Songbird.js will handle all the user interactions up until CCA has returned back the authentication result. The next step in the integration is to add logic to your payments.validated event to handle specific return values for CCA. The field ActionCode should be used as the primary transaction status indicator. Below are the possible values for ActionCode and what they indicate. Value | Description |
---|
SUCCESS | Authentication was completed successfully. You will have a CAVV, ECIFlag, and XID to send during authorization. | NOACTION | Authentication was not applicable, but no service level errors were encountered. When the ErrorNumber is 0, generally this means you may move on to authorization, but be aware the transaction may not be eligible for liability shift. | FAILURE | Authentication resulted in a failure, this includes a the end user failing authentication. | ERROR | An error was encountered. Refer to ErrorNumber and ErrorDescription for more details on the error. If a Payment object is present you may have additional details in the ReasonCode and ReasonDescription fields within the Payment object. |
Info |
---|
title | Looking for CCA response objects? |
---|
| Refer to the response objects section for information on what the CCA Payment object looks like. |
The below example is what you should expect the response JWT to contain on a successful CCA transaction. Code Block |
---|
language | js |
---|
title | Example Decoded Response JWT |
---|
linenumbers | true |
---|
| {
"iss": "5b7eb7072f3e7305c029cd39",
"iat": 1576870062,
"exp": 1576877262,
"jti": "0316f090-17af-4c91-b840-94a44fac198c",
"ConsumerSessionId": "0_00b447b6-9072-4c21-9c7f-09a0d535fc6f",
"ReferenceId": "0_00b447b6-9072-4c21-9c7f-09a0d535fc6f",
"aud": "c56797a0-235e-11ea-96b5-9b6c28b8308b",
"Payload": {
"Validated": true,
"Payment": {
"Type": "CCA",
"ProcessorTransactionId": "Mbmr4329wVoH43M3w7a0",
"ExtendedData": {
"Amount": "1500",
"CAVV": "MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=",
"CurrencyCode": "840",
"ECIFlag": "05",
"ThreeDSVersion": "2.1.0",
"PAResStatus": "Y",
"SignatureVerification": "Y"
}
},
"ActionCode": "SUCCESS",
"ErrorNumber": 0,
"ErrorDescription": "Success"
}
} |
NOTE: It is highly recommended that you verify the Amount and Currency values within the response prior to sending to authorization. The values returned on payments.validated will represent the values used during authentication; these values should match the values at the time of authorization. Currently, Amount and Currency will only be returned on EMV 3DS transactions. Additional work to populate these values in all 3DS versions is underway. Step 10: JWT ValidationOnce the response JWT is received in the payments.validated event, you will need to send the response JWT to your backend to verify and extract the results. We recommend that any values sent to 3rd parties are sourced from the response JWT after it has been properly validated. Note |
---|
| JWT validation should only ever be done on the server side for security reasons. Doing JWT validation on the front end is not an acceptable flow. |
Info |
---|
title | Looking for more information? |
---|
| For more in depth information on JWT validation including code samples in a few languages, check out the JWT Validation page. |
Excerpt |
---|
Please note that each Claim key is case sensitive. Claim | Description |
---|
aud | Merchant jti Id - This is the 'jti' field from your request JWT echoed back. This field allows you to match up your request JWT with Cardinals response JWT. | jti | JWT Id - A unique identifier for this response JWT. This value is generated by Cardinal. | iat | Issued At Time - This is a timestamp of when the JWT was created. | iss | Issuer - The request JWT's iss field echoed back. | ConsumerSessionId | The unique session Id for the current user. | Payload | The response object for your request. This field will contain any actual state information on the transaction. This is the decoded data object that is passed into the payments.validated event as the first argument. |
JWT Payload ExampleBelow is an example of the JSON content of a basic response JWT Payload where we are passing an object within the Payload claim: Code Block |
---|
language | js |
---|
title | Raw JWT Sample |
---|
linenumbers | true |
---|
| {
"iss": "5b7eb7072f3e7305c029cd39",
"iat": 1576870062,
"exp": 1576877262,
"jti": "0316f090-17af-4c91-b840-94a44fac198c",
"ConsumerSessionId": "0_00b447b6-9072-4c21-9c7f-09a0d535fc6f",
"ReferenceId": "0_00b447b6-9072-4c21-9c7f-09a0d535fc6f",
"aud": "c56797a0-235e-11ea-96b5-9b6c28b8308b",
"Payload": {
"Validated": true,
"Payment": {
"Type": "CCA",
"ProcessorTransactionId": "Mbmr4329wVoH43M3w7a0",
"ExtendedData": {
"Amount": "1500",
"CAVV": "MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=",
"CurrencyCode": "840",
"ECIFlag": "05",
"ThreeDSVersion": "2.1.0",
"PAResStatus": "Y",
"SignatureVerification": "Y"
}
},
"ActionCode": "SUCCESS",
"ErrorNumber": 0,
"ErrorDescription": "Success"
}
} |
Below is an example of the JSON content of a basic response JWT Payload where we are passing a string within the Payload claim. This would occur when the request JWT included a ObjectifyPayload flag set to false: Code Block |
---|
language | js |
---|
title | Stringified JWT Sample |
---|
linenumbers | true |
---|
| {
"iss": "Midas-TwoDotOh-Key",
"iat": 1576870531,
"exp": 1576877731,
"jti": "90ecd237-dbfe-447e-a46b-2aa5301d0d5e",
"ConsumerSessionId": "0_f7b7bce8-dd33-429a-97e4-619595bd27a9",
"ReferenceId": "0_f7b7bce8-dd33-429a-97e4-619595bd27a9",
"aud": "8bce4d80-235f-11ea-96b5-9b6c28b8308b",
"Payload": "{\"Validated\":true,\"Payment\":{\"Type\":\"CCA\",\"ProcessorTransactionId\":\"2VbZqSYOixT20IfxLih0\",\"ExtendedData\":{\"Amount\":\"1500\",\"CAVV\":\"MTIzNDU2Nzg5MDEyMzQ1Njc4OTA\\u003d\",\"CurrencyCode\":\"840\",\"ECIFlag\":\"05\",\"ACSTransactionId\":\"94fa1daf-0d59-45fe-96b3-fa1bc37c7387\",\"DSTransactionId\":\"6373816e-d86a-4e20-b797-79429ad3c92e\",\"ThreeDSServerTransactionId\":\"b0ab6fa5-2ef6-4324-acdf-83d74fa32f9d\",\"ThreeDSVersion\":\"2.1.0\",\"Enrolled\":\"Y\",\"PAResStatus\":\"Y\",\"SignatureVerification\":\"Y\"}},\"ActionCode\":\"SUCCESS\",\"ErrorNumber\":0,\"ErrorDescription\":\"Success\"}"
} |
|
Info |
---|
icon | false |
---|
title | Now you are ready to test your Consumer Authentication integration |
---|
| Please refer to the following CCA Test Cases |
You can begin testing transactions after you have completed the above steps for integrating Cardinal Cruise Standard into your merchant front end environment.
|