On This Page
REST API
Request Fields
The
consumerAuthenticationInformation.referenceId
field is mapped from the consumerAuthenticationInformation.referenceId
field as discussed in Step 1: Payer Authentication Setup Service.consumerAuthenticationInformation.returnUrl
is set to the URL where the issuing bank will redirect the
customer as discussed in Step 4: Step-Up IFrame.To request the Payer Authentication Check Enrollment service, you must send either the
customer’s card number, encrypted payment data, transient token, or a TMS token or
transient token or some other equivalent of card data used by your integration. The
request fields may include any of the following:
- paymentInformation.card.number
- paymentInformation.fluidData.value
- paymentInformation.fluidData.descriptor
- paymentInformation.customer.customerID
- tokenInformation.transientToken
The following fields are required (merchant ID is in the header):
- orderInformation.amountDetails.totalAmount
- orderInformation.billTo.address1
- orderInformation.billTo.locality
- orderInformation.billTo.country
- orderInformation.billTo.administrativeArea
- orderInformation.billTo.postalCode
- paymentInformation.card.type
- orderInformation.amountDetails.currency
- paymentInformation.card.expirationMonth
- paymentInformation.card.expirationYear
- orderInformation.billTo.email
- orderInformation.billTo.firstName
- orderInformation.billTo.lastName
- consumerAuthenticationInformation.referenceId
- consumerAuthenticationInformation.returnUrl
- clientReferenceInformation.code
You can send additional request data to reduce your issuer step-up authentication rates.
It is recommended to send all available fields. You should include the 11 device
information fields listed among the optional fields for the Check Enrollment service in
your request as a backup, in case, Device Data Collection fails. If a failure does
occur, adding these fields ensures a transaction is not downgraded to 3-D Secure 1.0. If
you do not have data for a field, do not send dummy data.
The size of the step-up iframe discussed in Step 4: Step-Up IFrame can vary depending on the 3-D Secure version of the transaction (1.0 or 2.x ). You
can send the size of the challenge window in the
consumerAuthenticationInformation.acsWindowSize
request field. Requesting a specific Window size does not guarantee this size. Parsing the PAReq as
described in Step 4: Step-Up IFramedetermines the actual
size.
For further details on individual API fields, refer to the The field values should use the ISO 3166-2 format.