Check 3DS Enrollment

Request to check a cardholder's enrollment in the 3DSecure scheme.

URL https://network.gateway.mastercard.com/api/nvp/version/32
HTTP Method POST
Authentication This operation requires authentication via one of the following methods:
  • Certificate authentication.
  • To authenticate to the API two additional NVP parameters must be supplied in the request. Provide 'merchant.<your gateway merchant ID>' in the apiUsername field and your API password in the apiPassword field.

Request Parameters

3DSecure   = COMPULSORY

Information on 3DSecure fields.
Fixed value

3DSecure.authenticationRedirect   = COMPULSORY

There are two options to generate the redirect page used to transfer the cardholder to the card Issuer's Access Control Server (ACS) for authentication:

1. Simple: submit the form generated by the gateway. In this case, only the htmlBodyContent parameter is required.
2. Customized: for those merchants who wish to customise the submission. In this case, the acsURL and paReq parameters will be required to formulate the submission.
Note: This field will only be returned in the event of a successful directory server lookup.
Fixed value

3DSecure.authenticationRedirect.responseUrl  Url = COMPULSORY

Typically, this will be the merchant's website URL, which must be URL encoded for special characters such spaces, hyphens, etc.
Existence
COMPULSORY
Fixed value
Validation Rules
Ensure that the URL begins with 'https' and is longer than 11 characters.
XSD type
string

3DSecureId  ASCII Text = COMPULSORY

It is first defined in the check3DSEnrollment operation, and then included in subsequent operations.It is not used when the authentication is performed externally.
Existence
COMPULSORY
Fixed value
Validation Rules
Data consists of ASCII characters
XSD type
string
minimum length
1
maximum length
64

apiOperation  String =CHECK_3DS_ENROLLMENT FIXED

Existence
FIXED
Fixed value
CHECK_3DS_ENROLLMENT
Validation Rules
Any sequence of zero or more unicode characters.
XSD type
string

merchant  Alphanumeric + additional characters = COMPULSORY

Existence
COMPULSORY
Fixed value
Validation Rules
Data may consist of the characters 0-9, a-z, A-Z, '-', '_'
XSD type
string
minimum length
1
maximum length
40

order   = COMPULSORY

Information about the order associated with this transaction.
Fixed value

order.amount  Decimal = COMPULSORY

Existence
COMPULSORY
Fixed value
Validation Rules
Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.
XSD type
string
minimum length
1
maximum length
14

order.currency  Upper case alphabetic text = COMPULSORY

Existence
COMPULSORY
Fixed value
Validation Rules
Data must consist of the characters A-Z
XSD type
string
minimum length
3
maximum length
3

session.id  ASCII Text = OPTIONAL

Values provided in the request will override values contained in the session.
Existence
OPTIONAL
Fixed value
Validation Rules
Data consists of ASCII characters
XSD type
string
minimum length
31
maximum length
35

3DSecure   = COMPULSORY

Information on 3DSecure fields.
Fixed value

3DSecure.authenticationRedirect   = COMPULSORY

There are two options to generate the redirect page used to transfer the cardholder to the card Issuer's Access Control Server (ACS) for authentication:

1. Simple: submit the form generated by the gateway. In this case, only the htmlBodyContent parameter is required.
2. Customized: for those merchants who wish to customise the submission. In this case, the acsURL and paReq parameters will be required to formulate the submission.
Note: This field will only be returned in the event of a successful directory server lookup.
Fixed value

3DSecure.authenticationRedirect.pageGenerationMode  Enumeration = OPTIONAL

The response to the Check 3DS Enrollment operation will include the information required for the selected option. By default, the Simple option is used.
Existence
OPTIONAL
Fixed value
Validation Rules
An enumeration to allow a user to specify if they wish to adopt a customized solution or a simple solution.
XSD type
string
Value must be a member of the following list. The values are case sensitive.
CUSTOMIZED
A strategy to indicate that the user wishes to customize the response
SIMPLE
A simple interaction model where the response is complete and no user intervention is required.

