Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 21

This page describes the structure of the Process3DSAuth administrative operation on the payment portal of the PC "Procard" using PC-ECOM-PG

The structure of the administrative operation Process3DSAuth of the PC-ECOM-PG product is represented as an XML request sent to the payment portal of the PC "Procard" with variable parameters, to which an XML response is also received with variable parameters.

The content of the XML request and XML response are described as follows:

XML-request

XML request has the following format

<TKKPG>
 <Request>
  <Operation>Process3DSAuth</Operation>
  <Step>AREQ</Step>
  <Order>
   <OrderID>818</OrderID>
   <Merchant>TEST_TRADER_2</Merchant>
   <AddParams>
    <threeDSCompInd>U</threeDSCompInd>
    <threeDSRequestorAuthenticationInd>01</threeDSRequestorAuthenticationInd>
    <transType>01</transType>
    <messageCategory>01</messageCategory>
   </AddParams>
  </Order>
  <SessionID>F59D2EA727E3B606610EB644D1B05128</SessionID>
  <PAN>4012000000003010</PAN>
  <PAN2/>
  <ExpDate>2012</ExpDate>
  <CVV2>123</CVV2>
  <AReqDetails>
   <OrderID>158544</OrderID>
   <browserAcceptHeader>application/json,application/jose;charset=utf-8</browserAcceptHeader>
   <browserColorDepth>24</browserColorDepth>
   <browserIP>127.0.0.1</browserIP>
   <browserLanguage>ru</browserLanguage>
   <browserScreenHeight>1080</browserScreenHeight>
   <browserScreenWidth>1920</browserScreenWidth>
   <browserTZ>-120</browserTZ>
   <browserUserAgent>Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0</browserUserAgent>
   <threeRIInd/>
   <browserJavaEnabled>false</browserJavaEnabled>
   <notificationUrl>http://sp-provider-post-url</notificationUrl>
   <deviceChannel>02</deviceChannel>
  </AReqDetails>
  <CReqDetails>
   <WindowWidth>1600</WindowWidth>
   <WindowHeight>950</WindowHeight>
  </CReqDetails>
 </Request>
</TKKPG>

On this page:

Description of request parameters

Parameter

Necessity

Description

Operation

Yes

Type of transaction. Fixed value: Process3DSAuth

Step

Yes

Verification stage. Fixed value: AREQ

OrderID

Yes

ID of the order on which the operation is to be performed

Merchant

Yes

Merchant ID.

AddParams.threeDSCompInd

Yes

A flag indicating the result of a 3DSMethod call.
Fixed value: U

AddParams.threeDSRequestorAuthenticationInd

Yes

The type of request being made that required 3-D Secure authentication:

  • 01 (payment);

  • 02 (periodic payment/transfer);

  • 03 (partial payment);

  • 04 (adding a card);

  • 05 (card saving);

  • 06 (verification of the cardholder as part of the identification and verification of the EMV token)

If there are no special conditions, the desired value is 01.

AddParams.transType

Yes

The type of transaction being authenticated. Possible values:

  • 01 - purchase of services / goods;

  • 03 - acceptance of checks for repayment;

  • 10 - replenishment of accounts;

  • 11 - transactions using quasi-cash;

  • 28 - Activate and download prepaid codes

If there are no special conditions, the desired value is 01.

AddParams.messageCategory

Yes

Category of the message. Possible values:

  • 01 - PA (financial transaction);

  • 02 - NPA (non-financial transaction)

Currently supported value: 01 - PA (financial transaction);




AddParams.addrMatch

No

Parameter indicating the match / mismatch of the delivery address of the goods with the address of the cardholder. Possible values:

  • Y - the delivery address of the goods matches the address of the cardholder;

  • N - the delivery address of the goods does not match the address of the cardholder

AddParams.billAddrCity

No

City where the cardholder's address is located

AddParams.billAddrCountry

No

Three-character country code (in ISO 3166-1 format) in which the cardholder's address is located

AddParams.billAddrLine1

No

First line of the cardholder's address

AddParams.billAddrLine2

No

Second line of the cardholder's address

AddParams.billAddrLine3

No

Third line of the cardholder's address

AddParams.billAddrPostCode

No

Postal code of the cardholder's address

AddParams.billAddrState

No

State or province (in ISO 3166-2 format) where the cardholder's address is located

AddParams.shipAddrCity

No

Delivery city

AddParams.shipAddrCountry

No

Three-character code for the country of delivery of the goods (in ISO 3166-1 format)

AddParams.shipAddrLine1

No

The first line of the delivery address of the goods

AddParams.shipAddrLine1

No

The second line of the delivery address of the goods

AddParams.shipAddrLine1

No

The third line of the delivery address of the goods

AddParams.shipAddrPostCode

No

Postal code of delivery of the goods

AddParams.shipAddrState

No

State or area of ​​delivery of goods in ISO 3166-2 format

AddParams.email

No

Cardholder's email address

AddParams.homePhone

No

The cardholder's home phone number.

