openapi: 3.1.0
info:
title: Data Export WS Client
description: |
REST API to send data related to a transaction.
| Changes | Version | Date |
|--------|---------|------|
| - Added 'threeDSCompInd', 'threeDSMethodId', and 'threeDSServerTransId' to the 'PurchaseContext' object.
- Added 'resultStatus' to the 'authenticationResult' object.
- Added 'creationDate', 'updateDate', and 'source' to the 'cardholder.credentials' object. | 25R2_1.0 | 04/09/2025 |
| - Changed 'threeDSMethodCollectedData' field format from string '<\json>' to JSON object.
- Added 'meansTriggeringEvent', 'profileSetName', 'profileSetRuleName', 'profileSetVerifiedConditions', 'profileName', 'profileMeans', 'merchantThresholdAmountStatus' and 'browserCloseDetails' to the 'authenticationResult' object | 25R1_1.0 | 28/08/2024 |
version: ""
paths:
/:
post:
tags:
- dataExport
summary: Send data related to a transaction.
description: At the end of a transaction, all related data is sent to this endpoint.
Only an HTTP code is expected in response. Depending on the HTTP code, the gateway
may retry the request. The full URI is defined in configuration and must be provided
by the client (implementing the HTTP server).
parameters:
- name: request-id
in: header
description: ACS / HUB session ID used for the transaction.
required: true
schema:
type: string
requestBody:
description: Data related to the transaction.
content:
application/json:
schema:
$ref: '#/components/schemas/DataExport'
required: true
responses:
200:
description: OK. Success.
204:
description: No Content. Success.
400:
description: Bad Request. Error that will **not** trigger a retry.
401:
description: Unauthorized. Error that will **not** trigger a retry.
403:
description: Forbidden. Error that will **not** trigger a retry.
404:
description: Not Found. Error that will **not** trigger a retry.
405:
description: Method Not Allowed. Error that will **not** trigger a retry.
409:
description: Not Acceptable. Error that will **not** trigger a retry.
520:
description: Conflict. Error that will **not** trigger a retry.
429:
description: Too Many Requests. Error that **will** trigger a retry.
500:
description: Internal Server Error. Error that **will** trigger a retry.
503:
description: Service Unavailable. Error that **will** trigger a retry.
504:
description: Gateway Time-out. Error that **will** trigger a retry.
default:
description: Error that **will** trigger a retry.
components:
schemas:
DataExport:
required:
- createdDateTime
- keyTag
- iv
type: object
properties:
createdDateTime:
type: string
description: Session creation local date-time (French timezone).
format: yyyy-MM-ddTHH:mm:ss.SSS
minLength: 23
maxLength: 23
examples:
- 2024-08-28T10:52:54.198
keyTag:
type: string
maxLength: 2
description: The key tag used for encryption.
Mandatory if data encryption is implemented.
examples:
- 01
iv:
type: string
maxLength: 36
description: IV used for encryption (hub session ID without "-").
Mandatory if data encryption is implemented.
examples:
- 320f8f855b4e478480d54497
cardholder:
$ref: '#/components/schemas/ExportCardHolder'
virtualCardData:
$ref: '#/components/schemas/VirtualCardData'
purchaseContext:
$ref: '#/components/schemas/PurchaseContext'
recurringTransaction:
$ref: '#/components/schemas/RecurringTransaction'
messageExtension:
$ref: '#/components/schemas/MessageExtension'
RBA:
$ref: '#/components/schemas/RBA'
authenticationResult:
$ref: '#/components/schemas/AuthenticationResult'
matchingAttacks:
type: array
description: List of matching attacks. Since 24R3.
items:
$ref: '#/components/schemas/MatchingAttack'
description: Main class of transaction information.
examples:
- {
"createdDateTime": "2023-08-30T19:42:07.571",
"keyTag": "01",
"iv": "b7f20ef725764107b29b6e29",
"cardholder": {
"issuerCode": "66666",
"subIssuerCode": "66667",
"cardID": "1609039243305",
"tokenPan": "mckNDk3NjcwMDAwMDAwMDAxNQ==",
"expiryDate": "3ed12aa8d824bb592440073925a309cf9730c4731b49dc",
"credentials": [
{
"type": "SMS",
"value": "616d41e5759d392347f127f50d4b8f1d9aea3e4249f75212c6cf7f88"
},
{
"type": "EMAIL",
"value": "3e3b01a72add7e5715aa71a404e493b784dfffb3f3626475611619331f828dfbbb"
},
{
"type": "PWD",
"value": "293b17b0759d3d2140a226fb5bf3c7badc8efa9423b793316f25df3f0231d226ba3685331484265eb0b447b5ad00c9ad566c7b001db1304f892b3b29fa4e1fd3b807b7b1ef2cf3dac911e0572aed4742",
"algorithm": "SHA-256"
},
{
"type": "TA",
"value": "7b6c41e771993d2f4bf78a224952bb2bb0b436a7316e4827ef61"
},
{
"type": "OPENID",
"value": "051736900deb3b2541f325fb19e86ed05547a4b7887d3cb85d2e790c"
}
],
"PAN": "38d82fadc224ba72a6bac3b5ae564bd827a8a2ac98c72eb8ff0b89f2712dd26a",
"cardHolderID": "6873147d-b205-407e-b050-77a66bf4f7b4"
},
"purchaseContext": {
"network": "MASTERCARD",
"convertedAmount": "2200",
"convertedExponent": "2",
"convertedCurrencyCode": "978",
"convertedCurrencyLabel": "EUR",
"os": "Windows 7",
"cardType": "DEBIT",
"binRange": "49767",
"language": "fr",
"dsTransID": "c036148a-616a-44b3-9c1e-2509954de092",
"browserIP": "2a02:2788:0558:0094:1507:d510:7b4f:b303",
"rcptCountry": "DEU",
"threeDSRequestorURL": "www.test.url",
"merchantCountryCode": "250",
"merchantName": "merchant_4558",
"acquirerMerchantID": "123456",
"mcc": "5411",
"acquirerBIN": "700004",
"purchaseAmount": "2200",
"purchaseExponent": "2",
"purchaseDate": "2019-12-23T14:18:02",
"transactionCurrencyLabel": "EUR",
"purchaseCurrency": "978",
"cardExpiryDate": "2020-10",
"deviceChannel": "01",
"browserUserAgent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36",
"messageVersion": "2.2",
"messageCategory": "01",
"threeDSRequestorAuthenticationInd": "02",
"threeDSRequestorChallengeInd": "07",
