Description of request parameters
Parameter | Necessity | Description |
---|---|---|
Operation | Yes | Type of transaction. Fixed value: Process3DSAuth |
Step | Yes | Verification stage. Fixed value: AREQ |
OrderID | Yes | ID of the order on which the operation is to be performed |
Merchant | Yes | Merchant ID. |
AddParams.threeDSCompInd | Yes | A flag indicating the result of a 3DSMethod call. |
AddParams.threeDSRequestorAuthenticationInd | Yes | The type of request being made that required 3-D Secure authentication:
If there are no special conditions, the desired value is 01. |
AddParams.transType | Yes | The type of transaction being authenticated. Possible values:
If there are no special conditions, the desired value is 01. |
AddParams.messageCategory | Yes | Category of the message. Possible values:
Currently supported value: 01 - PA (financial transaction); |
AddParams.addrMatch | No | Parameter indicating the match / mismatch of the delivery address of the goods with the address of the cardholder. Possible values:
|
AddParams.billAddrCity | No | City where the cardholder's address is located |
AddParams.billAddrCountry | No | Three-character country code (in ISO 3166-1 format) in which the cardholder's address is located |
AddParams.billAddrLine1 | No | First line of the cardholder's address |
AddParams.billAddrLine2 | No | Second line of the cardholder's address |
AddParams.billAddrLine3 | No | Third line of the cardholder's address |
AddParams.billAddrPostCode | No | Postal code of the cardholder's address |
AddParams.billAddrState | No | State or province (in ISO 3166-2 format) where the cardholder's address is located |
AddParams.shipAddrCity | No | Delivery city |
AddParams.shipAddrCountry | No | Three-character code for the country of delivery of the goods (in ISO 3166-1 format) |
AddParams.shipAddrLine1 | No | The first line of the delivery address of the goods |
AddParams.shipAddrLine1 | No | The second line of the delivery address of the goods |
AddParams.shipAddrLine1 | No | The third line of the delivery address of the goods |
AddParams.shipAddrPostCode | No | Postal code of delivery of the goods |
AddParams.shipAddrState | No | State or area of delivery of goods in ISO 3166-2 format |
AddParams.email | No | Cardholder's email address |
AddParams.homePhone | No | The cardholder's home phone number. The parameter value is specified in JSON format: {"cc": "7", "subscriber": "9998887766"} where: cc is the telephone code of the country; subscriber - telephone number (i.e. a sequence of digits assigned to a telephone network subscriber) |
AddParams.workPhone | No | The cardholder's work phone number. The value of the parameter is specified in the same way as the value of the homePhone parameter |
AddParams.mobilePhone | No | Mobile phone number of the cardholder. The value of the parameter is specified in the same way as the value of the homePhone parameter |
AddParams.threeDSRequestorAuthenticationInfo | No | Information about the authentication of the cardholder in the online store. The parameter value is specified in JSON format. {"threeDSReqAuthMethod": "01", "threeDSReqAuthTimestamp": "201707071212", "threeDSReqAuthData": "kjsn7fh83h4fiiifbsedbf3ins42o5hjo2mdnhiowwer234f4f"} where: threeDSReqAuthMethod - the method used by the cardholder to authenticate in the online store; threeDSReqAuthTimestamp - date and time of cardholder authentication. The value format is YYYYMMDDHHMM; threeDSReqAuthData - data about the cardholder authentication procedure |
AddParams.threeDSRequestorChallengeInd | No | Parameter indicating the need for additional user authentication through a request authentication data. Possible values:
|
AddParams.threeDSRequestorPriorAuthenticationInfo | No | Information about the authentication of the cardholder in the online store during the previous transaction. The parameter value is specified in JSON format. {"threeDSReqPriorRef": "93f58edb-c916-4b76-ad3a-97b2c0562467", "threeDSReqPriorAuthMethod": "01", "threeDSReqPriorAuthTimestamp": "201707071212", "threeDSReqPriorAuthData": "515615661565 146w451d761a63da65d"} where: threeDSReqPriorRef is the identifier of the previous transaction, during which the cardholder was successfully authenticated using 3-D Secure. threeDSReqPriorAuthMethod - the method that was used by the cardholder to perform the previous authentication in the online store. threeDSReqPriorAuthTimestamp - the date and time of the previous cardholder authentication. The value format is YYYYMMDDHHMM. threeDSReqPriorAuthData - data about the previous authentication procedure |
AddParams.acctType | No | Cardholder account type. Possible values:
|
AddParams.acctID | No | Additional information about the cardholder account in the online store |
AddParams.acctInfo | No | Additional information about the cardholder's account in the online store. The parameter value is specified in JSON format. {"chAccAgeInd": "1", "chAccDate": "20170707", "chAccChangeInd": "1", "chAccChange": "20170707","chAccPwChangeInd": "1", "chAccPwChange": "20170707", " shipAddressUsageInd": "1","shipAddressUsage": "20170707", "txnActivityDay": "100", "txnActivityYear": "100","provisionAttemptsDay": "100", "nbPurchaseAccount": "1000","suspiciousAccActivity" : "1","shipNameIndicator": "1","paymentAccInd": "1","paymentAccAge": "20170707"} Where:
|
AddParams.merchantRiskIndicator | No | The Merchant's estimated level of risk associated with a particular authentication. The parameter value is specified in JSON format. {"shipIndicator": "01","deliveryTimeframe": "1","deliveryEmailAddress": "test@test.ru","reorderItemsInd": "1","preOrderPurchaseInd": "1","preOrderDate": " 20170707","giftCardAmount": "123","giftCardCurr": "643","giftCardCount": "02"} Where:
|
AddParams.threeDSRequestorNPAInd | No | Type of non-financial transaction. Possible values:
|
AddParams.payTokenInd | No | A flag indicating the use of a token instead of a card number. The only possible value is true |
SessionID | Yes | Order session ID |
PAN | Yes | Card number |
PAN2 | No | The recipient's card number. Mandatory when performing a P2PTransfer operation |
ExpDate | Yes | Card expiration date in YYMM format. |
CVV2 | Yes | CVV2 cards. If CVV2 was not entered, it is necessary to pass the value '-1' (minus one) |
AReqDetails.OrderID | Yes | ID of the order on which the operation is to be performed |
AReqDetails.browserAcceptHeader | Yes | The content of the customer's browser HTTP headers. Maximum value - 2048 characters |
AReqDetails.browserColorDepth | Yes | A value representing the bit depth of the color palette for displaying images, in bits per pixel. The maximum value is 2 characters. Possible values:
|
AReqDetails.browserIP | Yes | Browser IP address. Possible value formats:
|
AReqDetails.browserLanguage | Yes | Browser language as specified in IETF BCP47. Maximum value - 8 characters |
AReqDetails.browserScreenHeight | Yes | The total height (in pixels) of the screen displayed to the cardholder. Maximum value - 6 characters |
AReqDetails.browserScreenWidth | Yes | The total width (in pixels) of the screen displayed to the cardholder. Maximum value - 6 characters |
AReqDetails.browserTZ | Yes | The time difference between UTC and the local time of the user's browser. Maximum value - 5 characters |
AReqDetails.browserUserAgent | Yes | The content of the User-Agent HTTP header. Maximum value - 2048 characters |
AReqDetails.browserJavaEnabled | Yes | Ability to execute JavaScript in the cardholder's browser. Possible values:
|
AReqDetails.threeRIInd | Yes | The type of request that the merchant performs without the participation of the cardholder (recurring payments). Possible values:
|
AReqDetails.notificationUrl | Yes | The URL of the service provider to which the CRes POST message from ACS is returned after performing cardholder verification on challenge-flow. |
AReqDetails.deviceChannel | Yes | The type of device from which the transaction was initiated. Possible values:
At the moment, only the value is available: 02 - the user's browser (Browser). |
CReqDetails.WindowWidth | Yes | Width of the browser window (in pixels) in which pages of the Merchant's website are displayed |
CReqDetails.WindowHeight | Yes | Height of the browser window (in pixels) in which pages of the merchant's website are displayed |
XML response for version 2.1 with challenge-flow and the need to redirect the cardholder to the ACS page
Challenge-Flow XML response has the following format |
---|
<?xml version="1.0" encoding="UTF-8"?> <TKKPG> <Response> <Operation>Process3DSAuth</Operation> <NextStep>CRES</NextStep> <Refinement> <RefinementType>CREQ</RefinementType> <AcsURL>https://acs2-test.procard.com.ua/index.jsp</AcsURL> <CReq>ewogICJhYх... skip ...]IKfQ==</CReq> <AcsChallengeMandated>N</AcsChallengeMandated> </Refinement> <Status>00</Status> <ARes>{ "threeDSServerTransID" : "b256141f-3e02-45cd-8d77-3129d01a7bed", "acsTransID" : "de56da5e-56cc-4f03-9a0d-4accfe320096", "dsTransID" : "f7b253a3-3011-4dfe-b336-a6ad91ab6f77", "messageType" : "ARes", "messageVersion" : "2.1.0", "acsReferenceNumber" : "3DS_LOA_ACS_PPFU_020100_00013", "acsChallengeMandated" : "N", "acsOperatorID" : "acsOperatorUL", "acsURL" : "https://acs2-test.procard.com.ua/index.jsp", "authenticationType" : "03", "dsReferenceNumber" : "LOCAL_DS_123", "transStatus" : "C" }</ARes> </Response> </TKKPG> |
Description of XML response parameters for 3DS 2.1 Challenge-Flow version
Parameter | Description |
---|---|
Status | Result of the request:
|
NextStep | Specifies the next validation step. Fixed value: CRES |
Operation | Type of operation performed |
Refinement.RefinementType | Type of data to be passed in the next step: Fixed value: CREQ |
Refinement.AcsURL | ACS Server URL |
Refinement.CReq | CReq message, in a POST message that needs to be generated in the customer's browser when redirected to the card issuer's ACS. |
Refinement.AcsChallengeMandated | Indicates that a Challenge Flow script needs to be run due to local/regional mandate requirements Values: Y/N |
ARes | ARes message received from the issuer's ACS in JSON format |
Description of XML response parameters for non-3DS version - financial transaction
XML response has the following format |
---|
<?xml version="1.0" encoding="UTF-8"?> <TKKPG> <Response> <Operation>Process3DSAuth</Operation> <Status>00</Status> <Result> <XMLOut>(Field descriptions see below)</XMLOut> </Result> </Response> </TKKPG> |