The parameter value is specified in JSON format:

{"cc": "7", "subscriber": "9998887766"}

where: cc is the telephone code of the country; subscriber - telephone number (i.e. a sequence of digits assigned to a telephone network subscriber)

AddParams.workPhone

No

The cardholder's work phone number. The value of the parameter is specified in the same way as the value of the homePhone parameter

AddParams.mobilePhone

No

Mobile phone number of the cardholder. The value of the parameter is specified in the same way as the value of the homePhone parameter

AddParams.threeDSRequestorAuthenticationInfo

No

Information about the authentication of the cardholder in the online store.

The parameter value is specified in JSON format.

{"threeDSReqAuthMethod": "01", "threeDSReqAuthTimestamp": "201707071212", "threeDSReqAuthData": "kjsn7fh83h4fiiifbsedbf3ins42o5hjo2mdnhiowwer234f4f"}

where:

threeDSReqAuthMethod - the method used by the cardholder to authenticate in the online store;

threeDSReqAuthTimestamp - date and time of cardholder authentication. The value format is YYYYMMDDHHMM;

threeDSReqAuthData - data about the cardholder authentication procedure

AddParams.threeDSRequestorChallengeInd

No

Parameter indicating the need for additional user authentication through a request authentication data. Possible values:

  • 01 - no preference;

  • 02 - additional authentication is not required;

  • 03 – additional authentication requested by merchant;

  • 04 - additional authentication required

AddParams.threeDSRequestorPriorAuthenticationInfo

No

Information about the authentication of the cardholder in the online store during the previous transaction.

The parameter value is specified in JSON format.

{"threeDSReqPriorRef": "93f58edb-c916-4b76-ad3a-97b2c0562467", "threeDSReqPriorAuthMethod": "01", "threeDSReqPriorAuthTimestamp": "201707071212", "threeDSReqPriorAuthData": "515615661565 146w451d761a63da65d"} where:

threeDSReqPriorRef is the identifier of the previous transaction, during which the cardholder was successfully authenticated using 3-D Secure.

threeDSReqPriorAuthMethod - the method that was used by the cardholder to perform the previous authentication in the online store.

threeDSReqPriorAuthTimestamp - the date and time of the previous cardholder authentication. The value format is YYYYMMDDHHMM.

threeDSReqPriorAuthData - data about the previous authentication procedure

AddParams.acctType

No

Cardholder account type. Possible values:

  • 01 - not applicable;

  • 02 - credit;

  • 03 - debit

AddParams.acctID

No

Additional information about the cardholder account in the online store

AddParams.acctInfo

No

Additional information about the cardholder's account in the online store.

The parameter value is specified in JSON format.

{"chAccAgeInd": "1", "chAccDate": "20170707", "chAccChangeInd": "1", "chAccChange": "20170707","chAccPwChangeInd": "1", "chAccPwChange": "20170707", " shipAddressUsageInd": "1","shipAddressUsage": "20170707", "txnActivityDay": "100", "txnActivityYear": "100","provisionAttemptsDay": "100", "nbPurchaseAccount": "1000","suspiciousAccActivity" : "1","shipNameIndicator": "1","paymentAccInd": "1","paymentAccAge": "20170707"}

Where:

  • chAccAgeInd – the period of time during which the cardholder's account exists in the online store.

  • chAccDate - the date when the account was created in the online store. The value format is YYYYMMDD.

  • chAccChangeInd - the period of time that has passed since the last receipt of information about the cardholder's account.

  • chAccChange – the date of the last change of the cardholder's account in the online store. The value format is YYYYMMDD.

  • chAccPwChangeInd - The time period since the last account password change or account recovery.

  • chAccPwChange - the date the password was changed or the account was restored. The value format is YYYYMMDD.

