Authenticate Response (cmpi_authenticate)
This message is generated in response to the cmpi_authenticate request message.
All fields use ASCII character set (0-9, A-Z, a-z, special characters $%&@!_ etc.)
The required field contains one of the following values
Y = Yes (Required field)
C = Conditional (Conditions of transaction determine if this field will be returned or not)
O = Optional (Not required but highly recommended)
N = No (Not required)
Boolean = True or False
Field Name | Description | Required | Condition | Field Definition |
---|---|---|---|---|
Cavv | Cardholder Authentication Verification Value (CAVV) Authentication Verification Value (AVV) Universal Cardholder Authentication Field (UCAF) This value should be appended to the authorization message signifying that the transaction has been successfully authenticated. This value will be encoded according to the Merchant's configuration in either Base64 encoding or Hex encoding. A Base64 encoding Merchant configuration will produce values of 28 or 32 characters. A Hex encoding Merchant configuration will produce values of 40 or 48 characters. The value when decoded will either be 20 bytes for CAVV for 20 or 24 bytes if the value is AAV (Mastercard UCAF) | C |
| AN(40) |
CavvAlgorithm | Indicates the algorithm used to generate the CAVV value. Possible Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm For CB transactions, value will be derived from the "CB-AVALGO” field and will fall outside of the above Possible Values list. NOTE: Only returned for MasterCard SecureCode transaction (3DS 1.0). | O |
| N(1) |
EciFlag | Electronic Commerce Indicator (ECI). The ECI value is part of the 2 data elements that indicate the transaction was processed electronically. This should be passed on the authorization transaction to the Gateway/Processor. Possible Values: 02 or 05 or N2** - Authenticated Transaction 01 or 06 - Attempted Authentication Transaction 00 or 07 or N0** - Non 3-D Secure Transaction Mastercard - 02, 01, 00, 07*, N0**, N2** **ECI N0 or N2 will only occur in Mastercard for non payment authentication transactions VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS CLUB - 05, 06, 07 Cartes Bancaires (CB) Visa - 05, 06, 07 Cartes Bancaires (CB) Mastercard - 02, 01, 00 ELO: 05, 06, 07 Union Pay International: 05, 06, 07 eftpos (Visa or MC) - 05, 06, 07 | Y |
| AN(2) |
ErrorDesc | Application error description for the associated error number. NOTE: Multiple error descriptions are separated by a comma. | Y |
| AN(255) |
ErrorNo | Application error number. A non-zero value represents the error encountered while attempting to process the message request. NOTE: Multiple error numbers are separated by a comma. | Y |
| AN(255) |
MerchantReferenceNumber | Merchant specified data. | O |
| AN(20) |
PAResStatus | Transaction status result identifier. Possible Values: Y - Successful Authentication N - Failed Authentication B - Bypassed Authentication U - Unable to Complete Authentication A - Successful Attempts Transaction R - Authentication Rejected (Merchant must not submit for authorization) I - Informational Only; 3DS Requestor Challenge Preference Acknowledged | C |
| AN(1) |
SignatureVerification This is a legacy response field related to 3DS 1.0.2. This value will either be returned with a value of Y or not returned at all. The SignatureVerification value should no longer be used in any processing logic as it is not relevant to EMV 3DS authentication. | Transaction Signature status identifier. Possible Values: Y - Indicates that the signature of the PARes has been validated successfully and the message contents can be trusted. | C |
| AN(1) |
UCAFIndicator | Universal Cardholder Authentication Field (UCAF) Indicator value provided by the issuer. Possible Values: 0 - Non-SecureCode transaction, bypassed by the Merchant 1 - Merchant-Only SecureCode transaction 2 - Fully authenticated SecureCode transaction NOTE: This field is only returned for Mastercard SecureCode transactions (3DS 1.0) | O |
| N(1) |
Xid | Transaction identifier resulting from authentication processing. NOTE: Gateway/Processor API specification may require this value to be appended to the authorization message. This value will be encoded according to the Merchant's configuration in either Base64 encoding or Hex encoding. A Base64 encoding Merchant configuration will produce values of 28 characters. A Hex encoding Merchant configuration will produce values of 40 characters. | C |
| AN(40) |
ThreeDSVersion | This field contains the 3DS version that was used to process the transaction. Possible Values: 1.0.2 2.1.0 2.2.0 NOTE: Required for Mastercard Identity Check transactions in Authorization | Y |
| AN(10) |
CardBrand | Card brand that the transaction was processed for authentication. Possible Values: AMERICAN EXPRESS | Y |
| AN(16) |
CardBin | Card bin represents the first six numbers of the CardNumber field passed in on the cmpi_lookup request. | Y |
| AN(6) |
Amount | Unformatted total transaction amount without any decimalization passed in on the cmpi_lookup request. Example: $100.00 = 10000, $123.67 = 12367, $.99 = 99 | Y |
| N(17) |
CurrencyCode | 3-digit numeric ISO 4217 currency code for the sale amount passed in on the cmpi_lookup request | C |
