Recent Revisions to This Document

About This Guide

VISA Platform Connect: Specifications and Conditions for Resellers/Partners

Introduction to Payer Authentication
- Why Payer Authentication Is Needed
- EMV 3-D Secure 2.0
- Payer Authentication Customer Workflow
- Payer Authentication Merchant Workflow
- Acquirer Information
- Enable Merchant Account for EMV 3-D Secure
- Payer Authentication Configuration Testing
- Request Endpoints
- Payer Authentication Integrations

Implementing Direct API for Payer Authentication
- Prerequisites
- After Implementation and Before Go Live

Step 1: Setup Service
- Request Fields
- Important Response Fields

Step 2: Device Data Collection
- Which Device Data is Collected
- Building the Iframe
- Initiating the Device Data Collection Iframe
- Submitting the Device Data Collection Iframe
- Receiving the Device Data Collection URL Response

Step 3: Payer Authentication Check Enrollment Service
- Request Fields
- Interpreting the Check Enrollment Response
- Important Response Fields

Step 4: Step-Up Iframe
- Building the Iframe Parameters
- Creating the Iframe
- Invoking the Iframe
- Receiving the Step-Up Results

Step 5: Payer Authentication Validation Service
- Request Fields
- Interpreting the Validation Response
- Redirecting Customers to Pass or Fail Message Page

Combining the Authentication and the Authorization Services
- Combining Check Enrollment and the Authorization Services
  - Check Enrollment Response Fields and Their Equivalent Authorization Request Fields
- Combining the Validation and the Authorization Services
  - Validation Fields and their Equivalent Authorization Fields

Testing Payer Authentication
- Testing Process
  - Enrollment Check Response Fields
  - Authentication Validation Response Fields
- Test Cases for 3-D Secure 2.x
  - Test Case 2.1: Successful Frictionless Authentication
  - Test Case 2.2: Unsuccessful Frictionless Authentication
  - Test Case 2.3: Attempts Processing Frictionless Authentication
  - Test Case 2.4: Unavailable Frictionless Authentication
  - Test Case 2.5: Rejected Frictionless Authentication
  - Test Case 2.6: Authentication not Available on Lookup
  - Test Case 2.7: Enrollment Check Error
  - Test Case 2.8: Time-Out
  - Test Case 2.9: Bypassed Authentication
  - Test Case 2.10a: Successful Step-Up Authentication
  - Test Case 2.11a: Unsuccessful Step-Up Authentication
  - Test Case 2.12a: Unavailable Step-Up Authentication
  - Test Case 2.14: Require Method URL
- Payer Authentication Exemption Test Cases
  - Test Case 1a: Initial/First Recurring Transaction: Fixed Amount
  - Test Case 2a: Card Authentication Failed
  - Test Case 2b: Suspected Fraud
  - Test Case 2c: Cardholder Not Enrolled in Service
  - Test Case 2d: Transaction Timed Out at the ACS
  - Test Case 2e: Non-Payment Transaction Not Supported
  - Test Case 2f: 3RI Transaction Not Supported
  - Test Case 3a: Transaction Risk Analysis Exemption: Low Value: Mastercard EMV 3-D Secure 2.1 and 2.2
  - Test Case 3b: Transaction Risk Analysis: Low Value: Visa
  - Test Case 3c: Transaction Risk Analysis: Low Value: Discover
  - Test Case 3d: Acquirer Transaction Risk Analysis: Cartes Bancaires
  - Test Case 4a: Trusted Beneficiary Prompt for Trustlist
  - Test Case 4b: Utilize Trusted Beneficiary Exemption
  - Test Case 5a-1: Identity Check Insights (ScoreRequest = N)
  - Test Case 5a-2: Identity Check Insights (ScoreRequest = Y)