  • shipAddressUsageInd - parameter indicating the moment of the first use of the delivery address of the goods specified for this transaction in the online store.

  • shipAddressUsage - the date of the first use of the delivery address of the goods in the online store. The value format is YYYYMMDD.

  • txnActivityDay - the number of transactions carried out by the cardholder through the account in the online store in the last 24 hours.

  • txnActivityYear - the number of transactions carried out by the cardholder through the account in the online store in the last year.

  • provisionAttemptsDay - number of attempts to add a card to the e-wallet in the last 24 hours.

  • nbPurchaseAccount - the number of purchases made by the cardholder through the account in the online store in the last 6 months.

  • suspiciousAccActivity - a parameter indicating the presence / absence of suspicious activity in the cardholder's account.

  • shipNameIndicator – a parameter indicating the match / mismatch of the cardholder's name specified in the account with the name of the recipient of the goods.

  • paymentAccInd is a parameter indicating the period of time during which the payment instrument is registered in the cardholder's account in the online store.

  • paymentAccAge – the date of registration of the payment instrument in the cardholder's account in the online store. Value format - YYYYMMDD

AddParams.merchantRiskIndicator

No

The Merchant's estimated level of risk associated with a particular authentication. The parameter value is specified in JSON format.

{"shipIndicator": "01","deliveryTimeframe": "1","deliveryEmailAddress": "test@test.ru","reorderItemsInd": "1","preOrderPurchaseInd": "1","preOrderDate": " 20170707","giftCardAmount": "123","giftCardCurr": "643","giftCardCount": "02"}

Where:

  • shipIndicator - method of delivery of goods.

  • deliveryTimeframe - the delivery time of the goods.

  • deliveryEmailAddress - the email address to which the product was delivered. The parameter is specified for electronic delivery.

  • reorderItemsInd - parameter indicating that the cardholder has reordered an item previously purchased by him.

  • preOrderPurchaseInd - parameter indicating that the cardholder has placed an order for a product that is out of stock.

  • preOrderDate - expected date of product availability. The value format is YYYYMMDD.

  • giftCardAmount - The total amount of prepaid codes or gift cards purchased by the cardholder, in base currency units. For example, for the amount of 123.45 USD, the value is 123.

  • giftCardCurr - currency code of gift cards or prepaid codes purchased by the cardholder. The code is specified in accordance with ISO 4217.

  • giftCardCount - total number of gift cards or prepaid codes purchased by the cardholder

AddParams.threeDSRequestorNPAInd

No

Type of non-financial transaction. Possible values:

  • 01 - adding a card to an electronic wallet;

  • 02 - saving information on the card;

  • 03 - verification of the cardholder as part of the identification and EMV token checks

AddParams.payTokenInd

No

A flag indicating the use of a token instead of a card number. The only possible value is true




SessionID

Yes

Order session ID

PAN

Yes

Card number

PAN2

No

The recipient's card number. Mandatory when performing a P2PTransfer operation

ExpDate

Yes

Card expiration date in YYMM format.

CVV2

Yes

CVV2 cards. If CVV2 was not entered, it is necessary to pass the value '-1' (minus one)

AReqDetails.OrderID

Yes

ID of the order on which the operation is to be performed

AReqDetails.browserAcceptHeader

Yes

The content of the customer's browser HTTP headers. Maximum value - 2048 characters

AReqDetails.browserColorDepth

Yes

A value representing the bit depth of the color palette for displaying images, in bits per pixel. The maximum value is 2 characters.

Possible values:

  • 1 - 1 bit;

  • 4 - 4 bits;

  • 8 - 8 bits;

  • 15 - 15 bits;

  • 16 - 16 bits;

  • 24 - 24 bits;

  • 32 - 32 bits;

  • 48 - 48 bits.

AReqDetails.browserIP

Yes

Browser IP address. Possible value formats:

  • IPv4 address is specified as four groups of numbers in decimal notation, separated by a "." character. For example: 100.12.123.255.

