Validating a Challenge

Running the Validation service compares the customer's response to the challenge from the issuing bank to validate the customer identity.

Card-Specific Requirements

Some payment cards require additional information to be collected during a transaction.
This field is recommended for Discover ProtectBuy.
This field is required when the card type is Cartes Bancaires.
This field is required for American Express SafeKey (US) when the product code is
AIR
 for an airlinepurchase).
This field is required for Visa Secure travel.
This field is required only for American Express SafeKey (US).
This field is required only for American Express SafeKey (US)

Country-Specific Requirements

These fields are required for transactions in specific countries.
This field is required for transactions processed in France.
This field is required for transactions in the US and Canada.
This field is required for transactions in the US and Canada.
This field is required when the
orderInformation.billTo.country
 field value is
US
 or
CA
.

Endpoint

Production:
POST
https://api.cybersource.com
/risk/v1/authentication-results
Test:
POST
https://apitest.cybersource.com
/risk/v1/authentication-results

Required Fields for Validating a Challenge

These are the minimum fields required when validating the customer. Other fields for collecting additional information during a transaction are described in the list of optional fields. Under certain circumstances, a field that is optional might be required. The circumstance that makes an optional field required is described.

Required Fields

This field is required when the
orderInformation.lineItems.unitPrice
 field is not used.
This field is required when the
orderInformation.amountDetails.totalAmount
 field is not used.
This field is required when the
paymentInformation.card.number
 field is included.
This field is required when the
paymentInformation.card.number
 field is included.
Validating a Challenge

Optional Fields for Validating a Challenge

These fields are optional when validating a Payer Authentication transaction. In certain circumstances, the information provided by an optional field might be required before a transaction can proceed. Those optional fields that are sometimes required are listed in the required fields with the circumstance described.
Validating a Challenge

REST Example: Validating a Challenge

Request 
{
  "paymentInformation": {
    "card": {
      "type": "001"
    }
  },
  "consumerAuthenticationInformation": {
    "authenticationTransactionId": "bE4fdH96vKejWyz6rXy1"
  }
}
Response to a Successful Request
{
  "consumerAuthenticationInformation": {
    "indicator": "vbv",
    "eciRaw": "05",
    "authenticationResult": "0",
    "authenticationStatusMsg": "Success",
    "eci": "05",
    "token": "AxijLwSTVYSa8ZmiITBhAAJRHE+rXi4ATWhk0kyxdfAuewAA4iW6",
    "cavv": "MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=",
    "paresStatus": "Y",
    "xid": "MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=",
    "directoryServerTransactionId": "144ecc30-264f-4d2c-8a4e-798a4f311b1f",
    "threeDSServerTransactionId": "6773483d-e16a-40f5-bc5d-93d709c8a06b",
    "specificationVersion": "2.1.0",
    "acsTransactionId": "6eab6816-72d2-40e8-a03f-0a6c8bfe3156"
  },
  "id": "6299894944336529404001",
  "paymentInformation": {
    "card": {
      "bin": "400000",
      "type": "VISA"
    }
  },
  "status": "AUTHENTICATION_SUCCESSFUL",
  "submitTimeUtc": "2021-08-26T14:51:34Z"
}
Validating a Challenge