Checking Enrollment in Payer Authentication

Running the Check Enrollment service identifies the customer's bank and collects data about the device that the customer is using to place the order.

Card-Specific Requirements

Some payment cards require information to be collected during a transaction.

consumerAuthenticationInformation. defaultCard: This field is recommended for Discover ProtectBuy.
consumerAuthenticationInformation.mcc: This field is required when the card type is Cartes Bancaires.
consumerAuthenticationInformation. productCode: This field is required for American Express SafeKey (U.S.) when the product code is
AIR
for an airline purchase.
merchantInformation.merchantDescriptor. name: This field is required for Visa Secure travel.
orderInformation.shipTo.addess1: This field is required only for American Express SafeKey (US).

orderInformation.shipTo.address2: This field is required only for American Express SafeKey (US.)
orderInformation.shipTo.administrativeArea: This field is required only for American Express SafeKey (US).
orderInformation.shipTo.country: This field is required only for American Express SafeKey (US).
orderInformation.shipTo.postalCode: This field is required for American Express SafeKey (US).

paymentInformation.card.type: This field is required when the card type is Cartes Bancaires, JCB, UnionPay International, or Meeza.

Country-Specific Requirements

These fields are required for transactions in specific countries.

consumerAuthenticationInformation. merchantScore: This field is required for transactions processed in France.
consumerAuthenticationInformation. overrideCountryCode: For Meeza transactions, this value must be set to
EG
when Egypt is not set as the country in the merchant configuration during merchant onboarding.
merchantInformation.merchantDescriptor. country: For Meeza transactions, this value must be set to
EG
when Egypt is not set as the country in the merchant configuration during merchant onboarding.
orderInformation.billTo.administrativeArea: This field is required for transactions in the US and Canada.
orderinformation.billTo.locality: This field is required for transactions in the US and Canada.
orderInformation.billTo.postalCode: This field is required when the
orderInformation.billTo.country
field value is
US
or
CA
.

orderInformation.shipTo.administrativeArea: This field is required when the
orderInformation.shipTo.country
field value is
CA
,
US
, or
China
.

orderInformation.shipTo.postalCode: This field is required when the
orderInformation.shipTo.country
field value is
US
or
CA
.

Processor-Specific Requirements

These fields are required by specific processors for transactions.

processingInformation.authorizationOptions. transactionMode: This field is required only for merchants in Saudi Arabia.

Endpoint

Production:

POST https://api.cybersource.com/risk/v1/authentications

Test:

POST https://apitest.cybersource.com/risk/v1/authentications

Required Fields for Checking Enrollment in Payer Authentication

These fields are the minimum fields required for verifying that a customer is enrolled in a payer authentation program. Under certain circumstances, a field that normally is optional might be required. The circumstance that makes an optional field required is noted.

Required Fields

buyerInformation.mobilePhone: This field is required (when available) if
buyerInformation.workPhone
or
buyerInformation.phoneNumber
is not used, unless market or regional mandate restricts sending this information.
buyerInformation.workPhone: This field is required (when available) if
buyerInformation.phoneNumber
or
buyerInformation.mobilePhone
is not used, unless market or regional mandate restricts sending this information.
buyerInformation.phoneNumber: This field is required (when available)if
buyerInformation.workPhone
or
buyerInformation.mobilePhone
is not used, unless market or regional mandate restricts sending this information.
consumerAuthenticationInformation.device Channel: This field is required for SDK integration. When you use the SDK integration, this field is dynamically set to
SDK
. When you use the JavaScript code, this field is dynamically set to
Browser
. For merchant-initiated or 3RI transactions, you must set the field to
3RI
. When you use this field in addition to JavaScript code, you must set the field to
Browser
.
consumerAuthenticationInformation. messageCategory: For non-payment authentication, set to a value of
02
.
consumerAuthenticationInformation.referenceId
consumerAuthenticationInformation.returnUrl
consumerAuthenticationInformation. overrideCountryCode: For Meeza transactions, this value must be set to
EG
when Egypt is not set as the country in the merchant configuration during merchant onboarding.
deviceInformation.httpAcceptBrowserValue
deviceInformation.httpAcceptContent
deviceInformation.httpBrowserColorDepth
deviceInformation.httpBrowserJavaEnabled
deviceInformation.httpBrowserJavaScript Enabled
deviceInformation.httpBrowserLanguage
deviceInformation.httpBrowserScreenHeight
deviceInformation.httpBrowserScreenWidth
deviceInformation.httpBrowserTimeDif ference
deviceInformation.ipAddress
deviceInformation.userAgentBrowserValue: When the customer’s browser provides this value, you must include that value in your request.
merchantInformation.merchantDescriptor. country: For Meeza transactions, this value must be set to
EG
when Egypt is not set as the country in the merchant configuration during merchant onboarding.
orderInformation.amountDetails.currency
orderInformation.amountDetails.totalAmount: This field is required when the
orderInformation.lineItems.unitPrice
field is not used.
orderInformation.billTo.address1
orderInformation.billTo.administrativeArea: This field is required for transactions in the US and Canada.
paymentInformation.card.expirationYear: This field is required when the
paymentInformation.card.number
field is included.
paymentInformation.card.expirationMonth: This field is required when the
paymentInformation.card.number
field is included.
paymentInformation.card.type
paymentInformation.card.number