  • IPv6 address is specified as eight groups of numbers in hexadecimal notation, separated by the ":" character. For example: 2011:0db8:85a3:0101:0101:8a2e:0370:7334

AReqDetails.browserLanguage

Yes

Browser language as specified in IETF BCP47. Maximum value - 8 characters

AReqDetails.browserScreenHeight

Yes

The total height (in pixels) of the screen displayed to the cardholder. Maximum value - 6 characters

AReqDetails.browserScreenWidth

Yes

The total width (in pixels) of the screen displayed to the cardholder. Maximum value - 6 characters

AReqDetails.browserTZ

Yes

The time difference between UTC and the local time of the user's browser. Maximum value - 5 characters

AReqDetails.browserUserAgent

Yes

The content of the User-Agent HTTP header. Maximum value - 2048 characters

AReqDetails.browserJavaEnabled

Yes

Ability to execute JavaScript in the cardholder's browser. Possible values:

  • true

  • false

AReqDetails.threeRIInd

Yes

The type of request that the merchant performs without the participation of the cardholder (recurring payments). Possible values:

  • 01 (periodic payment/transfer);

  • 02 (partial payment);

  • 03 (adding card);

  • 04 (saving card information);

  • 05 (account identification);

  • 80-99 (values ​​reserved for DS use)

AReqDetails.notificationUrl

Yes

The URL of the service provider to which the CRes POST message from ACS is returned after performing cardholder verification on challenge-flow.

AReqDetails.deviceChannel

Yes

The type of device from which the transaction was initiated. Possible values:

  • 01 - merchant mobile application (App-based);

  • 02 - user's browser (Browser);

  • 03 - online store (3DS Requestor)

At the moment, only the value is available: 02 - the user's browser (Browser).

CReqDetails.WindowWidth

Yes

Width of the browser window (in pixels) in which pages of the Merchant's website are displayed

CReqDetails.WindowHeight

Yes

Height of the browser window (in pixels) in which pages of the merchant's website are displayed

XML response for version 2.1 with challenge-flow and the need to redirect the cardholder to the ACS page

Challenge-Flow XML response has the following format

<?xml version="1.0" encoding="UTF-8"?>
<TKKPG>
 <Response>
  <Operation>Process3DSAuth</Operation>
  <NextStep>CRES</NextStep>
  <Refinement>
   <RefinementType>CREQ</RefinementType>
   <AcsURL>https://acs2-test.procard.com.ua/index.jsp</AcsURL>
   <CReq>ewogICJhYх... skip ...]IKfQ==</CReq>
   <AcsChallengeMandated>N</AcsChallengeMandated>
  </Refinement>
  <Status>00</Status>
  <ARes>{ "threeDSServerTransID" : "b256141f-3e02-45cd-8d77-3129d01a7bed", "acsTransID" : "de56da5e-56cc-4f03-9a0d-4accfe320096", "dsTransID" : "f7b253a3-3011-4dfe-b336-a6ad91ab6f77", "messageType" : "ARes", "messageVersion" : "2.1.0", "acsReferenceNumber" : "3DS_LOA_ACS_PPFU_020100_00013", "acsChallengeMandated" : "N", "acsOperatorID" : "acsOperatorUL", "acsURL" : "https://acs2-test.procard.com.ua/index.jsp", "authenticationType" : "03", "dsReferenceNumber" : "LOCAL_DS_123", "transStatus" : "C" }</ARes>
</Response>
</TKKPG>

Description of XML response parameters for 3DS 2.1 Challenge-Flow version

Parameter

Description

Status

Result of the request:

  • 00 - successful

  • 30 - invalid message format (no required parameters, etc.)

  • 10 - merchant does not have access to the order creation operation (or such merchant is not registered)

  • 54 - invalid operation

  • 72 - system error

  • 96 - system error

  • 97 - system error

NextStep

Specifies the next validation step. Fixed value: CRES

Operation

Type of operation performed

Refinement.RefinementType

Type of data to be passed in the next step: Fixed value: CREQ

Refinement.AcsURL

ACS Server URL

Refinement.CReq

CReq message, in a POST message that needs to be generated in the customer's browser when redirected to the card issuer's ACS.

Refinement.AcsChallengeMandated

Indicates that a Challenge Flow script needs to be run due to local/regional mandate requirements

Values: Y/N

ARes

ARes message received from the issuer's ACS in JSON format

Description of XML response parameters for non-3DS version - financial transaction

XML response has the following format

<?xml version="1.0" encoding="UTF-8"?>
<TKKPG>
 <Response>
  <Operation>Process3DSAuth</Operation>
  <Status>00</Status>
  <Result>
   <XMLOut>(Field descriptions see below)</XMLOut>
  </Result>
 </Response>
</TKKPG>

< Field descriptions>

Related pages:

There are no items with the selected labels at this time.

  • No labels

Copyright © 2015-2021 PROCARD