| Event | Description | Applicable Methods |
|---|---|---|
fz.sca.success | Emitted when 3DS validation completes successfully. The liability shifts from merchant to the card issuer. | renderPaymentsPage verifyCard |
fz.sca.error | Emitted when 3DS enrolment or validation failed. The payment attempt is deemed risky and merchant shall not proceed with the payment. | renderPaymentsPage verifyCard |
fz.sca.success Data Payload
| Attribute | Type | Description |
|---|---|---|
aav | string | Account Authentication Value. Unique 32-character transaction token for a 3D Secure transaction. For Mastercard Identity Check, the AAV is named the UCAF. For Visa Secure, the AAV is named the CAVV. |
cavv | string | Cardholder Authentication Verification Value. A Base64-encoded string sent back with Visa Secure-enrolled cards that specifically identifies the transaction with the issuing bank and Visa. Standard for collecting and sending AAV data for Visa Secure transactions. |
par | string | Payer Authentication Response. Compressed, Base64-encoded response from the card-issuing bank |
sli | string | The Security Level Indicator for 3DS transactions |
xid | string | String used by both Visa and Mastercard which identifies a specific transaction on the Directory Servers. This string value should remain consistent throughout a transaction’s history. |
ucaf | string | Universal Cardholder Authentication Field. Mastercard only. |
ver | string | 3DS enrolment status. |
directoryServerTxnId | string | Directory server transaction Id |
threedsVersion | string | 3DS version used for verifying the intended payment. |
{
message: "xxx",
data: {
aav: "xxx",
cavv: "xxx",
par: "xxx",
sli: "xxx",
xid: "xxx",
ucaf: "xxx",
ver: "xxx",
directoryServerTxnId: "xxx",
threedsVersion: "xxx",
}
}
fz.sca.error Data Payload
| Attribute | Type | Description |
|---|---|---|
errorCode | string | Error code for specific 3DS/SCA failure scenario. errorCode will be not be present in the event of request timeout or server error See below for error code mapping. |
// Request timeout, server error, etc. Prompt user to retry.
{
errors: ["xxx"],
data: null
}
// 3DS2 authentication failed. The card is deemed risky by issuer.
{
errors: ["xxx"],
data: {
errorCode: "xxx"
}
}
3DS/SCA Error Code Mapping
| Error Code | Description |
|---|---|
001 | Bypassed authentication This is related to a feature that is currently not available. We will look at providing merchants the ability to configure rules to determine whether authentication is required for a transaction. -- No liability shift |
002 | Authentication not available on lookup Unable to verify 3DS enrolment status with the issuer. -- No liability shift |
003 | Unavailable frictionless authentication 3DS authentication is unavailable with the issuer. -- No liability shift |
004 | Unsuccessful frictionless authentication The issuer deems the transaction as risky -- No liability shift |
005 | Rejected frictionless authentication -- No liability shift |
006 | Unsuccessful step-up authentication Unsuccessful authentication due to failed OTP (one time password) challenge. -- No liability shift |
007 | Unavailable step-up authentication The card holder is enrolled for 3DS, but authentication is not available with that issuer. -- No liability shift |
Updated over 2 years ago