"threeDSReqAuthMethod": "01",
"RequestorPriorTransactionReference": "3a9a8ed1-1a2b-47b4-b913-c9b29d9e3b56",
"threeDSReqPriorRef": "a036148a-616a-44b3-9c1e-2509954de095",
"threeDSReqPriorDsTransId": "9fba9d4a-bd83-4a5a-a5ff-dc7b3e77f899",
"threeDSRequestorDecReqInd": false,
"threeDSRequestorDecMaxTime": "10",
"threeRIInd": "01",
"browser": "Chrome",
"whiteListStatus": "E",
"whiteListStatusSource": "01",
"acquirerCountryCode": "840",
"threeDSRequestorID": "Requestor id",
"threeDSRequestorName": "Requestor name",
"addrMatch": true,
"shipAddrCity": "City name",
"shipAddrCountry": "250",
"shipAddrPostCode": "12345",
"billAddrCity": "Bill City name",
"billAddrCountry": "250",
"billAddrPostCode": "12345",
"email": "example@example.com",
"phone": "+37441901150",
"browserAcceptHeader": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"browserColorDepth": "48",
"browserJavaEnabled": true,
"browserJavascriptEnabled": true,
"browserLanguage": "en",
"browserScreenHeight": "400",
"browserScreenWidth": "600",
"browserTZ": "0",
"sdkAppID": "8a880dc0-d2d2-4067-bcb1-b08d1690b26e",
"threeDSServerOperatorID": "operator id",
"purchaseInstalData": "05",
"acsTransID": "b7f20ef7-2576-4107-b29b-6e2987f80930",
"payTokenInfo": "{\"token\":\"sample-token-data\", \"authMethod\":\"pan_only\", \"cryptogram\":\"ABC123DEF456\"}",
"emvPaymentToken": "{\"networkToken\":\"4895379980036386\", \"cryptogram\":\"AAABCdEFghiJKLMN\", \"eciIndicator\":\"07\"}",
"payTokenInd": true,
"payTokenSource": "01",
"visaFidoData": "{\"txType\":\"02\", \"version\":\"2.0\", \"signedDataChecks\":{\"challengeData\":\"TQZxUxigOhELl6MSIRpTZOeqElDXWeA6PTKU\", \"userVerification\":true}}",
"dsAuthInfVerifInd": "01",
"threeDSReqAuthData": "{\"rpId\":\"fido.dev.worldline-solutions.com\", \"deviceBindingInfo\":\"free text\", \"version\":\"1.0\", \"assertionBlob\":{\"id\":\"HVtTM2iCGVklu5ta_Jvdjjp_IVTsg-bvvrmdnGuo6Z8\", \"authenticatorData\":\"io3BfIbZf1ikZKf1kMgcVP5ccTOoczlzoQYsPHPRu10FAAAAAQ\"}}",
"passThroughVerified": false,
"passThroughRespData": "{\"status\":\"verified\", \"fidoStatus\":true, \"assertionData\":\"eyJhbGciOiJSUzI1NiJ9...\"}",
"threeDSMethodCollectedData": {
"threeDSMethodData": "eyJzZXJ2ZXJUcmFuc0lEIjoiM2FjN2NhYTctYWE0Mi0yNjYzLWIzNmYtNTBjZGZlOTNhNTZhIiwidGhyZWVEU01ldGhvZE5vdGlmaWNhdGlvblVSTCI6Imh0dHBzOi8vZGVtby5nbG9iYWxjb2xsZWN0LmNvbS9jb25uZWN0L2dhdGV3YXkvcHJvY2Vzc2luZy8zZFNlY3VyZS9tZXRob2QvY29tcGxldGUifQ=="
},
"threeDSCompInd": "Y",
"threeDSMethodId": "a0ff06ee-0268-4ab5-b561-95245693d8e6",
"threeDSServerTransID": "43971a9e-e7be-4609-8543-b0f715adf258",
"eci": "05",
"deviceInfoB64": "eyJEViI6IjEuNiIsIkREIjp7IkQwMjIiOiAiMDMiLCAiQzAwMSI6IkFuZHJvaWQiLCJDMDAyIjoiRGV2aWNlIE1hbnVmYWN0dXJlciIsIkMwMDQiOiJWZXJzaW9uIiwiQzAwNSI6ImVuX1VTIiwiQzAwNiI6IkVhc3Rlcm4gU3RhbmRhcmQgVGltZSIsIkMwMDciOiIwYzgzODNkMC0wZDU0LTRmNjEtOTVkNC05NzYyZTYyZDBhNDAiLCJDMDA5IjoiTXkgRGV2aWNlIE5hbWUgKD8pIiwiQzAxMCI6IiJ9LCJEUE5BIjp7IkMwMTEiOiJSRTAzIn0sIlNXIjpbIlNXMDEiLCJTVzA0Il19"
}
,
"recurringTransaction": {
"recurringFrequency": "4",
"recurringExpiry": "20240101",
"recurringAmount": "1500",
"recurringCurrency": "978",
"recurringExponent": "2",
"recurringDate": "20240101",
"amountInd": "01",
"frequencyInd": "02"
},
"messageExtension": {
"VISA": {
"score": "91",
"dafAdvice": "01",
"authPayCredStatus": false,
"authPayProcessReqInd": "01",
"chAccReqID": "1234"
},
"MASTERCARD": {
"score": "9900",
"decision": "CH",
"reasonCode1": "A",
"secureCorporatePayment": true,
"merchantFraudRate": "1",
"scaExemptions": "06"
},
"CB": {
"CBEXEMPTACQ": true,
"cbDeviceIndData": [
{
"data": {
"acctNbOnCountryIpD2D180": "010",
"acctNbOnOtherDeviceD2D180": "003",
"acctNbOnSameDeviceD2D180": "002",
"emailOnOtherDeviceD2D180": "014",
"emailOnSameDeviceD2D180": "001",
"ipOnOtherDeviceD2D180": "030",
"ipOnSameDeviceD2D180": "012",
"nbAcctNbOnSameDeviceD0D4": "001",
"nbDaySinceFirstAcctNbOnSameDevice": "180",
"nbDaySinceFirstEmailUse": "075",
"nbDeviceOnSameAcctNbD2D180": "025",
"nbDeviceOnSameEmailD2D180": "007",
"nbDeviceOnSameIpD2D180": "010",
"nbDeviceOnSamePhoneD2D180": "005",
"phoneOnOtherDeviceD2D180": "017",
"phoneOnSameDeviceD2D180": "024",
"versionDIRs": "1.0"
},
"name": "CB-DEVICEIND",
"criticalityIndicator": false,
"id": "A000000042_CB-DEVICEIND"
}
]
}
},
"authenticationResult": {
"transStatus": "Y",
"transStatusReason": "12",
"finalStatus": "SUCCESS",
"failureCause": "USER_CANCELLATION",
"authenticationValue": "ABCDEF1234567890",
"threeDSWhitelistStatus": "N",
"threeDSWhiteListStatusSource": "03",
"authenticationMethod": "03",
"challengeCancel": "01",
"authenticationType": "02",
"interactionCounter": "1",
"authentDatas": [
{
"chosenMean": "SMS",
"finalStatus": "success",
"usedDevice": "616d41e5759d392347f127f50d4b8f1d9aea3e4249f75212c6cf7f88"
},
{
"chosenMean": "EXTMOBAPP",
"finalStatus": "failure"
}
],
"smsDate": "2024-06-23T09:07:21.036995",
"smsOperator": "Orange",
"smsText": "Your authentication code is 123456",
"oobAppURLInd": "01",
"meansTriggeringEvent": "NORMAL",
"profileSetName": "PS_99999_01",
"profileSetRuleName": "MOBILE_APP_PPH",
"profileSetVerifiedConditions": [
"CONDITION_1",
"CONDITION_2"
],
"profileName": "99999_MOBILE_APP_PS_01",
"profileMeans": "SMS",
"merchantThresholdAmountStatus": "AMOUNT_STATUS_SAMPLE",
"browserCloseDetails": "browser close details sample",
"resultStatus": "01"
},
"RBA": {
"principalWhiteListed": false,
"principalBlackListed": false,
"blackListStatus": [],
"rbaDecision": "STRONG",
"rbaLevel": "99",
"rbaReason": "RBA_FALLBACK"
}
}
VirtualCardData:
type: object
properties:
vPAN:
type: string
maxLength: 64
description: Virtual PAN (encrypted or masked). Plain value on 12 to 19 char.
