Recent Revisions to This Document

About This Guide

Introducing Payer Authentication
- Overview of Chargeback Protection
  - PSD2
  - EMV 3-D Secure
  - Strong Customer Authentication
  - Prerequisites for Implementing Payer Authentication
- Payer Authentication Process Flow Overview
- Integrating Payer Authentication into Your Business
  - Host Names
  - Endpoints
  - Tokenization and Digital Payment Options
  - Overview of 3-D Secure 2.x Implementation
- Using Secure Acceptance with Payer Authentication
- Required Merchant Information

Implementing Cardinal Cruise Direct Connection API Payer Authentication
- Prerequisites
- After Implementation and Before Go Live
- Step 1: Payer Authentication Setup Service
  - Request Fields
  - Important Response Fields
- Step 2: Device Data Collection Iframe
  - Build the Iframe
  - Initiate the Device Data Collection Iframe
  - Submit the Device Data Collection Iframe
  - Listen for the Device Data Collection URL Response
- Step 3: Payer Authentication Check Enrollment Service
  - Request Fields
  - Combining Services
  - Interpreting the Response
  - Important Response Fields
- Step 4: Step-Up IFrame
  - Building the Iframe Parameters
  - Creating the Iframe
  - Invoke the Iframe
  - Receiving the Step-Up Results
- Step 5: Payer Authentication Validation Service
  - Request Fields
  - Combining Services or Mapping Authorization Fields
  - Interpreting the Response
  - Redirecting Customers to Pass or Fail Message Page
- Cardinal Cruise Direct Connection Integration Examples
  - Setup Service Request and Response Examples
  - Check Enrollment Request and Response Examples
  - Validate Authentication Request and Response
  - Authorization with Enroll
  - Authorization with Validation

Hybrid Payer Authentication
- Implementation Overview
- Process Flow for Hybrid Integration
  - Payer Authentication Setup
  - Add the JavaScript
  - BIN Detection
  - Requesting the Check Enrollment Service
    - Interpreting the Response
  - Authenticating Enrolled Cards
    - Receiving the Authentication Results
  - Requesting the Validation Service
    - Interpreting the Response
    - Redirecting Customers to Pass or Fail Message Page
  - Hybrid Integration Examples
    - Check Enrollment
    - Validate
    - Enrollment and Authorization
    - Validation and Authorization Request

API Fields
- Required Fields for Setting Up Payer Authentication
  - Optional Fields for Setting Up Payer Authentication
- Required Fields for Checking Enrollment in Payer Authentication
  - Optional Fields for Enrolling in Payer Authentication
- Required Fields for Validating Payer Authentication
  - Optional Fields for Validating Payer Authentication

Testing Payer Authentication
- Testing Process
  - Enrollment Check
  - Enrollment Check Response Fields
  - Authentication Validation Test Case Fields
- Expected Results
- 3-D Secure 1.0 Testing
  - Visa Secure 3-D Secure 1.0 Test Cases
    - Visa Secure Test Cases for 3-D Secure 1.0
  - Mastercard Identity Check 3-D Secure 1.0 Test Cases
    - Mastercard Identity Check Test Cases for 3-D Secure 1.0
  - Maestro 3-D Secure 1.0 Test Cases
    - Maestro Test Cases for 3-D Secure 1.0
  - American Express SafeKey 3-D Secure 1.0 Test Cases
    - American Express SafeKey Test Cases for 3-D Secure 1.0
  - JCB J/Secure 3-D Secure 1.0 Test Cases
    - JCB J/Secure Test Cases for 3-D Secure 1.0
  - Diners Club Protect Buy 3-D Secure 1.0 Test Cases
    - Diners Club Protect Buy Test Cases for 3-D Secure 1.0
  - Discover Protect Buy 3-D Secure 1.0 Test Cases
    - Discover Protect Buy Test Cases for 3-D Secure 1.0
- Test Cases for 3-D Secure 2.x
  - Test Case 2.1: Successful Frictionless Authentication
  - Test Case 2.2: Unsuccessful Frictionless Authentication
  - Test Case 2.3: Attempts Processing Frictionless Authentication
  - Test Case 2.4: Unavailable Frictionless Authentication
  - Test Case 2.5: Rejected Frictionless Authentication
  - Test Case 2.6: Authentication not Available on Lookup
  - Test Case 2.7: Enrollment Check Error
  - Test Case 2.8: Time-Out
  - Test Case 2.9: Bypassed Authentication
  - Test Case 2.10a: Successful Step-Up Authentication
  - Test Case 2.11a: Unsuccessful Step-Up Authentication
  - Test Case 2.12a: Unavailable Step-Up Authentication
  - Test Case 2.14: Require MethodURL
- Payer Authentication Exemption Test Cases
  - Test Case 1a: Initial/First Recurring Transaction - Fixed Amount
  - Test Case 2a: Card Authentication Failed
  - Test Case 2b: Suspected Fraud
  - Test Case 2c: Cardholder Not Enrolled in Service
  - Test Case 2d: Transaction Timed Out at the ACS
  - Test Case 2e: Non-Payment Transaction Not Supported
  - Test Case 2f: 3RI Transaction Not Supported
  - Test Case 3a: Transaction Risk Analysis Exemption - Low Value - Mastercard
  - Test Case 3a: Transaction Risk Analysis Exemption - Low Value - Mastercard EMV 3-D Secure 2.1 and 2.2
  - Test Case 3b-Transaction Risk Analysis Low Value - Visa
  - Test Case 3c: Transaction Risk Analysis-Low Value-Discover
  - Test Case 3d: Acquirer Transaction Risk Analysis-Cartes Bancaires
  - Test Case 4a: Trusted Beneficiary Prompt for Trustlist
  - Test Case 4b: Utilize Trusted Beneficiary Exemption
  - Test Case 5a-1: Identity Check Insights (ScoreRequest = N)
  - Test Case 5a-2: Identity Check Insights (ScoreRequest = Y)

