice
field is not used.
Required for US, Canada, and Mainland China.
Required for US, Canada, and Mainland China. For Mainland China, use the ISO 3166-2 format.
Required when
paymentInformation.card.number
is included.
Required when
paymentInformation.card.number
is included.

Optional Fields for Checking Enrollment in Payer Authentication

These fields are usually optional when verifying enrollment for a Payer Authentication transaction. In certain circumstances, the information provided by an optional field might be required before a transaction can proceed. Those optional fields that are sometimes required are also listed as required fields with the circumstance described.
IMPORTANT
The fields that are marked with a single asterisk (*) in front are browser-related fields. The information collected by these browser-related fields, while not required, is highly recommended for all EMV 3-D Secure transactions.
IMPORTANT
The fields that are marked with a double asterisk (**) at the end will be required as part of the EMV 3-D Secure 2.x minimum data requirements for Visa Secure. These conditionally optional fields will be removed from the optional fields list and moved to the required list on August 12, 2024.
Required (when available) unless market or regional mandate restricts sending this information.
Required (when available) unless market or regional mandate restricts sending this information.
WARNING
Modifying this field could affect liability shifts down the payment chain. Unless you are very familiar with the various types of authentication, do not change the default settings before consulting with customer support.
Recommended for Discover ProtectBuy.
Recommended for Discover ProtectBuy.
Recommended for Discover ProtectBuy.
When the customer’s browser provides a value, you must include that value in your request.
Required (when available) unless market or regional mandate restricts sending this information.
Strongly recommended.
Strongly recommended.
When this field is empty, the current date is used.
riskInformation.buyerHistory.transaction CountDay
Recommended for Discover ProtectBuy. Contact customer support for more information about this field.
riskInformation.buyerHistory.transaction CountYear
Recommended for Discover ProtectBuy. Contact customer support for more information about this field.
riskInformation.buyerHistory.accountPur chases
Contact customer support for more information about this field.
riskInformation.buyerHistory.addCard Attempts
Recommended for Discover ProtectBuy. Contact customer support for more information about this field.
riskInformation.buyerHistory.customer Account.createDate
Recommended for Discover ProtectBuy. Contact customer support for more information about this field.
riskInformation.buyerHistory.customerAc count.lastChangeDate
Recommended for Discover ProtectBuy. Contact customer support for more information about this field.
riskInformation.buyerHistory.customerAc count.passwordChangeDate
Recommended for Discover ProtectBuy. Contact customer support for more information about this field.
riskInformation.buyerHistory.customerAc count.shipAddressUsageDate
Contact customer support for more information about this field.
riskInformation.buyerHistory.paymentAc countDate
Contact customer support for more information about this field.
riskInformation.buyerHistory.priorSuspic iousActivity
Contact customer support for more information about this field.
riskInformation.buyerHistory.transaction CountDay
Contact customer support for more information about this field.
riskInformation.buyerHistory.transaction CountYear
Contact customer support for more information about this field.

REST Example: Check Enrollment

Request 
        
{
    "orderInformation": {
        "amountDetails": {
            "currency": "USD",
            "totalAmount": "100"
        },
        "billTo": {
            "address1": "901 metro center blvd",
            "address2": "metro 3",
            "administrativeArea": "CA",
            "country": "US",
            "locality": "san francisco",
            "firstName": "John",
            "lastName": "Doe",
            "phoneNumber": "18007097779",
            "postalCode": "94404",
            "email": "email@email.com"
        }
    },
    "paymentInformation": {
        "card": {
            "number": "4XXXXXXXXXXXXXXX",
            "expirationMonth": "08",
            "expirationYear": 2026
        }
    },
      "consumerAuthenticationInformation": {
        "referenceId": "c44224db-0dda-40aa-9536-ac1595fd2e8d",
        "transactionMode": "S",
        "returnUrl": "https://wv730hw7033250:3002/restapi/cardinalDirect/StepUp/Response"
    }
}
Response 
        