(16 char. for French PAN.)
examples:
- 782cd43c20001dc07540b020054c939fdaba80339c2201de
- 497670XXXXXXXX15
vTokenPan:
type: string
maxLength: 36
description: Internal token for virtual PAN, calculated by ACS platform.
vExpiryDate:
type: string
maxLength: 64
format: yyyy-MM (plain)
description: Expiry date of virtual card (encrypted or plain).
examples:
- 6b3b1478d3a8cae4e544925e8afbf4be
- 2020-10
description: Data regarding the virtual card (or vPAN) if one was being used.
AuthenticationResult:
type: object
properties:
transStatus:
type: string
minLength: 1
maxLength: 1
description: If ARes error or final status like frictionless,
then transaction status from ARes.
If challenge, then transaction status from last CRes.
examples:
- Y
transStatusReason:
type: string
minLength: 2
maxLength: 2
description: Provides information on why the Transaction Status field has
the specified value.
If ARes error or final status like frictionless, then status reason from ARes.
If challenge, then status reason from last CRes.
examples:
- 12
finalStatus:
type: string
enum:
- SUCCESS
- FAILURE
description: ACS platform internal status.
examples:
- SUCCESS
failureCause:
type: string
maxLength: 50
description: |
Failure cause of the authentication.
In case of `USER_CANCELLATION` from ACS response, HUB changes this value with `CANCEL`.
| Code | Label |
| ---- | ----- |
| INVALID_REQUEST | The Received request is invalid |
| BIN_NOT_FOUND | Bin Range is not enrolled in the ACS |
| BIN_DEACTIVATED | The Bin Range is not activated in the ACS |
| CARD_NOT_FOUND | The card is not enrolled in the ACS |
| CARD_INACTIVATED | The card is not activated for 3DS |
| VE_HUB_CALL_NO_ANSWER | The authentication hub cannot be reached |
| VE_HUB_CALL_INTERNAL_ERROR | Internal error in the authentication hub |
| EXTERNAL_REFERENTIAL_CALL_ISSUE | Error on a external referential |
| VE_TECHNICAL_PROBLEM | Technical issue in the VE service |
| AUTHENTICATION_MEANS_BLACKLISTED | Every authentication means is blacklisted |
| RBA_HIGH_RISK_REFUSAL | Refusal deduced from the high risk level |
| CARD_IN_BLACK_LIST | The card is blacklisted |
| CH_IP_FILTER_FOUND | The cardholder IP address is filtered out |
| CH_IP_COUNTRY_BLACKLISTED | The cardholder IP country is blacklisted |
| MERCHANT_COUNTRY_BLACKLISTED | The merchant country is blacklisted |
| MERCHANT_URL_BLACKLISTED | The merchant URL is blacklisted |
| MERCHANT_ID_BLACKLISTED | The Merchant ID is blacklisted |
| MERCHANT_NAME_BLACKLISTED | The Merchant Name is blacklisted |
| MERCHANT_DOMAIN_BLACKLISTED | The Merchant Domain is blacklisted |
| MERCHANT_THRESHOLD_AMOUNT_REACHED | A merchant threshold amount was reached |
| MAXIMUM_COUNTER_REACHED | The card holder counter's threshold reached |
| DEFAULT_REFUSAL_PROFILE | Default refusal |
| USER_CANCELLATION | The user manually cancelled the transaction |
| TIMEOUT_REACHED | The user spent too much time on ACS page |
| PA_HUB_CALL_NO_ANSWER | The HUB cannot be reached by the PA service |
| PA_HUB_CALL_INTERNAL_ERROR | Internal technical error in the hub |
| OTP_SENDING_ERROR | The hub could not sent the OTP |
| PA_TECHNICAL_PROBLEM | Technical issue in the PA service |
| AUTHENTICATION_WINDOW_CLOSED | The card holder has closed the ACS page |
| PA_NEVER_RECEIVED | PA request is not received |
| A_HUB_CALL_INTERNAL_ERROR | Internal technical error in the hub |
| C_NEVER_RECEIVED | C request is not received |
| CAPP_HUB_CALL_INTERNAL_ERROR | Error when called by the Challenge App |
| CAPP_HUB_CALL_NO_ANSWER | The hub cannot be reached by Challenge App |
| CAPP_TECHNICAL_PROBLEM | Technical issue in the Challenge App |
| CARD_EXPIRED | The card has expired |
| CREQ_TIMEOUT_REACHED | The 3DS Requestor didnt start the challenge |
| A_HUB_CALL_NO_ANSWER | The hub cannot be reached AReq |
| A_TECHNICAL_PROBLEM | Technical issue |
| C_HUB_CALL_NO_ANSWER | The hub cannot be reached CReq |
| C_TECHNICAL_PROBLEM | Technical issue in the CReq |
| EXTERNAL_WS_UNAVAILABLE | WS Bank unavailable |
| OOB_FAILURE | OOB Failed |
| C_HUB_CALL_INTERNAL_ERROR | Error in the authentication hub, CReq |
| INVALID_RREQ_SENT_TO_DS | Invalid RReq |
| ERROR_TIMEOUT_DS | Timeout on DS |
| AUTHENTICATION_BLOCKED | Authentication is blocked |
| CARD_INVALID | The card has an invalid Luhn key |
| INVALID_CARD_NUMBER | The card has an invalid card number |
| STOLEN_CARD | The card is stolen |
| TRN_NOT_PERMITTED | Transaction not permitted to cardholder |
| RISK_FRAUD | Suspected risk fraud |
| SWITCH_AUTHENT | Trusted Authentication - Switch method |
| INVALID_CREQ_WITHOUT_ALGO_A128GCM | Invalid CReq message |
| TLS_HANDSHAKE_FAILED | TLS mutual authentication error |
| INVALID_DUPLICATE_CREQ | An invalide duplicate CReq has been received. Or, ACS received more than 10 duplicated CReq |
authenticationValue:
type: string
maxLength: 128
description: |
Authentication value (encrypted).