Payer Authentication Use Cases
- Use Case: Setting Up Payer Authentication
  - Required Fields for Setting Up Payer Authentication
  - Optional Fields for Setting Up Payer Authentication
  - Simple Order Example: Setting Up with Payer Authentication
- Use Case: Setting Up Payer Authentication with Google Pay
  - Required Fields for Setting Up Payer Authentication
  - Optional Fields for Setting Up Payer Authentication
  - Simple Order Example: Setting Up Payer Authentication Using Google Pay
- Use Case: Checking Enrollment in Payer Authentication
  - Required Fields for Checking Enrollment in Payer Authentication
  - Optional Fields for Checking Enrollment in Payer Authentication
  - Simple Order Example: Check Enrollment
- Use Case: Checking Enrollment in Payer Authentication Using Google Pay
  - Required Fields for Checking Enrollment in Payer Authentication
  - Optional Fields for Checking Enrollment in Payer Authentication
  - Simple Order Example: Checking Enrollment in Payer Authentication Using Google Pay
- Use Case: Validating Payer Authentication
  - Required Fields for Validating Payer Authentication
  - Optional Fields for Validating Payer Authentication
  - REST Example: Validating the Challenge
  - Simple Order Example: Validating the Challenge
- Use Case: Validating Payer Authentication Using Google Pay
  - Required Fields for Validating Payer Authentication
  - Optional Fields for Validating Payer Authentication
  - Simple Order Example: Validating the Challenge When Using Google Pay
- Use Case: Validating and Authorizing a Transaction
  - Required Fields for Processing an Authorization Using Visa Secure
  - Optional Fields for Validating Payer Authentication
  - Simple Order Example: Processing an Authorization Using Visa Secure

Website Modification Reference
- Website Modification Checklist
- EMV 3-D Secure Services Logos
- Informational Message Examples

Alternate Methods for Device Data Collection
- Device Data Collection Overview
  - Prerequisites
  - Endpoints
- Collecting Device Data
  - Card BIN in JWT
  - Card BIN as a POST Parameter Plus JWT

Upgrading Your Payer Authentication Implementation
- Benefits
- PSD2 Impact
  - Mandates
- Recommended Integration
- Migrating from EMV 3-D Secure 1.x to 2.x FAQ

Payer Authentication Transaction Details in the Business Center
- Payer Authentication Search
- Storing Payer Authentication Data
- Searching for Payer Authentication Details
  - Enrolled Card
    - Enrollment Check
    - Authentication Validation
  - Card Not Enrolled
    - Transaction Details

Payer Authentication Reports
- Payer Authentication Summary Report
  - Downloading the Report
  - Matching the Report to the Transaction Search Results
  - Interpreting the Report
  - Comparing Payer Authentication and Payment Reports
- Payer Authentication Detail Report
  - Report Element
  - PayerAuthDetail Element
  - ProofXML Element
  - VEReq Element
  - VERes Element
  - PAReq Element
  - PARes Element
  - AuthInfo Element
  - Report Examples

Reason Codes

Glossary

On This Page

Simple Order API

Building the Iframe Parameters

Form POST Action: The POST is made to the URL within the iframe is from the

payerAuthEnrollReply_stepUpUrl

response field discussed in Step 3: Payer Authentication Check Enrollment Service.

JWT POST Parameter: Use the value from the

payerAuthEnrollReply_accessToken

field discussed in Step 3: Payer Authentication Check Enrollment Service.

MD POST Parameter: Merchant-defined data returned in the response. This field is optional.

Iframe height and width:

3-D Secure 1.0 uses a standard size of 400 pixels by 400 pixels.

3-D Secure 2.x offers multiple size options:

Use the

payerAuthEnrollService_acsWindowSize

request field to request (but not guarantee) a specific window size.

Use the

payerAuthEnrollReply_paReq

response field to determine iframe dimensions by Base64 decoding the string and cross-referencing a Challenge Window Size value with its corresponding size.

This table lists these values.

Challenge Window Size Value and Corresponding Size
Challenge Window Size Value	Step-Up Iframe Dimensions (Width x Height in pixels)
01	250 x 400
02	390 x 400
03	500 x 600
04	600 x 400
05	Full screen

This is an example for the decoded value.

Challenge Window Size Decoded Value

{
    "messageType":"CReq","messageVersion":"2.2.0",
    "threeDSServerTransID":"c4b911d6-1f5c-40a4-bc2b-51986a98f991",
    "acsTransID":"47956453-b477-4f02-a9ef-0ec3f9f779b3",
    "challengeWindowSize":"02"
}