{
    "consumerAuthenticationInformation": {
        "acsUrl": "https://0merchantacsstag.cardinalcommerce.com/MerchantACSWeb/creq.jsp",
        "challengeRequired": "N",
        "stepUpUrl": "https://centinelapistag.cardinalcommerce.com/V2/Cruise/StepUp",
        "authenticationTransactionId": "1xRSpLPEoTNsinp8XUK0",
        "pareq": "eyJtZXNzYWdlVHlwZSI6IkNSZXEiLCJtZXNzYWdlVmVyc2lvbiI6IjIuMS4wIiwidGhyZWVEU1NlcnZlclRyYW5zSUQiO
        iI4NGU2YzIzYi1lNjIxLTQ2NGUtYWFlYy0xOGNkZDE1YTBlZWMiLCJhY3NUcmFuc0lEIjoiZWU3NDVlM2MtYzI2Ny00YzM0LT
        kzMTEtMGI3NTYwYzJkNjhmIiwiY2hhbGxlbmdlV2luZG93U2l6ZSI6IjAyIn0",
        "directoryServerTransactionId": "4d19781a-49d7-4c90-a145-72b8107fed8f",
        "veresEnrolled": "Y",
        "threeDSServerTransactionId": "84e6c23b-e621-464e-aaec-18cdd15a0eec",
        "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIyN2I1MjcyYS00OWFiLTQ5YjQtYTljYy1mMTBhYjcx
        MGMyYjciLCJpYXQiOjE2MzAwOTkxNjMsImlzcyI6IjVkZDgzYmYwMGU0MjNkMTQ5OGRjYmFjYSIsImV4cCI6MTYzMDEw
        Mjc2MywiT3JnVW5pdElkIjoiNTk1YWRhYjAzM2ZhZGQyYzUwZTg5NDYxIiwiUGF5bG9hZCI6eyJBQ1NVcmwiOiJodHRwcz
        ovLzBtZXJjaGFudGFjc3N0YWcuY2FyZGluYWxjb21tZXJjZS5jb20vTWVyY2hhbnRBQ1NXZWIvY3JlcS5qc3AiLCJQYXlsb2FkIjo
        iZXlKdFpYTnpZV2RsVkhsd1pTSTZJa05TWlhFaUxDSnRaWE56WVdkbFZtVnljMmx2YmlJNklqSXVNUzR3SWl3aWRHaHlaV1
        ZFVTFObGNuWmxjbFJ5WVc1elNVUWlPaUk0TkdVMll6SXpZaTFsTmpJeExUUTJOR1V0WVdGbFl5MHhPR05rWkRFMVlU
        QmxaV01pTENKaFkzTlVjbUZ1YzBsRUlqb2laV1UzTkRWbE0yTXRZekkyTnkwMF6TTBMVGt6TVRFdE1HSTNOVFl3WXpKa0
        5qaG1JaXdpWTJoaGJHeGxibWRsVjJsdVpHOTNVMmw2WlNJNklqQXlJbjAiLCJUcmFuc2FjdGlvbklkIjoiMXhSU3BMUEVvV
        E5zaW5wOFhVSzAifSwiT2JqZWN0aWZ5UGF5bG9hZCI6dHJ1ZSwiUmV0dXJuVXJsIjoiaHR0cHM6Ly93djczMGh3NzAzMzI
        1MDozMDAyL3Jlc3RhcGkvY2FyZGluYWxEaXJlY3QvU3RlcFVwL1Jlc3BvbnNlIn0.ixbdhFoB8M_BWI2sAIIQUjWtIOMzIwRI
        mrg5iu7AyNE",
        "specificationVersion": "2.1.0",
        "token": "AxjzbwSTVZPTJPD7ixR8ADUBURxP1CnnpA6cQE1129JMvRiuHCKArAAAx/+g",
        "acsTransactionId": "ee745e3c-c267-4c34-9311-0b7560c2d68f"
    },
    "errorInformation": {
        "reason": "CONSUMER_AUTHENTICATION_REQUIRED",
        "message": "The cardholder is enrolled in Payer Authentication. Please authenticate the cardholder 
            before continuing with the transaction."
    },
    "id": "6300991627296049403004",
    "paymentInformation": {
        "card": {
            "bin": "4XXXXXXX",
            "type": "VISA"
        }
    },
    "status": "PENDING_AUTHENTICATION",
    "submitTimeUtc": "2022-08-27T21:19:23Z"
}