3DSecure.authenticationRedirect.responseUrl  Url = COMPULSORY

Typically, this will be the merchant's website URL, which must be URL encoded for special characters such spaces, hyphens, etc.
Existence
COMPULSORY
Fixed value
Validation Rules
Ensure that the URL begins with 'https' and is longer than 11 characters.
XSD type
string

3DSecure.authenticationRedirect.simple   = OPTIONAL

The details required by the system to generate the HTML page as specified in the Simple option.
Fixed value

3DSecure.authenticationRedirect.simple.expectedHtmlEncoding  Enumeration = OPTIONAL

Existence
OPTIONAL
Fixed value
Validation Rules
The available HTML Encoding options that a client may request.
XSD type
string
Value must be a member of the following list. The values are case sensitive.
ASCII
ISO_8859_1
Latin1
UTF_8

3DSecure.authenticationRedirect.simple.redirectDisplayBackgroundColor  Alphanumeric + additional characters = OPTIONAL

By default, the color is set to #FFFFFF.
Existence
OPTIONAL
Fixed value
Validation Rules
Data may consist of the characters 0-9, a-z, A-Z, '#'
XSD type
string
minimum length
4
maximum length
7

3DSecure.authenticationRedirect.simple.redirectDisplayContinueButtonText  String = OPTIONAL

By default, the button text is set to "Click here to continue".
Existence
OPTIONAL
Fixed value
Validation Rules
Data can consist of any characters
XSD type
string
minimum length
1
maximum length
40

3DSecure.authenticationRedirect.simple.redirectDisplayTitle  String = OPTIONAL

By default, the title is set to "Process secure Payment".
Existence
OPTIONAL
Fixed value
Validation Rules
Data can consist of any characters
XSD type
string
minimum length
1
maximum length
200

3DSecure.goodsDescription  String = OPTIONAL

If supported by the ACS, this description will be displayed on the authentication page where the cardholder types in their secret password.
Existence
OPTIONAL
Fixed value
Validation Rules
Data can consist of any characters
XSD type
string
minimum length
0
maximum length
30

3DSecureId  ASCII Text = COMPULSORY

It is first defined in the check3DSEnrollment operation, and then included in subsequent operations.It is not used when the authentication is performed externally.
Existence
COMPULSORY
Fixed value
Validation Rules
Data consists of ASCII characters
XSD type
string
minimum length
1
maximum length
64

apiOperation  String =CHECK_3DS_ENROLLMENT FIXED

Existence
FIXED
Fixed value
CHECK_3DS_ENROLLMENT
Validation Rules
Any sequence of zero or more unicode characters.
XSD type
string

correlationId  String = OPTIONAL

The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.
Existence
OPTIONAL
Fixed value
Validation Rules
Data can consist of any characters
XSD type
string
minimum length
1
maximum length
100

currencyConversion   = OPTIONAL

If you requested a rate quote via the gateway, provide the requestId as returned in the PAYMENT_OPTIONS_INQUIRY response. For rate quote requests performed outside the gateway, you must at least provide payer amount, payer currency, provider and payer exchange rate.

You can only provide DCC information on the initial transaction for an order. If provided on subsequent transactions or an order, DCC information will be ignored.
Fixed value

currencyConversion.exchangeRateTime  DateTime = OPTIONAL

The timestamp may need to be displayed to the payer on the merchant site to satisfy regulatory requirements.
Existence
OPTIONAL
Fixed value
Validation Rules
An instant in time expressed in ISO8601 date + time format - "YYYY-MM-DDThh:mm:ss.SSSZ"
XSD type
string

currencyConversion.marginPercentage  Decimal = OPTIONAL

The margin percentage may need to be displayed to the payer on the merchant site to satisfy regulatory requirements.
Existence
OPTIONAL
Fixed value
Validation Rules
Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.
XSD type
string
minimum length
1
maximum length
8

currencyConversion.payerAmount  Decimal = OPTIONAL

You must include this field if the payer accepted the DCC offer you presented to them.
Existence
OPTIONAL
Fixed value
Validation Rules
Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.
XSD type
string
minimum length
1
maximum length
14