AuthenticationValue can be send in ARes and RReq.
Plain text length is 28 char., hashed and encrypted are 128 char. max.
Warning: length may be greater in protocol 2.3.1 (up to 4000 char. in plain text).
threeDSWhitelistStatus:
type: string
enum:
- Y
- N
- E
- P
- R
- U
description: Enables the communication of trusted beneficiary / whitelist status.
between the ACS, the DS and the 3DS Requestor.
White list Status value returned by ACS in RReq message.
threeDSWhiteListStatusSource:
type: string
minLength: 2
maxLength: 2
description: This data element is populated by the system setting Whitelist Status.
White list Status Source value returned by ACS in RReq message.
examples:
- 01
authenticationMethod:
type: string
minLength: 2
maxLength: 2
description: Authentication approach that the ACS used to authenticate the
cardholder for this specific transaction. Check EMVCo_3DS_Spec to know if
this field is optional or not, and to have the excepted format and values.
examples:
- 03
challengeCancel:
type: string
minLength: 2
maxLength: 2
description: Indicator informing the ACS and the DS that the authentication has been
canceled.
authenticationType:
type: string
minLength: 2
maxLength: 2
description: Indicates the type of authentication method the Issuer will use
to challenge the Cardholder.
examples:
- 02
interactionCounter:
type: string
minLength: 1
maxLength: 2
description: Indicates the number of authentication cycles attempted by the Cardholder.
examples:
- 1
authentDatas:
type: array
description: List of authentication attempt(s) done during transaction.
Including Authent mean, status + phone/email used if push done by ACS platform.
items:
$ref: '#/components/schemas/AuthentData'
examples:
- [
{
"chosenMean": "EXTMOBAPP",
"finalStatus": "failure"
},
{
"chosenMean": "SMS",
"finalStatus": "success",
"usedDevice": "+33610837364"
}
]
smsDate:
type: string
format: yyyy-MM-ddTHH:mm:ss.SSSSSS
description: Date of the sent SMS. Since 24R2.
examples:
- 2024-06-23T09:07:21.036995
smsOperator:
type: string
description: Operator of the sent SMS. Since 24R2.
examples:
- Orange
smsText:
type: string
description: Text of the sent SMS. Since 24R2.
oobAppURLInd:
type: string
description: URL indicator of the authentication OOB application.
meansTriggeringEvent:
type: string
maxLength: 20
description: Authentication use case (NORMAL, FALLBACK, BACKUP, etc.). Since 25R1.
examples:
- "NORMAL"
profileSetName:
type: string
maxLength: 255
description: Used profile Set name. Since 25R1.
examples:
- "PS_99999_01"
profileSetRuleName:
type: string
description: Rule name, used to choose profile to apply. Since 25R1.
examples:
- "MOBILE_APP_PPH (NORMAL)"
profileSetVerifiedConditions:
type: array
items:
type: string
description: List of verified conditions, to apply the profile. Since 25R1.
profileName:
type: string
maxLength: 255
description: Name of the profile that has been applied. Since 25R1.
examples:
- "99999_MOBILE_APP_PS_01"
profileMeans:
type: string
maxLength: 50
description: Authentication means used. Since 25R1.
merchantThresholdAmountStatus:
type: string
enum:
- "MERCHANT_THRESHOLD_AMOUNT_REACHED"
- "MERCHANT_THRESHOLD_AMOUNT_NOT_REACHED"
- "MERCHANT_THRESHOLD_AMOUNT_NOT_FOUND"
examples:
- "MERCHANT_THRESHOLD_AMOUNT_NOT_FOUND"
description: Merchant threshold amount status. Since 25R1.
browserCloseDetails:
type: string
maxLength: 255
description: A backup of the refusalCause when the cardholder closes his browser (abandonment case). Since 25R1.
resultStatus:
type: string
minLength: 2
maxLength: 2
description: Indicates the status of the Results Request message from the 3DS Server to provide additional data to the ACS.
Since 25R2.
examples:
- "01"
description: Authentication information.
AuthentData:
type: object
properties:
chosenMean:
type: string
description: Chosen mean.
finalStatus:
type: string
enum:
- success
- failure
description: Authentication final Status.
usedDevice:
type: string
description: Used device.
description: Provides information on a transaction's authentication process.
RBA:
type: object
properties:
travelIndustry:
type: boolean
description: |
`true` if Merchant Category Code in Travel Industry MCC list codes.
principalWhiteListed:
type: boolean
description: PAN is whiteListed in ACS internal list (not TML).
examples:
- false
principalBlackListed:
type: boolean
description: PAN is blackListed in ACS platform.
examples:
- false
principalExemptionListed:
type: boolean
description: PAN is in exemption list.
blackListStatus:
type: array
description: If the principal was blacklisted this field will list which
filters were triggered.
items:
type: string
enum:
- NONE
- CH_IP_FILTER_FOUND
- EMAIL_BLACKLISTED
- PHONE_BLACKLISTED
- RCPT_COUNTRY_BLACKLISTED
- MERCHANT_COUNTRY_BLACKLISTED
- MERCHANT_URL_BLACKLISTED
- MERCHANT_ID_BLACKLISTED
- MERCHANT_NAME_BLACKLISTED
- MERCHANT_DOMAIN_BLACKLISTED
examples:
- CH_IP_FILTER_FOUND
- PHONE_FILTER
- EMAIL_FILTER
- CH_IP_COUNTRY_BLACKLISTED
rbaDecision:
type: string
enum:
- STRONG
- NONE
- REFUSED
description: Final decision taken by APM RBA Module.
examples:
- STRONG
rbaLevel:
type: string
minLength: 1
maxLength: 2
description: High priority score used by APM RBA module.
rbaReason:
type: string
maxLength: 50
description: Rba summary reason given by the triggered rule as defined by
the ReasonType enumeration.
examples:
- LOW_VALUE
- HIGH_RISK
rbaRuleSetInfo:
type: string
maxLength: 100
description: |
Identifier of the selected rule set based on the transaction's
context and issuer. Contains this information:
Service/Issuer/Sub-Issuer/Protocol/Locality/Scheme/Device-channel.
rbaRuleName:
type: string
maxLength: 100
description: Name of triggered rule from the rule set.
rbaSuccessiveCounter:
type: string
maxLength: 10
description: Counter of consecutive frictionless transactions
(ALL / LOW_VALUE reason).
