{ "$schema": "http://json-schema.org/draft-07/schema#", "$id": "https://raw.githubusercontent.com/api-evangelist/verifone/refs/heads/main/json-schema/3ds-authentication-api-authenticationresult.json", "title": "AuthenticationResult", "description": "AuthenticationResult from 3D Secure API", "type": "object", "properties": { "threeds_version": { "type": "string", "description": "This field contains the 3DS version that was used to process the transaction. \n Possible Values: \n 1.0.2 \n 2.1.0 \n NOTE: Required for Mastercard Identity Check transactions in Authorization" }, "enrolled": { "type": "string", "description": "Status of Authentication eligibility. \n Possible Values: \n Y - Yes, Bank is participating in 3D Secure protocol and will return the ACSUrl \n N - No, Bank is not participating in 3D Secure protocol \n U - Unavailable, The DS or ACS is not available for authentication at the time of the request \n B - Bypass, Merchant authentication rule is triggered to bypass authentication in this use case \n NOTE: If the Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication." }, "error_desc": { "type": "string", "description": "Application error description for the associated error number(s). NOTE: Multiple error descriptions are separated by a comma." }, "error_no": { "type": "string", "description": "Application error number(s). A non-zero value represents the error encountered while attempting to process the message request. NOTE: Multiple error numbers are separated by a comma." }, "order_id": { "type": "string", "description": "3DS server generated order identifier. Used to link multiple actions on a single order to a single identifier. Mod-10 compliant and unique BIN range to 3DS services." }, "eci_flag": { "type": "string", "description": "Electronic Commerce Indicator (ECI). The ECI value is part of the 2 data elements that indicate the transaction was processed electronically. This should be passed on the authorization transaction to the Gateway/Processor. Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 - Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field" }, "signature_verification": { "type": "string", "description": "Transaction Signature status identifier. Possible Values: Y - Indicates that the signature of the PARes has been validated successfully and the message contents can be trusted. N - Indicates that the PARes could not be validated. This result could be for a variety of reasons; tampering, certificate expiration, etc., and the result should not be trusted." }, "ds_transaction_id": { "type": "string", "description": "Unique transaction identifier assigned by the Directory Server (DS) to identify a single transaction. NOTE: Required for Mastercard Identity Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0) transactions" }, "acs_url": { "type": "string", "description": "The fully qualified URL to redirect the Consumer to complete the Consumer Authentication transaction. NOTE: Available if Enrolled = Y" }, "card_brand": { "type": "string", "description": "Card Brand" }, "network_score": { "maxLength": 2, "type": "string", "description": "The global score calculated by the CB Scoring platform." }, "challenge_cancel": { "type": "string", "description": "An indicator as to why the transaction was canceled. Possible Values: \n 01 - Cardholder selected Cancel 02 - Reserved for future EMVCo use (values invalid until defined by EMVCo). 03 - Transaction Timed Out\u2014Decoupled Authentication 04 - Transaction timed out at ACS\u2014other timeouts 05 - Transaction Timed out at ACS - First CReq not received by ACS 06 - Transaction Error 07 - Unknown 08 = Transaction Timed Out at SDK NOTE: Only present when the Consumer cancels the challenge. Decoupled authentication is not supported at this time.", "enum": [ "01", "02", "03", "04", "05", "06", "07", "8.0" ] }, "authorization_payload": { "pattern": "^(?:[A-Za-z0-9+\\/]{2}[A-Za-z0-9+\\/]{2})*(?:[A-Za-z0-9+\\/]{2}==|[A-Za-z0-9+\\/]{3}=)?$", "type": "string", "description": "The Base64 encoded JSON Payload of CB specific Authorization Values returned in the Frictionless Flow." }, "cavv": { "type": "string", "description": "Cardholder Authentication Verification Value (CAVV). This value should be appended to the authorization message signifying that the transaction has been successfully authenticated. It will be encoded according to the Merchant's configuration in either Base64 encoding or Hex encoding. A Base64 encoding Merchant configuration will produce values of 28 or 32 characters. A Hex encoding Merchant configuration will produce values of 40 or 48 characters. The value when decoded will either be 20 bytes for CAVV." }, "cavv_algorithm": { "type": "string", "description": "Indicates the algorithm used to generate the CAVV value. Possible Values: \n 2 - CVV with ATN 3 - Mastercard SPA algorithm" }, "pares_status": { "type": "string", "description": "Transactions status result identifier. Possible Values: Y - Successful Authentication N - Failed Authentication U - Unable to Complete Authentication A - Successful Attempts Transaction C - Challenge Required for Authentication R - Authentication Rejected (Merchant must not submit for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication 2.0.," }, "payload": { "type": "string", "description": "The encoded payment request generated by Centinel. NOTE: Available if Enrolled = Y." }, "xid": { "type": "string", "description": "Third Party Token that is returned from the token provider after a card number is specified on the request. NOTE: This field is returned if Tokenization is enabled in the Merchant profile setting AND the Merchant is using a third party token provider." }, "reason_code": { "type": "string", "description": "The error code indicating a problem with this transaction." }, "reason_desc": { "type": "string", "description": "Text and additional detail about the error for this transaction. NOTE: This field concatenates the errorDescription and errorDetail from the authentication response message." }, "cardholder_info": { "type": "string", "description": "Additional text provided by the Issuing Bank to the Cardholder during a Frictionless transaction and was not authenticated by the ACS. The Issuing Bank can optionally support this value." }, "acs_rendering_type": { "type": "string", "description": "Identifies the UI Type the ACS will use to complete the challenge. NOTE: Only available for App transactions using the Cardinal Mobile SDK and is optional for an Issuer to return." }, "acs_transaction_id": { "type": "string", "description": "Unique transaction identifier assigned by the ACS to identify a single transaction." }, "authentication_type": { "type": "string", "description": "Indicates the type of authentication that will be used to challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out of Band)" }, "challenge_required": { "type": "string", "description": "Indicates whether a challenge is required to complete authentication. For example, regional mandates. Possible Values: Y - Challenge Required N - Challenge Not Required" }, "status_reason": { "type": "string", "description": "Provides additional information as to why the PAResStatus has the specific value. NOTE: Required for Payment (e.g. Authentication Indicator equals 01 on Lookup Request) transactions when PAResStatus is equal to N, U, or R in the Lookup Response" } } }