Website Modification Reference
- Website Modification Checklist
- 3-D Secure Services Logos
- Informational Message Examples

Alternate Methods for Device Data Collection
- Device Data Collection Overview
  - Prerequisites
  - Endpoints
- Collecting Device Data
  - Card BIN in JWT
  - Card BIN as a POST Parameter Plus JWT

Upgrading Your Payer Authentication Implementation
- Benefits
- PSD2 Impact
  - Mandates
- Recommended Integration
- Migration FAQ

Payer Authentication Transaction Details in the Gateway Portal
- Payer Authentication Search
- Storing Payer Authentication Data
- Searching for Payer Authentication Details
  - Enrolled Card
    - Enrollment Check
    - Authentication Validation
  - Card Not Enrolled
    - Transaction Details

Payer Authentication Reports
- Payer Authentication Summary Report
  - Downloading the Report
  - Matching the Report to the Transaction Search Results
  - Interpreting the Report
  - Comparing Payer Authentication and Payment Reports
- Payer Authentication Detail Report
  - Report
  - PayerAuthDetail
  - ProofXML
  - VEReq
  - VERes
  - PAReq
  - PARes
  - AuthInfo
  - Report Examples

Glossary

On This Page

REST API

PAReq

The <PAReq> element contains the payer authentication request message. This element corresponds to the

consumerAuthenticationInformation. pareq

API field.

<PAReq>
  (AcqBIN)
  (MerID)
  (Name)
  (Country)
  (URL)
  (XID)
  (Date)
  (PurchaseAmount)
  (AcctID)
  (Expiry)
</PAReq>

Child Elements of <PAReq>
Element Name	Description	Type & Length
<AcqBIN>	First six digits of the acquiring bank’s identification number.	Numeric (6)
<MerID>	Identifier provided by your acquirer; used to log in to the ACS URL.	String (24)
<Name>	Merchant’s company name.	String (25)
<Country>	Two-character code for the merchant’s country of operation.	String (2)
<URL>	Merchant’s business website.	String
<XID>	Unique transaction identifier generated for each Payment Authentication Request (PAReq) message. The PARes sent back by the issuing bank contains the XID of the PAReq. To ensure that both XIDs are the same, compare it to the XID in the response. To find all requests related to a transaction, you can also search transactions for a specific XID.	String (28)
<Date>	Date and time of request. (Although the date and time should appear sequentially during all stages of the processing of an order, they may not because of differing time zones and synchronization between servers.)	DateTime (25)
<Purchase Amount>	Authorization amount and currency for the transaction. This element corresponds to the totals of the offer lines or from the following fields: orderInformation.amountDetails.totalAmount .	Amount (15)
<AcctID>	Masked string used by the ACS.	String (28)
<Expiry>	Expiration month and year of the customer’s card.	Number (4)

<PAReq>
  <AcqBIN>123456</AcqBIN>
  <MerID>444444</MerID>
  <Name>example</Name>
  <Country>US</Country>
  <URL>http://www.example.com</URL>
  <XID>fr2VCDrbEdyC37MOPfIzMwAHBwE=</XID>
  <Date>2020-02-09T08:00:34-08:00</Date>
  <PurchaseAmount>1.00 USD</PurchaseAmount>
  <AcctID>NDAxMjAwMTAxMTAwMDc3MQ==</AcctID>
  <Expiry>2309</Expiry>
</PAReq>