This document compiles general information about the 3RI (Merchant Initiated Transaction) flow in EMV 3DS, followed by specific considerations for Visa and Mastercard.
1. Definitions and Mandates
Definition: 3RI refers to merchant-initiated transactions without the active presence of the cardholder, reusing a previous authentication (CIT) to obtain new CAVV/ECI values.
Device Channel (deviceChannel): must always be 03 (RI) for 3RI flows.
Key field: threeRIInd in the AReq defines the type of flow.
3RI Indicator (threeRIInd): defines the type of 3RI transaction in the AReq authentication request. (See section 3 for allowed values)
Not all 3RI indicator values documented in the EMV 3DS specification are currently supported by the card brands.
Support mandates: Visa: PA since Sep 1, 2019; NPA since Apr 14, 2021. Mastercard: EMV 3DS 2.2 and 2.3, mandatory since 2024.
2. Common Considerations
Frequent DS errors
- Error 201: missing required field.
- Error 203: invalid format (e.g., the threeDSRequestorPriorAuthenticationInfo object was not sent).
Attempts Server: if the DS does not route to the ACS, it returns transStatus=N, reason=87. The merchant must retry or go direct-to-auth without shift.
Prohibited challenges: in 3RI, transStatus=C is not accepted; the DS transforms it to N/87 (non-MIT) or stand-in (MIT) and sends error 203 to the ACS.
Expected ACS response (PA): transStatus=Y (authenticated, shift), eci=07 (MIT) or eci=05 (recurring), with CAVV; or A in UCOF fallback.
NPA: ACS responds with transStatus=Y|A, without ECI/CAVV. No liability shift.
Decoupled Fallback: optional; the ACS sends an RReq with transStatus=D, then the 3DS Server sends a new AReq with indicator 19 and PriorAuthInfo.
3. Allowed Values
4. Field Requirements in AReq
Note: If missing or mismatched, the DS returns error 201 or 203.
5. Prerequisites
- Initial EMV 3DS authentication must be completed via a challenge.
- (Visa DAF) VMID and card ranges must be enabled.
6. Visa Directory Server Behavior
-
Excluded from Attempts: All non-DAF/MIT 3RI return
transStatus = N,reason = 87if not routed to the ACS; the merchant must retry or authorize without CAVV. -
Prohibited challenge: ACS never sends
Cin 3RI; if it does, DS returns:- Non-MIT:
transStatus=N,reason=87, error 203 to ACS. - MIT: regional stand-in + error 203.
- Non-MIT:
7. Respuestas Stand‑In para MIT (threeRIInd=01,02,81)
Frequently Asked Questions
Is it possible to add a card (threeDSAuthenticationInd: ADD_CARD (04)) and authenticate a payment (PA) at the same time?
No, it is not possible.
The Add Card process in a merchant aims to validate the identity of the cardholder. During this flow, a verification amount may be sent, which will be deducted to check for available funds and must be refunded later by the merchant.
This does not constitute a Payment Authentication (PA) by itself. If payment authentication is required, an additional authentication process must be performed after completing the Add Card flow.
Can a CIT NPA be used as PriorInformation for a MIT PA?
Yes, but only in the case of a one-time payment.
In this scenario, a CIT NPA of type Add Card can be used.
The MIT transaction must be sent with the indicator threeRIInd = 81 (Unscheduled Credential-on-File – UCOF).
This type of transaction does not require recurrence values (recurringExpiry, recurringFrequency), only the payment amount.
This is the only confirmed valid use case. Other scenarios may eventually be added in future protocol versions. This exception applies exclusively to VISA using the DAF extension.
Key differences between these transaction categories
-
MIT (Merchant Initiated Transaction): Initiated by the merchant, usually for recurring payments (monthly, annual subscriptions, etc.). The cardholder has previously given consent for the merchant to charge their card periodically. It does not require active interaction from the cardholder at the time of the charge.
-
CIT NPA (Customer Initiated Transaction – Non Payment Authentication): Initiated by the cardholder, but it does not involve a direct payment. It is used for validations, such as verifying the card or checking available balance. Authentication can occur, but without transferring funds.
Since a MIT involves a payment and a CIT NPA does not, under normal circumstances it would not make sense to combine them. The only valid exception is the one described above (one-time payment with VISA + DAF).
In summary: a CIT NPA can be used as PriorInformation in a MIT PA only if it is a one-time (non-recurring) payment.
