Payer Authentication Developer Guide | Simple Order API

1 Payer AuthenticationSimple Order APID eveloper Guide 2021. Cybersource Corporation. All rights Corporation (Cybersource) furnishes this document and the software described in this document under the applicable agreement between the reader of this document (You) and Cybersource ( agreement ). You may use this document and/or software only in accordance with the terms of the agreement . Except as expressly set forth in the agreement , the information contained in this document is subject to change without notice and therefore should not be interpreted in any way as a guarantee or warranty by Cybersource.

2 Cybersource assumes no responsibility or liability for any errors that may appear in this document. The copyrighted software that accompanies this document is licensed to You for use only in strict accordance with the agreement . You should read the agreement carefully before using the software . Except as permitted by the agreement , You may not reproduce any part of this document, store this document in a retrieval system, or transmit this document, in any form or by any means, electronic, mechanical, recording, or otherwise, without the prior written consent of Rights LegendsFor Government or defense agencies: Use, duplication, or disclosure by the Government or defense agencies is subject to restrictions as set forth the Rights in Technical Data and Computer software clause at DFARS and in similar clauses in the FAR and NASA FAR civilian agencies.

3 Use, reproduction, or disclosure is subject to restrictions set forth in subparagraphs (a) through (d) of the Commercial Computer software Restricted Rights clause at and the limitations set forth in Cybersource Corporation's standard commercial agreement for this software . Unpublished rights reserved under the copyright laws of the United , , and The Power of Payment are registered trademarks of Cybersource Corporation. Cybersource, Cybersource Payment Manager, Cybersource Risk Manager, Cybersource Decision Manager, and Cybersource Connect are trademarks and/or service marks of Cybersource Corporation.

4 Visa, Visa International, Cybersource, the Visa logo, and the Cybersource logo are the registered trademarks of Visa International in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective : Authentication | 2 ContentsRecent Revisions to This This Payer of Chargeback 3D Customer for Implementing Payer Authentication Process Flow Payer Authentication into Your of 3D Secure Digital Accept with Payer Merchant Cardinal Cruise Direct Connection API Payer Implementation and Before Go 1: Payer Authentication Setup Response 2.

5 Device Data Collection the the Device Data Collection JavaScript to Submit the Device Data Collection For the Device Data Collection URL 3: Payer Authentication Check Enrollment the Response 4: Step-Up Authentication - Contents | 3 Contents | 4 Building the Iframe the Javascript to invoke the Step-Up 5: Payer Authentication Validation Services or Mapping Authorization the Customers to Pass or Fail Message Cruise Direct Connection Integration Service Request and Response Enrollment Request and Response Authentication Request and Response with with with SDK Payer Flow for SDK for SDK SDK Payer the Android the Gradle Build the Android Up the Initial the iOS and Import the Up Your Build the iOS Up the Initial Payer Authentication in the Check Enrollment Service (SDK).

6 53 Interpreting the Enrolled the Validation Authentication - Contents | 4 Contents | 5 Hybrid Payer the Flow for Hybrid Hybrid Payer the Check Enrollment Enrolled the Validation Integration Fields for Setting Up Payer Fields for Setting Up Payer Fields for Enrolling in Payer Fields for Enrolling in Payer Fields for Validating Payer Fields for Validating Payer Payer Check Response Validation Test Case Path for Secure Secure 3D Secure Test Identity Check 3D Secure Test 3D Secure Test Express SafeKey 3D Secure Test J/Secure 3D Secure Test Club Protect Buy 3D Secure Test Protect Buy 3D Secure Test Compra Segura 3D Secure Test UnionPay 3D Secure Test Authentication - Contents | 5 Contents | 6 Test Cases for 3D Secure Case : Successful Frictionless Case : Unsuccessful Frictionless Case : Attempts Processing Frictionless Case : Unavailable Frictionless Case : Rejected Frictionless Case : Authentication not Available on Case : Enrollment Check Case : Case : Bypassed Case : Successful Step-Up Case.

7 Successful Step-Up Authentication (Standard)..171 Test Case : Unsuccessful Step-Up Case : Unsuccessful Step-Up Authentication (Standard)..175 Test Case : Unavailable Step-Up Case : Unavailable Step-Up Authentication (Standard)..180 Payer Authentication Exemption Test Case 1a: Initial/First Recurring Transaction - Fixed Case 2a: Card Authentication Case 2b: Suspected Case 2c: Cardholder Not Enrolled in Case 2d: Transaction Timed Out at the Case 2e: Non-Payment Transaction Not Case 2f: 3RI Transaction Not Case 3a: Transaction Risk Analysis Exemption - Low Value - Case 3b-Transaction Risk Analysis Low Value - Case 3c: Transaction Risk Analysis-Low Case 3d: Acquirer Transaction Risk Analysis-Cartes Case 4a: Trusted Beneficiary Prompt for Case 4b.

8 Utilize Trusted Beneficiary Case 5a-1: Identity Check Insights (ScoreRequest = N)..192 Test Case 5a-2: Identity Check Insights (ScoreRequest = Y)..193 Rules-Based Payer Authentication - Contents | 6 Contents | 7 Bypassed Authentication Bank Modification Modification Secure Services Message Methods for Device Data Data Collection Device BIN in BIN as a POST Parameter Plus Your Payer Authentication Authentication Transaction Details in the Business Authentication Payer Authentication for Payer Authentication Not Payer Authentication Implementation Flow for Standard Customers to Pass or Fail Message the Check Enrollment Service (Standard).

9 215 Standard Integration : Check Authentication Authentication Summary Authentication - Contents | 7 Contents | 8 Downloading the the Report to the Transaction Search the Payer Authentication and Payment Authentication Detail Authentication - Contents | 8 Recent Revisions to This missing challengeCode API fieldAdded challengeCode API field back to the optional fields for the Enrolled service in the Simple Order and REST versions of the Guide after it was left out. See Optional Fields for Enrolling in Payer Authentication (on page 80). Strong Authentication Strong Customer Authentication (on page 15).

10 Added exemption test case sectionSee Payer Authentication Exemption Test Cases (on page 182) a REST version of Guide . Reworked entire Guide . Removed response API field descriptions from Guide . Refer to API Field Reference Guides for field descriptions. Updated the Enrollment Check and Response Fields (on page 22) and Validation Check Response and Card Authorization Request (on page 32) Key CredentialsUpdated the process to obtain credentials to generate your API keys for the Cardinal Mobile SDK Case Updates Updated Test Case 38: American Express SafeKey Card Enrolled: Successful Authentication to fix a missing credit card digit.