Checking Enrollment in Payer Authentication

Optional Fields for Checking Enrollment in Payer Authentication

These fields are usually optional when you verify enrollment for a Payer Authentication transaction. In certain circumstances, the information provided by an optional field might be required before a transaction can proceed. Those optional fields that are sometimes required are also listed as required fields with the circumstance described.

acquirerInformation.bin
acquirerInformation.country
acquirerInformation.merchantId
clientReferenceInformation.code
consumerAuthenticationInformation.acsWindowSize
consumerAuthenticationInformation.alter nateAuthenticationData
consumerAuthenticationInformation.alter nateAuthenticationDate
consumerAuthenticationInformation.alternateAuthenticationMethod
consumerAuthenticationInformation. authenticationBrand: This field is only used with mada cards.
consumerAuthenticationInformation.auth enticationTransactionId
consumerAuthenticationInformation. authorizationPayload
consumerAuthenticationInformation.chal lengeCode: WARNING

Modifying this field could affect liability shifts down the payment chain. Unless you are very familiar with the various types of authentication, do not change the default settings before consulting with customer support.
consumerAuthenticationInformation.creden tialEncrypted
consumerAuthenticationInformation.cus tomerCardAlias
consumerAuthenticationInformation.sdkMax Timeout
consumerAuthenticationInformation.decoup ledAuthenticationIndicator
consumerAuthenticationInformation.decoup ledAuthenticationMaxTime
consumerAuthenticationInformation.default Card: This field is recommended for Discover ProtectBuy.
consumerAuthenticationInformation.market ingOptIn: This field is recommended for Discover ProtectBuy.
consumerAuthenticationInformation.market ingSource: This field is recommended for Discover ProtectBuy.
consumerAuthenticationInformation.mcc
consumerAuthenticationInformation.merch antFraudRate
consumerAuthenticationInformation.merch antScore
consumerAuthenticationInformation.mess ageCategory
consumerAuthenticationInformation.otpTo ken
consumerAuthenticationInformation.over rideCountryCode
consumerAuthenticationInformation.over ridePaymentMethod
consumerAuthenticationInformation.prior AuthenticationData
consumerAuthenticationInformation.prior AuthenticationMethod
consumerAuthenticationInformation.prior AuthenticationReferenceId
consumerAuthenticationInformation.prior AuthenticationTime
consumerAuthenticationInformation.prod uctCode
consumerAuthenticationInformation.reque storName
consumerAuthenticationInformation.request orInitiatedAuthenticationIndicator
consumerAuthenticationInformation.returnURL
consumerAuthenticationInformation.score Request
consumerAuthenticationInformation.sdkMax Timeout
consumerAuthenticationInformation.strong Authentication.authenticationIndicator
consumerAuthenticationInformation.strong Authentication.secureCorporate PaymentIndicator
consumerAuthenticationInformation.strong Authentication.transactionMode
consumerAuthenticationInformation.whiteListStatus
merchantInformation.merchantDescriptor. name
merchantInformation.merchantDescriptor.url
orderInformation.amountDetails.currency
orderInformation.billTo.address2
orderInformation.billTo.country: This field is required for US and Canada.
orderInformation.billTo.email
orderInformation.billTo.firstName
orderInformation.billTo.lastName
orderinformation.billTo.locality
orderInformation.billTo.postalCode
orderInformation.lineItems.passenger.first Name
orderInformation.lineItems.passenger.last Name
orderInformation.lineItems.product Description
orderInformation.lineItems.productName
orderInformation.lineItems.productSku
orderInformation.lineItems.quantity
orderInformation.lineItems.shippingAddress1
orderInformation.lineItems.shippingAddress2
orderInformation.lineItems.shippingCity
orderInformation.lineItems.shippingCountry Code
orderInformation.lineItems.shippingDestina tionTypes
orderInformation.lineItems.shippingLast Name
orderInformation.lineItems.shippingMiddle Name
orderInformation.lineItems.shippingPhone
orderInformation.lineItems.shippingPostal Code
orderInformation.lineItems.shippingState
orderInformation.lineItems.unitPrice