What is Visa Digital Authentication Framework (DAF)?
Visa DAF is an extension of the 3D Secure protocol that allows Visa to identify cardholders who have successfully completed a challenge authentication flow at a specific merchant–acquirer.
Once the customer is authenticated, Visa designates the credential as an Authenticated Credential Payment (ACP).
This grants a trusted status so that the subsequent transactions made by the same cardholder at that merchant can be authenticated immediately, without requiring another challenge.
9. Specific Flows
Recurring Payments
Objective: Allow subsequent automatic charges without additional cardholder interaction, following a successful initial authentication.
Glossary
- 3DS: Three-Domain Secure.
- 3RI: 3D-Secure Recurring Initiation.
- MIT: Merchant Initiated Transaction.
- BRW: Browser Authentication (channel 02).
- RI: Recurring Initiation (channel 03).
Definitions
A recurring payment with 3DS (3RI) is a scheduled, periodic automatic charge that reuses the initial authentication for future debits without requiring additional cardholder interaction.
Use Cases
- Digital subscriptions: streaming, SaaS.
- Bill payments: utilities, insurance, loans.
- Membership renewals: gyms, clubs.
General Flow Diagram
1. Initial Authentication (3RI)
2. Save threeDSRequestorPriorAuthenticationInfo and CAVV
3. Subsequent charges (RI) using previous data (threeDSRequestorPriorAuthenticationInfo)
Integration
Base Endpoint
POST https://3dss-dev.placetopay.ws/api/threeds/v2x/sessions
Common Parameters
DAF Fields (Visa Digital Authentication Framework)
These additional fields are required if the merchant participates in DAF:
billAddrCity,billAddrCountry,billAddrLine1,billAddrPostCode,billAddrStatemobilePhone
More DAF requirements details at: https://docs.placetopay.com/three-d-s-server/api/integration/session-d-a-f
Brand Examples
Mastercard – Initial Authentication
{
"deviceChannel": "BRW",
"threeDSAuthenticationInd": "RECURRING_TRANSACTION",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"recurringExpiry": "20250101",
"recurringFrequency": "2",
"acctNumber": "5107000000010018",
"cardExpiryDate": "2902",
"redirectURI": "https://www.placetopay.com/web",
"purchaseAmount": "10",
"purchaseCurrency": "USD",
"reference": "Subscription January 2025",
"messageVersion": "2.2.0"
}
Visa – Initial Authentication with DAF
{
"deviceChannel": "BRW",
"threeDSAuthenticationInd": "RECURRING_TRANSACTION",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"recurringExpiry": "20260101",
"recurringFrequency": "2",
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"redirectURI": "https://www.placetopay.com/web",
"purchaseAmount": "102",
"purchaseCurrency": "USD",
"reference": "Subscription January 2025",
"messageVersion": "2.2.0",
"billAddrCity": "Medellín",
"billAddrCountry": "COL",
"billAddrLine1": "Carrera 65 #45-20",
"billAddrPostCode": "050004",
"billAddrState": "ANT",
"email": "[email protected]",
"mobilePhone": { "cc": "57", "subscriber": "3111111111" }
}
Response
For both Visa and Mastercard, initial authentications return the following parameters:
{
"action": "redirect",
"sessionToken": "398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"redirectURL": "https://3dss-test.placetopay.com/threeds/v2x/sessions/86036/398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"transactionID": 248002
}
Subsequent Authentications (RI)
In the recurring phase, use deviceChannel: RI.