rbaCumulativeAmount:
type: string
maxLength: 48
description: Sum of purchase amount of consecutive Frictionless transactions
(ALL / LOW_Value reason), amount in EUR and cents.
issuerRbaDecision:
type: string
minLength: 2
maxLength: 2
description: DS Issuer recommendation (CB).
issuerRbaLevel:
type: string
minLength: 1
maxLength: 2
description: DS Issuer score (CB).
dsRbaDecision:
type: string
minLength: 2
maxLength: 2
description: DS recommendation (MasterCard or CB).
dsRbaLevel:
type: string
minLength: 1
maxLength: 2
description: Directory server computed score (VISA, MasterCard or CB).
extRbaDecision:
type: string
minLength: 2
maxLength: 2
description: External Scoring platform recommendation.
extRbaLevel:
type: string
minLength: 1
maxLength: 2
description: External Scoring platform score.
extRbaIssuerDecision:
type: string
minLength: 2
maxLength: 2
description: External Issuer Scoring platform recommendation.
extRbaIssuerLevel:
type: string
minLength: 1
maxLength: 2
description: External Issuer Scoring platform score.
rbaExoneratingHint:
type: string
maxLength: 2048
description: Exonerating hint provided by the scoring platform (see the
ReasonType enum).
rbaIncriminatingHint:
type: string
maxLength: 2048
description: Incriminating value provided by the scoring platform.
binAttackDetection:
type: boolean
description: BIN attack detection based on the field incriminating hint
provided by the scoring platform.
binAttackSource:
type: string
description: BIN attack source from configuration.
deviceIndicators:
description: "Device Intelligence indicators. Since 26R1."
$ref: '#/components/schemas/DIIndicators'
description: Set of information provided by the RBA service mostly regarding
the ruling of the choice of the type of authentication.
ExportCardHolder:
type: object
required:
- issuerCode
- subIssuerCode
- cardHolderID
- cardID
- tokenPan
properties:
issuerCode:
type: string
minLength: 5
maxLength: 5
description: Issuer Code declared in ACS platform for the Card Bin Range.
examples:
- 66666
subIssuerCode:
type: string
minLength: 5
maxLength: 5
description: Sub-Issuer Code declared in ACS platform for the Card Bin Range.
examples:
- 66667
cardHolderID:
type: string
maxLength: 36
description: Cardholder technical identifier, provided by IS Bank via Batch,
WS STD API, or UUID generated by HUB.
examples:
- ef9b1877-d568-4875-b85e-e87248ddac77
cardID:
type: string
maxLength: 36
description: Card technical identifier, provided by IS Bank via Batch, WS STD API
or UUID generated by HUB.
examples:
- 1609039243305
PAN:
type: string
maxLength: 64
description: PAN (encrypted or masked). Plain value on 12 to 19 char.
(16 char. for French PAN).
examples:
- 4b358ed84b7940619235a22328c584c7bc4508d4524e75231d6f450521d16a17
- 492904XXXXXXXX54
tokenPan:
type: string
maxLength: 36
description: Internal Token PAN calculated by ACS platform.
examples:
- mckNDk3NjcwMDAwMDAwMDExNA==
expiryDate:
type: string
format: yyyy-MM (plain)
maxLength: 64
description: Expiry date (encrypted or plain).
examples:
- 6b3b1478d3a8cae4e544925e8afbf4be
- 2030-10
credentials:
type: array
description: List of credentials (encrypted or plain).
items:
$ref: '#/components/schemas/ExportCredential'
examples:
- [
{
"type": "SMS",
"value": "428ccefa6e2c9e6f4b96a63e6c34452b8ced31f45b7bb6c9fb02e7972fd1731bb3e3350b30a4407b4b858f1732a450434c2f01fc4"
},
{
"type": "PWD",
"value": "gfd5gfd68g7fdg35fd4g4g3df54ffddsdfsd54fsd8f5d5fs65fs6d5f6sf54e65fs65df6sf8e8fs6f5f5d58w+g6987wg51fgd32133321",
"algorithm": "SHA-256"
}
]
- [
{
"type": "PWD",
"value": "4b358ed84b7940619235a22328c584c7bc4508d4524e75231d6f450521d16a17",
"algorithm": "SHA-256"
},
{
"type": "SMS",
"value": "+33606060606"
},
{
"type": "SMS",
"value": "+33777777777"
}
]
description: Card holder information.
ExportCredential:
type: object
properties:
type:
type: string
description: Type.
value:
type: string
description: Value.
algorithm:
type: string
description: Algorithm.
pattern:
type: string
description: Pattern.
creationDate:
type: string
description: Creation Date.
updateDate:
type: string
description: Updated Date.
source:
type: string
description: Source.
description: Credential information.
PurchaseContext:
type: object
required:
- network
- dsTransID
- deviceChannel
- messageVersion
- messageCategory
- threeDSRequestorID
- threeDSRequestorName
- acsTransID
properties:
network:
type: string
enum:
- VISA
- MASTERCARD
- BANCONTACT
- CB
description: Card brand.
examples:
- MASTERCARD
convertedAmount:
type: string
maxLength: 48
description: Converted purchase amount in Euro with cents.
examples:
- 342
convertedExponent:
type: string
minLength: 1
maxLength: 1
description: Converted purchase exponent.
examples:
- 2
convertedCurrencyCode:
type: string
minLength: 3
maxLength: 3
description: Converted currency code.
examples:
- 978
convertedCurrencyLabel:
type: string
minLength: 3
maxLength: 3
description: Converted currency label.
examples:
- EUR
os:
type: string
description: Operating system, determined by Babel based on user agent value.
examples:
- Chrome OS
- IOS 16
cardType:
type: string
enum:
- DEBIT
- CREDIT
description: Card type.
examples:
- DEBIT
binRange:
type: string
minLength: 8
maxLength: 8
description: Bin range of the Card on 8 digit.
language:
type: string
minLength: 2
maxLength: 2
description: Language stored in Card referential.
examples:
- fr
- en
dsTransID:
type: string
format: UUID
minLength: 36
maxLength: 36
description: DS Transaction ID.
examples:
- 9b9f8249-b239-721a-332c-aec6bbd38764
browserIP:
type: string
maxLength: 45
description: Browser IP. IPv6 or IPv4.
examples:
- 155.155.155.155
rcptCountry:
type: string
minLength: 3
maxLength: 3
description: Reception country. Country code of IP Address in alpha3 ISO format.
examples:
- BEL
- FRA
threeDSRequestorURL:
type: string
maxLength: 2048
description: Merchant URL.
examples:
- www.acs3TestMerchant.com
merchantCountryCode:
type: string
minLength: 3
maxLength: 3
description: Merchant country. ISO 3166-1 numeric.
examples:
- 250
merchantName:
type: string
maxLength: 40
description: Merchant name.