orderInformation.lineItems[].quantity
orderInformation.lineItems[].totalAmount
orderInformation.lineItems.shippingDestina tionTypes
orderInformation.reordered
orderInformation.shippingDetails.shippingMethod
orderInformation.shipTo.addess1
orderInformation.shipTo.address2
orderInformation.shipTo.address3
orderInformation.shipTo.administrativeArea
orderInformation.shipTo.country
orderInformation.shipTo.destinationCode
orderInformation.shipTo.email
orderInformation.shipTo.firstName
orderInformation.shipTo.lastName
orderInformation.shipTo.middleName
orderInformation.shipTo.locality
orderInformation.shipTo.phoneNumber
orderInformation.shipTo.postalCode
orderInformation.totalOffersCount
paymentInformation.card.number
paymentInformation.card.type: This field is strongly recommended.
paymentInformation.card.securityCode
paymentInformation.fluidData.value
paymentInformation.tokenizedCard. cryptogram: This field is strongly recommended.
paymentInformation.tokenizedcard.expirationMonth
paymentInformation.tokenizedCard.expirationYear
paymentInformation.tokenizedcard.number
paymentInformation.tokenizedCard.transactionType
paymentInformation.tokenizedCard.type
recurringPaymentsInformation.original PurchaseDate: When this field is empty, the current date is used.
riskInformation.buyerHistory.transaction CountDay: This field is recommended for Discover ProtectBuy. Contact customer support for more information about this field.
riskInformation.buyerHistory.transaction CountYear: This field is recommended for Discover ProtectBuy. Contact customer support for more information about this field.
riskInformation.buyerHistory.accountPur chases: Contact customer support for more information about this field.
riskInformation.buyerHistory.addCard Attempts: This field is recommended for Discover ProtectBuy. Contact customer support for more information about this field.
riskInformation.buyerHistory.customer Account.createDate: This field is recommended for Discover ProtectBuy. Contact customer support for more information about this field.
riskInformation.buyerHistory.customerAc count.lastChangeDate: This field is recommended for Discover ProtectBuy. Contact customer support for more information about this field.
riskInformation.buyerHistory.customerAc count.passwordChangeDate: This field is recommended for Discover ProtectBuy. Contact customer support for more information about this field.
riskInformation.buyerHistory.customerAc count.shipAddressUsageDate: Contact customer support for more information about this field.
riskInformation.buyerHistory.paymentAc countDate: Contact customer support for more information about this field.
riskInformation.buyerHistory.priorSuspic iousActivity: Contact customer support for more information about this field.
riskInformation.buyerHistory.transaction CountDay: Contact customer support for more information about this field.
riskInformation.buyerHistory.transaction CountYear: Contact customer support for more information about this field.
travelInformation.legs.carrierCode
travelInformation.legs.departureDate
travelInformation.legs.origination
travelInformation.numberOfPassengers
travelInformation.passengers.firstName
travelInformation.passengers.lastName

Checking Enrollment in Payer Authentication

REST Example: Checking Enrollment

Request

{
    "orderInformation": {
        "amountDetails": {
            "currency": "USD",
            "totalAmount": "100"
        },
        "billTo": {
            "address1": "901 metro center blvd",
            "address2": "metro 3",
            "administrativeArea": "CA",
            "country": "US",
            "locality": "san francisco",
            "firstName": "John",
            "lastName": "Doe",
            "phoneNumber": "18007097779",
            "postalCode": "94404",
            "email": "email@email.com"
        }
    },
    "paymentInformation": {
        "card": {
            "number": "4XXXXXXXXXXXXXXX",
            "expirationMonth": "08",
            "expirationYear": 2026
        }
    },
      "consumerAuthenticationInformation": {
        "referenceId": "c44224db-0dda-40aa-9536-ac1595fd2e8d",
        "transactionMode": "S",
        "returnUrl": "https://wv730hw7033250:3002/restapi/cardinalDirect/StepUp/Response"
    }
}

