Versions Compared

Old Version 10

changes.mady.by.user Suyash Somani

Saved on

compared with

New Version Current

changes.mady.by.user Kayleigh LaSalle

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Expand
titleHow should the BillingState value be formatted? If I receive an error caused by this field, how can I address it?

The BillingState field within the Lookup request message follows the ISO 3166-2 format per the EMV® 3DS specification. To review the specific Subdivision codes for each Country, it is recommended you review the listings on the ISO Online Browsing Platform (OBP). This can be located at: https://www.iso.org/obp/ui#home. In order to locate the Country listing, be sure to select “Country Codes” from the radio button options prior to searching for the Country name you are seeking. The results will display pertinent information for the matching Country values, including the Subdivision codes (provinces, districts, municipalities, etc).

Example of the ISO 3166 standards information presented by the Online Browsing Platform (OBP) -

At the bottom of each Country Code search result page, you will also be shown a Change history of country code. This is beneficial to review past values as they relate to the present values listed above.

Example of the Change history of country code (China - CN) -

In all cases, it is strongly recommended that the values presented in the BillingState field are reflected as the 3166-2 code as indicated by the ISO specification. This field, per EMV 3DS specification, allows for up to 3 character alphanumeric values AN(3). The expected format for this field will be the value following the hyphen in the 3166-2 code. For example the ISO 3166-2 code for Ohio is US-OH; the value expected to be passed in to BillingState would be OH.

Examples of mapping ISO 3166-2 code to BillingState field -

3166-2 code

Expected BillingState field value

US-OH

OH

CN-AH

AH

GB-LND

LND

In the next section, we will cover additional considerations when applying logic to the BillingState field value.

Additional Considerations:

  1. Understand when to populate BillingState and when to leave it blank

    1. Certain downstream providers have strict validation on the values in BillingState as they relate to the Billing Country. If the value provided does not match the ISO 3166 specification of 3166-2 codes related to the Country, you may experience authentication errors. Due to this, if there is uncertainty in the format of the value for BillingState, it is recommended not to pass a value. However, certain Country values are identified as requiring a value for BillingState. At this time, these Country values are known to require BillingState:

      1. US (United States of America)

      2. CN (China)

    2. Do NOT pass a placeholder value such as “NA” to satisfy perceived required validation while indicating not applicable. This will present issues with downstream providers.

  2. Due to known downstream format validation, it is recommended the BillingState value be provided in upper case capitalization, if the value contains alpha characters i.e. OH instead of oh.

  3. Based on the ISO Change history of country code for CN (China) on 2017-11-23 the specification was modified to move all subdivision codes for CN from numeric to alpha. The numeric values are still accepted by downstream providers and should still be considered valid on the authentication message.

EMV® is a registered trademark in the U.S. and other countries and an unregistered trademark elsewhere. The EMV trademark is owned by EMVCo, LLC.

Expand
titleHow is my use of cookies in my 3-D Secure implementation going to be impacted by recent browser updates?

Modern browsers are being updated to increase performance and security. In recent months, Google Chrome and Apple’s Safari have made significant changes to how cookies are managed by default within the browsers. If you are using cookies as part of your checkout flow, you may be impacted. For information on the impacts and remediations, please refer to our Technical Bulletins.

Title

Technical Bulletin

Google Chrome SameSite cookie changes

View file
nameCardinalCommerce_Technical Bulletin_Google Chrome_4-29-2020.pdf

Safari, iPad, and iOS Cookie Changes

View file
nameCardinalCommerce_Technical_Bulletin_Safari_4-29-2020.pdf

...

Expand
titleWhat domains are used by Songbird if a merchant wants to use domain whitelistingallowlisting?

Production environment:

kg668dbov0.execute-api.us-east-1.amazonaws.com
writer.cardinalcommerce.com
includes.ccdc02.com
songbird.cardinalcommerce.com
centinelapi.cardinalcommerce.com
hostedfields.cardinalcommerce.com
https://geo.cardinalcommerce.com
https://0geo.cardinalcommerce.com
https://1geo.cardinalcommerce.com

Staging environment:

kg668dbov0.execute-api.us-east-1.amazonaws.com
writer.cardinalcommerce.com
includestest.ccdc02.com
songbirdstag.cardinalcommerce.com
centinelapistag.cardinalcommerce.com
hostedfieldsstag.cardinalcommerce.com
geostag.cardinalcommerce.com
0geostag.cardinalcommerce.com
1geostag.cardinalcommerce.com

Note

Cardinal strongly discourages adding the wildcard domain *.cardinalcommerce.com to an allowlist in the staging environment.

Expand
titleHow should the Amount value be formatted for currencies that have non-standard purchase exponent of 0? (such as: Icelandic Krona or, ISK)

Merchants are required to pass the Amount and Currency Code on the Lookup Request. Amount needs to be sent without any decimals for any currency and depending on the Currency Code, Centinel will retrieve the correct Purchase Exponent (or, ISO Minor Unit), apply it to the Amount and set the value on the AReq.

...