currencyConversion.payerCurrency  Upper case alphabetic text = OPTIONAL

The currency must be expressed as an ISO 4217 alpha code, e.g. USD and must be different to that provided for transaction currency. You must include this field if the payer accepted the DCC offer you presented to them.
Existence
OPTIONAL
Fixed value
Validation Rules
Data must consist of the characters A-Z
XSD type
string
minimum length
3
maximum length
3

currencyConversion.payerExchangeRate  Decimal = OPTIONAL

The payer exchange rate includes the foreign exchange markup (marginPercentage). The payer exchange rate is displayed to the payer on the merchant site.
Existence
OPTIONAL
Fixed value
Validation Rules
Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.
XSD type
string
minimum length
1
maximum length
19

currencyConversion.provider  Enumeration = OPTIONAL

This data is for information purposes, and may be useful if you use multiple DCC providers.
Existence
OPTIONAL
Fixed value
Validation Rules
XSD type
string
Value must be a member of the following list. The values are case sensitive.
FEXCO
TRAVELEX_CURRENCY_SELECT

currencyConversion.providerReceipt  String = OPTIONAL

Existence
OPTIONAL
Fixed value
Validation Rules
Data can consist of any characters
XSD type
string
minimum length
1
maximum length
100

currencyConversion.requestId  String = OPTIONAL

Existence
OPTIONAL
Fixed value
Validation Rules
Data can consist of any characters
XSD type
string
minimum length
1
maximum length
100

currencyConversion.uptake  Enumeration = OPTIONAL

If not provided, this value defaults to NOT_REQUIRED.
Existence
OPTIONAL
Fixed value
Validation Rules
XSD type
string
Value must be a member of the following list. The values are case sensitive.
ACCEPTED
The payer accepted the DCC offer and pays in their own currency. The conditions of the rate quote are applied in the processing of this transaction.
DECLINED
The payer declined the DCC offer and pays in your transaction currency.
NOT_AVAILABLE
A rate quote was requested, but no DCC offer was provided. For rate quotes via the gateway the PAYMENT_OPTION_INQUIRY response contains a currencyConversion.gatewayCode other than QUOTE_PROVIDED.
NOT_REQUIRED
DCC is not required for this transaction.

merchant  Alphanumeric + additional characters = COMPULSORY

Existence
COMPULSORY
Fixed value
Validation Rules
Data may consist of the characters 0-9, a-z, A-Z, '-', '_'
XSD type
string
minimum length
1
maximum length
40

order   = COMPULSORY

Information about the order associated with this transaction.
Fixed value

order.amount  Decimal = COMPULSORY

Existence
COMPULSORY
Fixed value
Validation Rules
Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.
XSD type
string
minimum length
1
maximum length
14

order.currency  Upper case alphabetic text = COMPULSORY

Existence
COMPULSORY
Fixed value
Validation Rules
Data must consist of the characters A-Z
XSD type
string
minimum length
3
maximum length
3

session.id  ASCII Text = OPTIONAL

Values provided in the request will override values contained in the session.
Existence
OPTIONAL
Fixed value
Validation Rules
Data consists of ASCII characters
XSD type
string
minimum length
31
maximum length
35

session.version  ASCII Text = OPTIONAL

Do this if you make business decisions based on data from the session and wish to ensure that the same data is being used for the request operation.

To use optimistic locking, record session.version when you make your decisions, and then pass that value in session.version when you submit your request operation to the gateway.

If session.version provided by you does not match that stored against the session, the gateway will reject the operation with error.cause=INVALID_REQUEST.

See Making Business Decisions Based on Session Content.
Existence
OPTIONAL
Fixed value
Validation Rules
Data consists of ASCII characters
XSD type
string
minimum length
10
maximum length
10

sourceOfFunds   = OPTIONAL

For card payments these may be represented by combining one or more of the following: explicitly provided card details, a session identifier which the gateway will use to look up the card details and/or a card token. Precedence rules will be applied in that explicitly provided card details will override session card details which will override card token details. Each of these may represent partial card details, however the combination must result in a full and complete set of card details. See Using Multiple Sources of Card Details for examples.
Fixed value

sourceOfFunds.provided   = OPTIONAL

For browser payments, the source of funds details are usually collected from the payer on the payment provider's website and provided to you when you retrieve the transaction details (for a successful transaction). However, for some payment types (such as giropay), you must collect the information from the payer and supply it here.
Fixed value