| N(3) |
ACSTransactionId | Unique transaction identifier assigned by the ACS to identify a single transaction. | C |
| AN(36) |
DSTransactionId | Unique transaction identifier assigned by the Directory Server (DS) to identify a single transaction. NOTE: Required for Mastercard Identity Check transaction in Authorization | C |
| AN(36) |
ThreeDSServerTransactionId | Unique transaction identifier assigned by the 3DS Server to identify a single transaction. | C |
| AN(36) |
ChallengeCancel | An indicator as to why the transaction was canceled. Possible Values: 01 - Cardholder selected 'Cancel' 02 - Reserved for future EMVCo use (values invalid until defined by EMVCo). 03 - Transaction Timed Out—Decoupled Authentication 04 - Transaction timed out at ACS—other timeouts 05 - Transaction Timed out at ACS - First CReq not received by ACS 06 - Transaction Error 07 - Unknown 08 = Transaction Timed Out at SDK NOTE: Only present when the Consumer cancels the challenge. Decoupled authentication is not supported at this time. | C | Merchant Configuration ON Required in CReq for 01-APP if the authentication transaction was canceled by user interaction with the cancelation button in the UI or for other reasons as indicated. Required in the RReq if the ACS identifies that the authentication transaction was canceled for reasons as indicated. Value of 04 or 05 is required when Transaction Status Reason = 14. | N(2) |
InteractionCounter | Indicates the number of authentication cycles attempted by the cardholder and is tracked by the Issuing Banks ACS. | C | Flag is ON | N(2) |
StatusReason | Provides additional information as to why the PAResStatus has a specific value. NOTE: Required for Payment (e.g. Authentication Indicator equals 01 on Lookup Request) transactions when PAResStatus is equal to N, U, or R in the Lookup Response. | C | Merchant Configuration ON | N(2) |
ReasonCode | The error code indicating a problem with this transaction. | C | 3DS 2.0 | N(3) |
ReasonDesc | Text and additional detail about the error for this transaction. NOTE: This field concatenates the errorDescription and errorDetail from the authentication response message. | C | 3DS 2.0 | AN(4096) |
ACSRenderingType | Identifies the UI Type the ACS will use to complete the challenge. NOTE: Only available for App transactions using the Cardinal Mobile SDK. Decoupled authentication is not supported at this time. | C | Merchant Configuration ON & App For RReq, required unless ACS Decoupled Confirmation = Y. |
|
AuthenticationType | Indicates the type of authentication that will be used to challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out of Band) 04 - Decoupled NOTE: EMV® 3-D Secure version 2.1.0 supports values 01-03. Version 2.2.0 supports values 01-04. Decoupled authentication is not supported at this time. | C | Merchant Configuration ON Required in the RReq message if the Transaction Status = Y or N in the RReq message. | N(2) |
AuthenticationBrand | Indicates whether a mada transaction was passed through Visa or MasterCard rails during authentication. | C | Mada transactions that utilize Visa or MasterCard network to authenticate. | AN (10) |
SdkTransID | SDK unique transaction identifier that is generated on each new transaction. | R |
| AN(36) |
WhiteListStatus | Enables the communication of trusted beneficiary/trustlist status between the ACS, the DS and the 3DS Requestor. Possible Values: Y - 3DS Requestor is trustlisted by cardholder N - 3DS Requestor is not trustlisted by cardholder E - Not eligible as determined by issuer P - Pending confirmation by cardholder R - Cardholder rejected U - Trustlist status unknown, unavailable, or does not apply | O |
| AN(1) |
WhiteListStatusSource | This data element will be populated by the system setting WhitelistStatus. Possible Values: 01 - 3DS Server 02 - DS 03 - ACS | C | Required if WhitelistStatus is present. | N(2) |
Warning | Text provided for merchants to self-diagnose integration or transaction level issues thus establishing a scalable feedback mechanism. Note: This is a soft error and will not stop the transaction. Merchants are recommended to take corrective action to overcome the Warning message. | C | 3DS 2.0 | AN(4096) |
APCCreated | Indicates whether the Authenticated Payment Credential (APC) was created. Possible Values:
| C | Required for first time transactions | Boolean |
Cartes Bancaires | ||||
AuthorizationPayload | The Base64 encoded JSON Payload of CB specific Authorization Values returned in the Frictionless Flow Example: Authorization Payload | C | Card Brand of Transaction = CB Merchant Configuration ON | Base64 Encoded |
mada | ||||
DSReferenceNumber | EMVCo-assigned unique identifier to track approved DS. | Y | Required for mada. | AN(32) |
ThreeDSServerOperatorID | DS-assigned 3DS Server identifier. | Y | Required for mada. | AN(32) |
ACSOperatorID | DS assigned ACS identifier. | Y | Required for mada. | AN(32) |
ACSReferenceNumber | Unique identifier for the ACS assigned by the EMVCo Secretariat upon Testing and Approval. | Y | Required for mada. | AN(32) |
AuthorizationPayload | The Base64 encoded JSON Payload of mada specific Authorization Values. Example: Authorization Payload | Y | Required for mada. | Base64 Encoded |