Response to a Successful Request

{
    "clientReferenceInformation": {
      "code": "1675295420285"
    },
    "consumerAuthenticationInformation": {
        "acsUrl": "https://0merchantacsstag.cardinalcommerce.com/MerchantACSWeb/creq.jsp",
        "challengeRequired": "N",
        "stepUpUrl": "https://centinelapistag.cardinalcommerce.com/V2/Cruise/StepUp",
        "authenticationTransactionId": "1xRSpLPEoTNsinp8XUK0",
        "pareq": "eyJtZXNzYWdlVHlwZSI6IkNSZXEiLCJtZXNzYWdlVmVyc2lvbiI6IjIuMS4wIiwidGhyZWVEU1NlcnZlclRyYW5zSUQiO
        iI4NGU2YzIzYi1lNjIxLTQ2NGUtYWFlYy0xOGNkZDE1YTBlZWMiLCJhY3NUcmFuc0lEIjoiZWU3NDVlM2MtYzI2Ny00YzM0LT
        kzMTEtMGI3NTYwYzJkNjhmIiwiY2hhbGxlbmdlV2luZG93U2l6ZSI6IjAyIn0",
        "directoryServerTransactionId": "4d19781a-49d7-4c90-a145-72b8107fed8f",
        "veresEnrolled": "Y",
        "threeDSServerTransactionId": "84e6c23b-e621-464e-aaec-18cdd15a0eec",
        "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIyN2I1MjcyYS00OWFiLTQ5YjQtYTljYy1mMTBhYjcx
        MGMyYjciLCJpYXQiOjE2MzAwOTkxNjMsImlzcyI6IjVkZDgzYmYwMGU0MjNkMTQ5OGRjYmFjYSIsImV4cCI6MTYzMDEw
        Mjc2MywiT3JnVW5pdElkIjoiNTk1YWRhYjAzM2ZhZGQyYzUwZTg5NDYxIiwiUGF5bG9hZCI6eyJBQ1NVcmwiOiJodHRwcz
        ovLzBtZXJjaGFudGFjc3N0YWcuY2FyZGluYWxjb21tZXJjZS5jb20vTWVyY2hhbnRBQ1NXZWIvY3JlcS5qc3AiLCJQYXlsb2FkIjo
        iZXlKdFpYTnpZV2RsVkhsd1pTSTZJa05TWlhFaUxDSnRaWE56WVdkbFZtVnljMmx2YmlJNklqSXVNUzR3SWl3aWRHaHlaV1
        ZFVTFObGNuWmxjbFJ5WVc1elNVUWlPaUk0TkdVMll6SXpZaTFsTmpJeExUUTJOR1V0WVdGbFl5MHhPR05rWkRFMVlU
        QmxaV01pTENKaFkzTlVjbUZ1YzBsRUlqb2laV1UzTkRWbE0yTXRZekkyTnkwMF6TTBMVGt6TVRFdE1HSTNOVFl3WXpKa0
        5qaG1JaXdpWTJoaGJHeGxibWRsVjJsdVpHOTNVMmw2WlNJNklqQXlJbjAiLCJUcmFuc2FjdGlvbklkIjoiMXhSU3BMUEVvV
        E5zaW5wOFhVSzAifSwiT2JqZWN0aWZ5UGF5bG9hZCI6dHJ1ZSwiUmV0dXJuVXJsIjoiaHR0cHM6Ly93djczMGh3NzAzMzI
        1MDozMDAyL3Jlc3RhcGkvY2FyZGluYWxEaXJlY3QvU3RlcFVwL1Jlc3BvbnNlIn0.ixbdhFoB8M_BWI2sAIIQUjWtIOMzIwRI
        mrg5iu7AyNE",
        "specificationVersion": "2.1.0",
        "token": "AxjzbwSTVZPTJPD7ixR8ADUBURxP1CnnpA6cQE1129JMvRiuHCKArAAAx/+g",
        "acsTransactionId": "ee745e3c-c267-4c34-9311-0b7560c2d68f"
    },
    "errorInformation": {
        "reason": "CONSUMER_AUTHENTICATION_REQUIRED",
        "message": "The cardholder is enrolled in Payer Authentication. Please authenticate the cardholder 
            before continuing with the transaction."
    },
    "id": "6300991627296049403004",
    "paymentInformation": {
        "card": {
            "bin": "4XXXXXXX",
            "type": "VISA"
        }
    },
    "status": "PENDING_AUTHENTICATION",
    "submitTimeUtc": "2022-08-27T21:19:23Z"
}

Checking Enrollment in Payer Authentication