On This Page
REST API

Request Fields

The
consumerAuthenticationInformation.referenceId
 field is mapped from the
consumerAuthenticationInformation.referenceId
 field as discussed in Step 1: Payer Authentication Setup Service.
consumerAuthenticationInformation.returnUrl
 is set to the URL where the issuing bank will redirect the customer as discussed in Step 4: Step-Up IFrame.
To request the Payer Authentication Check Enrollment service, you must send either the customer’s card number, encrypted payment data, transient token, or a TMS token or transient token or some other equivalent of card data used by your integration. The request fields may include any of the following:
  • paymentInformation.card.number
  • paymentInformation.fluidData.value
  • paymentInformation.fluidData.descriptor
  • paymentInformation.customer.customerID
  • tokenInformation.transientToken
The following fields are required (merchant ID is in the header):
  • orderInformation.amountDetails.totalAmount
  • orderInformation.billTo.address1
  • orderInformation.billTo.locality
  • orderInformation.billTo.country
  • orderInformation.billTo.administrativeArea
  • orderInformation.billTo.postalCode
  • paymentInformation.card.type
  • orderInformation.amountDetails.currency
  • paymentInformation.card.expirationMonth
  • paymentInformation.card.expirationYear
  • orderInformation.billTo.email
  • orderInformation.billTo.firstName
  • orderInformation.billTo.lastName
  • consumerAuthenticationInformation.referenceId
  • consumerAuthenticationInformation.returnUrl
  • clientReferenceInformation.code
You can send additional request data to reduce your issuer step-up authentication rates. It is recommended to send all available fields. You should include the 11 device information fields listed among the optional fields for the Check Enrollment service in your request as a backup, in case, Device Data Collection fails. If a failure does occur, adding these fields ensures a transaction is not downgraded to 3-D Secure 1.0. If you do not have data for a field, do not send dummy data.
The size of the step-up iframe discussed in Step 4: Step-Up IFrame can vary depending on the 3-D Secure version of the transaction (1.0 or 2.x ). You can send the size of the challenge window in the
consumerAuthenticationInformation.acsWindowSize
 request field.
Requesting a specific Window size does not guarantee this size. Parsing the PAReq as described in Step 4: Step-Up IFramedetermines the actual size.
For further details on individual API fields, refer to the The field values should use the ISO 3166-2 format.