examples:
- Amazon
acquirerMerchantID:
type: string
maxLength: 35
description: Merchant ID.
examples:
- TLW8XET7LEFL3TO-TEST
mcc:
type: string
minLength: 4
maxLength: 4
description: Merchant category Code.
acquirerBIN:
type: string
maxLength: 11
description: Transaction acq bin.
examples:
- 700004
purchaseAmount:
type: string
maxLength: 48
description: In minor units of currency with all punctuation removed.
examples:
- 34200
purchaseExponent:
type: string
minLength: 1
maxLength: 1
description: Transaction exponent.
examples:
- 2
purchaseDate:
type: string
format: yyyy-MM-ddTHH:mm:ss
minLength: 19
maxLength: 19
description: Date and time of the purchase expressed in UTC.
examples:
- 2019-12-23T14:18:02
transactionCurrencyLabel:
type: string
minLength: 3
maxLength: 3
description: Transaction currency label. ISO 4217 Currency text value corresponding
to purchaseCurrency Code.
examples:
- EUR
purchaseCurrency:
type: string
minLength: 3
maxLength: 3
description: Transaction currency code. ISO 4217 Numeric.
examples:
- 978
cardExpiryDate:
type: string
format: yyyy-MM (plain)
maxLength: 64
description: Card expiry date (encrypted or plain).
examples:
- 6b3b1478d3a8cae4e544925e8afbf4be
- 2020-10
deviceChannel:
type: string
minLength: 2
maxLength: 2
description: Device channel.
examples:
- 02
browserUserAgent:
type: string
maxLength: 2048
description: Browser user agent.
examples:
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
messageVersion:
type: string
maxLength: 8
description: Protocol version.
examples:
- 2.3.1
messageCategory:
type: string
minLength: 2
maxLength: 2
description: Identifies the category of the message for a specific use case.
examples:
- 01
threeDSRequestorAuthenticationInd:
type: string
minLength: 2
maxLength: 2
description: Three DS Requestor Authentication Indicator.
threeDSRequestorChallengeInd:
type: string
minLength: 2
maxLength: 2
description: Indicates whether a challenge is requested for this transaction.
threeDSReqAuthMethod:
type: string
description: Three DS Requestor Authentication Method.
RequestorPriorTransactionReference:
type: string
minLength: 36
maxLength: 36
description: |
Prior Transaction Reference get from protocol depending on Scheme & messageVersion.
Protocol 2.2:
- VISA / CB = threeDSReqPriorRef
- MC / BANCONTACT = threeDSReqPriorAuthData: 'dsTransID:'
Protocol 2.3.1:
- VISA / CB = threeDSReqPriorRef
- MC / BANCONTACT = threeDSReqPriorDsTransId
threeDSReqPriorRef:
type: string
maxLength: 36
description: Three DS Requestor Prior Reference.
threeDSReqPriorDsTransId:
type: string
maxLength: 36
description: Three DS Requestor Prior Transaction ID.
threeDSRequestorDecReqInd:
type: boolean
description: Indicates whether the 3DS Requestor requests the ACS to utilise
Decoupled Authentication and agrees to utilise Decoupled Authentication
if the ACS confirms its use.
threeDSRequestorDecMaxTime:
type: string
minLength: 5
maxLength: 5
description: Indicates the maximum amount of time that the 3DS Requestor
will wait for an ACS to provide the results of a Decoupled Authentication
transaction (in minutes).
threeRIInd:
type: string
minLength: 2
maxLength: 2
description: Indicates the type of 3RI request.
browser:
type: string
description: Browser name, determined by Babel based on user agent value.
examples:
- Chrome
- Android
- Safari mobile
whiteListStatus:
type: string
minLength: 1
maxLength: 1
description: Enables the communication of trusted beneficiary / whitelist status
between the ACS, the DS and the 3DS Requestor.
whiteListStatusSource:
type: string
minLength: 2
maxLength: 2
description: This data element will be populated by the system setting Whitelist
Status.
acquirerCountryCode:
type: string
minLength: 3
maxLength: 3
description: |
The code of the country where the acquiring institution is located
(in accordance with ISO 3166-1). The DS may edit the value provided by the 3DS Server.
- EmvCO 2.3.1: acquirerCountryCode is available
- EmvCO 2.1 & 2.2: Data not available
- EmvCO 2.1 & 2.2 + Bridging extension: acquirerCountryCode is available in EMVCo
extension 'Bridging extension'
- EmvCO 2.1 & 2.2 + MC extension: acquirerCountryCode is available in MC extension
'Merchant Data'
- EmvCO 2.1 & 2.2 + VISA extension: acquirerCountryCode is available in VISA extension
'Acquirer Country Code Extension'
threeDSRequestorID:
type: string
maxLength: 35
description: DS assigned 3DS Requestor identifier. Each DS will provide
a unique ID to each 3DS Requestor on an individual basis.
examples:
- 43431729300018
- 10063974*0000006
- CAR13473_12090401010
threeDSRequestorName:
type: string
maxLength: 40
description: DS assigned 3DS Requestor name. Each DS will provide a unique
name to each 3DS Requestor on an individual basis.
examples:
- VEEPEE
- E.LECLERC DRIVE.
- Amazon
addrMatch:
type: boolean
description: Address Match Indicator. Indicates whether the Cardholder Shipping
Address and Cardholder Billing Address are the same.
shipAddrCity:
type: string
maxLength: 50
description: The city of the Cardholder shipping address associated with
the card used for this purchase.
shipAddrCountry:
type: string
minLength: 3
maxLength: 3
description: The country of the Cardholder shipping address associated with
the card used for this purchase. ISO 3166-1 numeric value.
shipAddrPostCode:
type: string
maxLength: 16
description: ZIP or other postal code of the Cardholder shipping address
associated with the card used for this purchase.
billAddrCity:
type: string
maxLength: 50
description: The city of the Cardholder billing address associated with
the card used for this purchase.
billAddrCountry:
type: string
minLength: 3
maxLength: 3
description: The country of the Cardholder billing address associated with
the card used for this purchase. ISO 3166-1 numeric value.
billAddrPostCode:
type: string
maxLength: 16
description: ZIP or other postal code of the Cardholder billing address
associated with the card used for this purchase.
email:
type: string
maxLength: 254
description: The email address associated with the account that is either
entered by the Cardholder, or is on file with the 3DS Requestor.
phone:
type: string
minLength: 15
maxLength: 18
description: The phone number provided by the Cardholder. Mobile phone or
home phone or work phone.
browserAcceptHeader:
type: string
maxLength: 2048
description: Browser Accept Header.
examples:
- text/html,application/xhtml+xml,application/xml;q, 0.9,image/webp,*/*;q,0.8
browserColorDepth:
type: string
maxLength: 2
description: Browser Color Depth.
examples:
- 24
browserJavaEnabled:
type: boolean
description: Browser Java Enabled.
examples:
- false
browserJavascriptEnabled:
type: boolean
description: Browser JavaScript Enabled.
browserLanguage:
type: string
maxLength: 35
description: Browser Language.