sourceOfFunds.provided.card   = OPTIONAL

Details as shown on the card.
Fixed value

sourceOfFunds.provided.card.expiry   = COMPULSORY

Expiry date, as shown on the card.
Fixed value

sourceOfFunds.provided.card.expiry.month  Digits = COMPULSORY

Months are numbered January=1, through to December=12.
Existence
COMPULSORY
Fixed value
Validation Rules
Data is a number between 1 and 12 represented as a string.
XSD type
string

sourceOfFunds.provided.card.expiry.year  Digits = COMPULSORY

The Common Era year is 2000 plus this value.
Existence
COMPULSORY
Fixed value
Validation Rules
Data is a string that consists of the characters 0-9.
XSD type
string
minimum length
2
maximum length
2

sourceOfFunds.provided.card.number  Digits = OPTIONAL

Existence
OPTIONAL
Fixed value
Validation Rules
Data is a string that consists of the characters 0-9.
XSD type
string
minimum length
9
maximum length
19

sourceOfFunds.token  Alphanumeric = OPTIONAL

Existence
OPTIONAL
Fixed value
Validation Rules
Data may consist of the characters 0-9, a-z, A-Z
XSD type
string
minimum length
1
maximum length
40

Response Parameters

3DSecure   = Always Provided

Data representing the 3DS results or enrollment state
Fixed value

3DSecure.summaryStatus  Enumeration = Always Provided

For detailed information on the authentication result, see gatewayCode.
Existence
Always Provided
Fixed value
Validation Rules
XSD type
string
Value must be a member of the following list. The values are case sensitive.
AUTHENTICATION_ATTEMPTED
Authentication was attempted but the card issuer did not perform the authentication
AUTHENTICATION_FAILED
The cardholder failed the authentication.
AUTHENTICATION_NOT_AVAILABLE
An internal error occurred and Authentication is not currently available.
AUTHENTICATION_SUCCESSFUL
The cardholder was successfully authenticated.
CARD_DOES_NOT_SUPPORT_3DS
The card does not support 3DS authentication.
CARD_ENROLLED
The card is enrolled for 3DS authentication.
CARD_NOT_ENROLLED
The card is not enrolled for 3DS authentication.

3DSecureId  ASCII Text = Always Provided

It is first defined in the check3DSEnrollment operation, and then included in subsequent operations.
It is not used when the authentication is performed externally.
Existence
Always Provided
Fixed value
Validation Rules
Data consists of ASCII characters
XSD type
string
minimum length
1
maximum length
64

merchant  Alphanumeric + additional characters = Always Provided

Existence
Always Provided
Fixed value
Validation Rules
Data may consist of the characters 0-9, a-z, A-Z, '-', '_'
XSD type
string
minimum length
1
maximum length
40

response   = Always Provided

A collection of information that is specific to responses from the API.
Fixed value

