Recent Revisions to This Document

About This Guide

Introducing Payer Authentication
- Overview of Chargeback Protection
- Payer Authentication Process Flow Overview
- Integrating Payer Authentication into Your Business
- Using Secure Acceptance with Payer Authentication
- Required Merchant Information

Implementing Cardinal Cruise Direct Connection API Payer Authentication
- Prerequisites
- After Implementation and Before Go Live
- Step 1: Payer Authentication Setup Service
- Step 2: Device Data Collection Iframe
- Step 3: Payer Authentication Check Enrollment Service
- Step 4: Step-Up IFrame
- Step 5: Payer Authentication Validation Service
- Cardinal Cruise Direct Connection Integration Examples

Implementing SDK Payer Authentication
- Implementation Overview
- Process Flow for SDK Integration
- Prerequisites for SDK Implementation
- Using the Android SDK
- Using the iOS SDK
- Running Payer Authentication in SDK

Hybrid Payer Authentication
- Implementation Overview
- Process Flow for Hybrid Integration

API Fields
- Required Fields for Setting Up Payer Authentication
- Required Fields for Checking Enrollment in Payer Authentication
- Required Fields for Validating Payer Authentication

Testing Payer Authentication
- Testing Process
- Expected Results
- 3-D Secure 1.0 Testing
- Test Cases for 3-D Secure 2.x
- Payer Authentication Exemption Test Cases

Website Modification Reference
- Website Modification Checklist
- 3-D Secure Services Logos
- Informational Message Examples

Alternate Methods for Device Data Collection
- Device Data Collection Overview
- Collecting Device Data

Upgrading Your Payer Authentication Implementation
- Benefits
- PSD2 Impact
- Recommended Integration
- Migration FAQ

Payer Authentication Transaction Details in the Gateway Portal
- Payer Authentication Search
- Storing Payer Authentication Data
- Searching for Payer Authentication Details

Payer Authentication Reports
- Payer Authentication Summary Report
- Payer Authentication Detail Report

Glossary

REST API

Device Data Collection Overview

The device data collection collects the required browser data elements in order to make the 3-D Secure 2.x request and invoke the 3-D Secure Method URL when it is available.

The Cardinal Cruise Direct Connection API places the required Method URL on the merchantEMV 3D Secure requirements, a merchant must place and run the Method URL on their website if the issuing bank uses one.)

The Method URL is a concept in the EMV 3-D Secure protocol that allows an issuing bank to obtain additional browser information prior to starting the authentication session to help facilitate risk-based authentication. The implementation techniques for obtaining the additional browser information are out of scope of the EMV 3-D Secure protocol. This process also occurred in 3-D Secure 1.0 when the customer's browser was redirected to the ACS URL. The Method URL step provides a better user experience.