Since protocol 2.3.1, browser language length is extended from 8 to 35 char.
examples:
- fr-FR
browserScreenHeight:
type: string
maxLength: 6
description: Browser Screen Height in pixel.
examples:
- 864
browserScreenWidth:
type: string
maxLength: 6
description: Browser Screen Width in pixel.
examples:
- 1536
browserTZ:
type: string
maxLength: 5
description: Browser Time Zone.
examples:
- 0
sdkAppID:
type: string
minLength: 36
maxLength: 36
description: UUID created upon all installations of the 3DS Requestor App on a Consumer
Device. This will be newly generated and stored by the 3DS SDK for each installation.
threeDSServerOperatorID:
type: string
maxLength: 32
description: DS assigned 3DS Server identifier.
purchaseInstalData:
type: string
maxLength: 3
description: Indicates the maximum number of authorizations permitted for
instalment payments.
acsTransID:
type: string
maxLength: 36
description: UUID of the Session.
examples:
- 320f8f85-5b4e-4784-80d5-44973c95de5a
payTokenInfo:
type: string
format: JSON
maxLength: 8059
description: Information about detokenized Payment Token.
Since protocol 2.3.1, `payTokenInfo` refers to table A.25 of EMV 3DS Protocol
specification. Since 24R1.
emvPaymentToken:
type: string
format: JSON
maxLength: 8059
description: Information about detokenized Payment Token.
For protocol 2.2, `emvPaymentToken` refers to EMV Payment Token Message Extension
specification. Since 24R1.
payTokenInd:
type: boolean
description: True indicates that the transaction was detokenized prior to
being received by the ACS.
Since 24R1.
payTokenSource:
type: string
minLength: 2
maxLength: 2
description: |
This data element is populated by the system residing in the 3-D Secure domain
where the detokenization occurs. Since 24R1.
| Value | Meaning |
| ----- | ------- |
| 01 | 3DS Server |
| 02 | DS |
visaFidoData:
type: string
description: WL FIDO on-behalf-of mode data. Since 24R3.
dsAuthInfVerifInd:
type: string
description: WL FIDO OBO DS Authentication information verification indicator.
Since 24R3.
threeDSReqAuthData:
type: string
description: WL FIDO attestation / assertion data of the pass-through mode. Since 24R3.
passThroughVerified:
type: boolean
description: Status describing whether the pass-through is verified or not,
based on status value (true = ok, false = failed). Since 24R3.
passThroughRespData:
type: string
format: JSON
description: Complete JSON response data about the pass-through process. Since 24R3.
threeDSMethodCollectedData:
description: 3DS method collected data, deserialized into an object.
For more information on its format, refer to the dedicated specifications.
Since 25R1. (optional feature linked to commercial proposal)
type: object
threeDSCompInd:
type: string
minLength: 1
maxLength: 1
description: Indicates whether the 3DS Method successfully completed.
Since 25R2.
examples:
- Y : Successfully completed
- N : Did not run or did not successfully complete
- U : Unavailable
threeDSMethodId:
type: string
minLength: 36
maxLength: 36
description: Contains the 3DS Server Transaction ID used during the previous execution of the 3DS Method.
Since 24R3.
examples:
- 550e8400-e29b-41d4-a716-446655440000
threeDSServerTransID:
type: string
minLength: 36
maxLength: 36
description: Universally unique transaction identifier assigned by the 3DS Server to identify a single transaction.
Since 24R3.
examples:
- 710e8400-e29b-41d4-a716-446655441502
eci:
type: string
minLength: 2
maxLength: 2
description: |
Electronic Commerce Indicator.
Payment System-specific value provided by the ACS or DS to indicate the results of the attempt to authenticate the Cardholder.
examples:
- "05"
deviceInfoB64:
type: string
maxLength: 64000
description: DeviceInfo format is Base64url-encoded JSON object (represented as a string)
examples:
- eyJEViI6IjEuNiIsIkREIjp7IkQwMjIiOiAiMDMiLCAiQzAwMSI6IkFuZHJvaWQiLCJDMDAyIjoiRGV2aWNlIE1hbnVmYWN0dXJlciIsIkMwMDQiOiJWZXJzaW9uIiwiQzAwNSI6ImVuX1VTIiwiQzAwNiI6IkVhc3Rlcm4gU3RhbmRhcmQgVGltZSIsIkMwMDciOiIwYzgzODNkMC0wZDU0LTRmNjEtOTVkNC05NzYyZTYyZDBhNDAiLCJDMDA5IjoiTXkgRGV2aWNlIE5hbWUgKD8pIiwiQzAxMCI6IiJ9LCJEUE5BIjp7IkMwMTEiOiJSRTAzIn0sIlNXIjpbIlNXMDEiLCJTVzA0Il19
description: Contains generic 3DS information regarding the transaction,
mostly provided by the ACS.
RecurringTransaction:
type: object
properties:
recurringFrequency:
type: string
maxLength: 4
description: Indicates the minimum number of days between authorisations.
recurringExpiry:
type: string
format: yyyyMMdd
maxLength: 8
description: Date after which no further authorisations shall be performed.
recurringAmount:
type: string
maxLength: 48
description: Recurring amount in minor units of currency with all punctuation removed.
recurringCurrency:
type: string
minLength: 3
maxLength: 3
description: Currency in which the Recurring Amount is expressed. ISO 4217 Numeric.
recurringExponent:
type: string
minLength: 1
maxLength: 1
description: Minor units of currency.
recurringDate:
type: string
format: yyyyMMdd
minLength: 8
maxLength: 8
description: Effective date of the new authorised amount
following the first / promotional payment in a recurring or instalment transaction.
amountInd:
type: string
minLength: 2
maxLength: 2
description: Indicates whether the recurring or instalment payment has a fixed or
variable amount.
frequencyInd:
type: string
minLength: 2
maxLength: 2
description: Indicates whether the recurring or instalment payment has a fixed or
variable frequency.
description: Recurring transaction information.
MessageExtension:
type: object
properties:
VISA:
$ref: '#/components/schemas/Visa'
MASTERCARD:
$ref: '#/components/schemas/MasterCard'
CB:
$ref: '#/components/schemas/CB'
description: Card information, mostly provided by the DS.