response.3DSecure   = Always Provided

The response code which indicates the status.
Fixed value

response.3DSecure.gatewayCode  Enumeration = Always Provided

Existence
Always Provided
Fixed value
Validation Rules
The result of a 3DS request to the gateway.
XSD type
string
Value must be a member of the following list. The values are case sensitive.
ACS_SESSION_TIMEOUT
The session with the Issuer's ACS timed out. The cardholder did not return from the ACS session.
AUTHENTICATION_ATTEMPTED
The Merchant attempted to authenticate the cardholder with the card Issuer, but the card Issuer did not perform authentication of the card. Proof of authentication attempt was provided.
AUTHENTICATION_FAILED
The cardholder failed authentication by the card Issuer.
AUTHENTICATION_NOT_AVAILABLE_ERROR_DETAILS_PROVIDED
The response received from the card issuer's ACS (PARes) indicated that authentication of the cardholder could not be completed as technical or other issues were encountered by the Issuer's ACS. Error details (IReq) provided.
AUTHENTICATION_NOT_AVAILABLE_NO_ERROR_DETAILS
The response received from the card issuer's ACS (PARes) indicated that authentication of the cardholder could not be completed as technical or other issues were encountered by the Issuer's ACS. No error details (IReq) were provided.
AUTHENTICATION_SUCCESSFUL
The cardholder was successfully authenticated by the card Issuer.
CARD_DOES_NOT_SUPPORT_3DS
The card does not support 3D Secure authentication.
CARD_ENROLLED
Card holder is enrolled.
ENROLLMENT_STATUS_UNDETERMINED_ERROR_DETAILS_PROVIDED
The Issuer's ACS was not able to process the request to check enrollment or the card is ineligible (e.g. it is a Commercial card). The ACS did not provide any further details in the response.
ENROLLMENT_STATUS_UNDETERMINED_NO_ERROR_DETAILS
The Issuer's ACS was not able to process the request to check enrollment or the card is ineligible (e.g. it is a Commercial card). The ACS did not provide any further details in the response.
ERROR_COMMUNICATING_WITH_DIRECTORY_SERVER
An error communicating with the Directory Server was encountered.
ERROR_PARSING_AUTHENTICATION_RESPONSE
Error parsing Payer Authentication Response (PARes) received from the ACS.
ERROR_PARSING_CHECK_ENROLLMENT_REQUEST
Occurs when the request is incorrectly formatted. For example, the Merchant Id is longer than maximum allowed. Will generally only occur as a result of a defect in PS.
ERROR_PARSING_CHECK_ENROLLMENT_RESPONSE
Error parsing Verify Enrollment Response (VERes) received from the ACS.
INVALID_DIRECTORY_SERVER_CREDENTIALS
Merchant ID and Password failed authentication with the Directory Server (Contact Support to rectify)
INVALID_SIGNATURE_ON_AUTHENTICATION_RESPONSE
Error validating signature on response received from the ACS.
MPI_PROCESSING_ERROR
Internal processing error
NOT_ENROLLED_ERROR_DETAILS_PROVIDED
Card holder is not enrolled. Error details were returned by the Directory Server.
NOT_ENROLLED_NO_ERROR_DETAILS
Card holder is not enrolled. No error details were returned by the Directory Server.

Response parameters are the same as 3DS: Retrieve 3DS Result

error   = CONDITIONAL

Information on possible error conditions that may occur while processing an operation using the API.
Fixed value

error.cause  Enumeration = CONDITIONAL

For example, errors may occur due to invalid requests or internal system failures.
Fixed value
Validation Rules
XSD type
string
Value must be a member of the following list. The values are case sensitive.
INVALID_REQUEST
The request was rejected because it did not conform to the API protocol.
REQUEST_REJECTED
The request was rejected due to security reasons such as firewall rules, expired certificate, etc.
SERVER_BUSY
The server did not have enough resources to process the request at the moment.
SERVER_FAILED
There was an internal system failure.

error.explanation  String = CONDITIONAL

This field is returned only if the cause is INVALID_REQUEST or SERVER_BUSY.
Fixed value
Validation Rules
Data can consist of any characters
XSD type
string
minimum length
1
maximum length
1000

error.field  String = CONDITIONAL

This field is returned only if the cause is INVALID_REQUEST and a field level validation error was encountered.
Fixed value
Validation Rules
Data can consist of any characters
XSD type
string
minimum length
1
maximum length
100

error.supportCode  String = CONDITIONAL

This field is returned only if the cause is SERVER_FAILED or REQUEST_REJECTED.
Fixed value
Validation Rules
Data can consist of any characters
XSD type
string
minimum length
1
maximum length
100

error.validationType  Enumeration = CONDITIONAL

This field is returned only if the cause is INVALID_REQUEST and a field level validation error was encountered.
Fixed value
Validation Rules
XSD type
string
Value must be a member of the following list. The values are case sensitive.
INVALID
The request contained a field with a value that did not pass validation.
MISSING
The request was missing a mandatory field.
UNSUPPORTED
The request contained a field that is unsupported.

result  Enumeration = CONDITIONAL

Fixed value
Validation Rules
XSD type
string
Value must be a member of the following list. The values are case sensitive.
ERROR
The operation resulted in an error and hence cannot be processed.

Copyright © 2022 Mastercard