MasterCard:
type: object
properties:
score:
type: string
minLength: 4
maxLength: 4
description: Mastercard scoring value.
decision:
type: string
maxLength: 15
description: Mastercard decision of message extension.
reasonCode1:
type: string
minLength: 1
maxLength: 1
description: Mastercard reason code 1 of message extension.
secureCorporatePayment:
type: boolean
description: Indicates dedicated payment processes and procedures were used,
potential secure corporate payment exemption applies.
merchantFraudRate:
type: string
minLength: 1
maxLength: 1
description: Merchant fraud rate in the EEA (all EEA card fraud divided
by all EEA card volumes) calculated as per PSD2 RTS.
scaExemptions:
type: string
minLength: 2
maxLength: 2
description: This will allow the same 3DS requestor challenge indicator
values defined in v2.2 for PSD2 SCA exemptions.
description: Mastercard information.
Visa:
type: object
properties:
score:
type: string
minLength: 2
maxLength: 2
description: Visa score between 0-99.
dafAdvice:
type: string
minLength: 2
maxLength: 2
description: 01 = must approve / 02 = Issuer decision.
authPayCredStatus:
type: boolean
description: true = DAF.
authPayProcessReqInd:
type: string
minLength: 2
maxLength: 2
description: 01 = DAF transaction / 02 = credential status check per 3RI/NPA.
chAccReqID:
type: string
maxLength: 36
description: Unique account ID.
description: Visa information.
CB:
type: object
properties:
CBEXEMPTACQ:
type: boolean
description: CB extension (CB-EXEMPTACQ).
cbDeviceIndData:
description: "Advanced Data Collect extension for CB. Since 25R1."
$ref: '#/components/schemas/DIIndicators'
description: CB card information.
DIIndicators:
description: "Advanced Data Collect extension for CB. Since 25R1. (optional feature linked to commercial proposal)"
type: "object"
properties:
acctNbOnCountryIpD2D180:
description: "Number of authentication requests initiated with the current
Cardholder Account Number and with an IP Address (both as received in the
AReq message) in a range corresponding to the same country as the current
operation, between the previous 2 to 180 days."
type: "string"
minLength: 3
maxLength: 3
acctNbOnOtherDeviceD2D180:
description: "Number of authentication requests initiated with the current
Cardholder Account Number (as received in the AReq message) from other
devices (than the current device) between the previous 2 to 180 days."
type: "string"
minLength: 3
maxLength: 3
acctNbOnSameDeviceD2D180:
description: "Number of authentication requests initiated with the current
Cardholder Account Number (as received in the AReq message) from the
current device between the previous 2 to 180 days."
type: "string"
minLength: 3
maxLength: 3
emailOnOtherDeviceD2D180:
description: "Number of authentication requests initiated with the current
email address from other devices (than the current device) between the
previous 2 to 180 days; the email address used is the first available in
the following list = Delivery Email Address or Cardholder Email Address (as
received in the AReq message)."
type: "string"
minLength: 3
maxLength: 3
emailOnSameDeviceD2D180:
description: "Number of authentication requests initiated with the current
email address from the current device between the previous 2 to 180 days;
the email address used is the first available in the following list =
Delivery Email Address or Cardholder Email Address (as received in the AReq
message)."
type: "string"
minLength: 3
maxLength: 3
ipOnOtherDeviceD2D180:
description: "Number of authentication requests initiated with the current IP
Address (as received in the AReq message) from other devices (than the
current device) between the previous 2 to 180 days."
type: "string"
minLength: 3
maxLength: 3
ipOnSameDeviceD2D180:
description: "Number of authentication requests initiated with the current IP
Address (as received in the AReq message) from the current device between
the previous 2 to 180 days."
type: "string"
minLength: 3
maxLength: 3
nbAcctNbOnSameDeviceD0D4:
description: "Number of different Cardholder Account Numbers (as received in
the AReq message) used to initiate authentication requests from the current
device during the previous 4 days."
type: "string"
minLength: 3
maxLength: 3
nbDaySinceFirstAcctNbOnSameDevice:
description: "Number of days since the first authentication requests initiated
with the current Cardholder Account Number (as received in the AReq message
) on the current Device."
type: "string"
minLength: 3
maxLength: 3
nbDaySinceFirstEmailUse:
description: "Number of days since the first authentication requests initiated
with the current email address and on the current Device; the email address
used is the first available in the following list = Delivery Email Address
or Cardholder Email Address (as received in the AReq message)."
type: "string"
minLength: 3
maxLength: 3
nbDeviceOnSameAcctNbD2D180:
description: "Number of different devices used to initiate authentication
requests with the current Cardholder Account Number (as received in the
AReq message) between the previous 2 to 180 days."
type: "string"
minLength: 3
maxLength: 3
nbDeviceOnSameEmailD2D180:
description: "Number of different devices used to initiate authentication
requests with the current email address between the previous 2 to 180 days;
the email address used is the first available in the following list =
Delivery Email Address or Cardholder Email Address (as received in the AReq
message)."
type: "string"
minLength: 3
maxLength: 3
nbDeviceOnSameIpD2D180:
description: "Number of different devices used to initiate authentication
requests with the current IP Address (as received in the AReq message)
between the previous 2 to 180 days."
type: "string"
minLength: 3
maxLength: 3
nbDeviceOnSamePhoneD2D180:
description: "Number of different devices used to initiate authentication
requests with the current phone number between the previous 2 to 180 days;
the phone number used is the first available in the following list =
Cardholder Mobile Phone Number, Cardholder Home Phone Number or Cardholder
Work Phone Number (as received in the AReq message)."
type: "string"
minLength: 3
maxLength: 3
phoneOnOtherDeviceD2D180:
description: "Number of authentication requests initiated with the current
phone number and from other devices (than the current device) between the
previous 2 to 180 days; the phone number used is the first available in
the following list = Cardholder Mobile Phone Number, Cardholder Home Phone
Number or Cardholder Work Phone Number (as received in the AReq message)."
type: "string"
minLength: 3
maxLength: 3
phoneOnSameDeviceD2D180:
description: "Number of authentication requests initiated with the current
phone number and from the current device between the previous 2 to 180 days;
the phone number used is the first available in the following list =
Cardholder Mobile Phone Number, Cardholder Home Phone Number or Cardholder
Work Phone Number (as received in the AReq message)."
type: "string"
minLength: 3
maxLength: 3
versionDIRs:
description: "DI Response message version identifier, as defined by CB."
type: "string"
minLength: 3
maxLength: 5
MatchingAttack:
type: object
properties:
type:
$ref: '#/components/schemas/TypeEnum'
pattern:
type: object
properties:
BROWSER:
type: string
OS:
type: string
TRANSACTION_AMOUNT:
type: string
TRANSACTION_CURRENCY_CODE:
type: string
IP_V4:
type: string
IP_V6:
type: string
EXPIRY_DATE:
type: string
BINRANGE:
type: string
THREEDSREQUESTORAPPURL:
type: string
PRINCIPAL:
type: string
DEVICE_CHANNEL:
type: string
description: Pattern of the attack alert matching the transaction.
description: Attack alert matching the transaction.
TypeEnum:
type: string
description: Type of the attack alert.
enum:
- BIN