Mastercard – Example Request for Subsequent Authentications
{
"deviceChannel": "RI",
"threeRIInd": "RECURRING_TRANSACTION",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-09T19:48:20+00:00",
"threeDSReqPriorRef": "fa4544ea-9002-444a-a891-5fd126735c41"
},
"acctNumber": "5107000000010018",
"cardExpiryDate": "2902",
"purchaseAmount": "5",
"purchaseCurrency": "USD",
"reference": "February 2024",
"redirectURI": "https://www.placetopay.com/web",
"messageVersion": "2.2.0"
}
Mastercard - example RI Response
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "2e6bd601-7a61-4fa5-accc-10a30e0d66db",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539",
"acsTransID": "80fb86d5-35e7-4249-b6df-6905d9c6ba4f",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "3a961497-8ac7-447d-9926-06bf4c1fa1a9",
"messageVersion": "2.2.0",
"acsOperatorID": "ACS-V210-ACS-PLACETOPAY-11174",
"authenticationValue": "xgQiqOYmAAAAAAAAAAAAAAAAAAA=",
"eci": "07",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "FRICTIONLESS_AUTHENTICATION",
"authTimestamp": "2024-09-09T19:52:20+00:00",
"transactionID": 248003
}
Visa – Example Request for Subsequent Authentications with DAF
{
"deviceChannel": "RI",
"threeRIInd": "RECURRING_TRANSACTION",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-09T20:06:30+00:00",
"threeDSReqPriorRef": "3b632ce4-26ea-407d-a2a0-4a7b27c91c14"
},
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "1",
"purchaseCurrency": "USD",
"reference": "February 2024",
"redirectURI": "https://www.placetopay.com/web",
"billAddrCity": "Medellín",
"billAddrCountry": "COL",
"billAddrLine1": "Carrera 65 # 45 - 20",
"billAddrPostCode": "050004",
"billAddrState": "ANT",
"email": "[email protected]",
"mobilePhone": {
"cc": "57",
"subscriber": "3111111111"
},
"messageVersion": "2.2.0"
}
Visa - example RI Response
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "0e0ee43c-9601-4e29-9c8d-32b893ded4db",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539V3",
"acsTransID": "ab8b1aec-2cf9-4d60-a45f-8d499894dae5",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "072b329b-ca7f-47ff-a6b0-ff5a3d6321cb",
"messageVersion": "2.2.0",
"acsOperatorID": "10078025",
"authenticationValue": "BpkCBIU4VgAAAABkhAJTdYknEmE=",
"eci": "05",
"messageExtension": [
{
"name": "DAF Extension",
"id": "A000000003-003",
"criticalityIndicator": false,
"data": {
"chAccReqID": "MUHZx0nojuVVAZJwPD4CWps0RuxUPxepI8sk57Yd/s4=",
"authPayProcessReqInd": "01",
"version": "1.0",
"authPayCredStatus": "Y",
"dafAdvice": "01"
}
}
],
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "FRICTIONLESS_AUTHENTICATION",
"authTimestamp": "2024-09-09T20:52:36+00:00",
"transactionID": 248013
}
Installment Payments
Objective: Allow merchants to split the payment of a single purchase into several fixed installments, storing the initial authorization to issue subsequent charges without further interaction.
Glossary
- 3DS: Three-Domain Secure.
- 3RI: 3‑D Secure Recurrent Initiation.
- CAVV: Cardholder Authentication Verification Value.
- BRW: Browser Authentication (channel 02).
- RI: Recurring Initiation (channel 03).
Definiciones
An installment transaction is one in which the total purchase amount is divided into smaller periodic payments over a set period of time. These payments may include interest or other fees associated with financing the purchase.
Unlike a recurring transaction, in an installment transaction the cardholder makes a single purchase that is split into several payments, rather than authorizing multiple separate charges. Each payment may require an individual authorization, but the cardholder does not need to approve future payments at the time of the initial purchase.
Additionally, an installment purchase has limits on the number of authorizations purchaseInstalData and recurringExpiry date, and amounts are cumulative. A recurring transaction is limited only by the recurringExpiry date and the amount is always the same (or at least that amount is the maximum).
Key differences:
- Recurring: same amount, same frequency until
recurringExpiry. - Installments: cumulative amounts, limit on number of authorizations (
purchaseInstalData) y fecha (recurringExpiry).
Note: For Mastercard, this value is only available in version 2.3.1 of the standard and with Bridging Message Extension.
Use Cases
- Online installment purchases: e.g., buying a computer and splitting the payment into monthly installments.
- Financing products or services: such as furniture, electronics, or medical services with installment financing options.
- Vacation payment plans: travel agencies that offer customers the option to pay for a trip in multiple installments before the travel date.
Prerequisites
- Initial EMV 3DS authentication must be completed through a challenge.
- (Visa DAF) VMID and card ranges enabled.
General Flow Diagram
1. Initial Authentication (installment payment 1)
2. Save threeDSRequestorPriorAuthenticationInfo and CAVV
3. For each subsequent installment:
a. RI request (`INSTALMENT_TRANSACTION`)
b. Charge the installment with previous data
Integration
Endpoint Base
POST https://3dss-dev.placetopay.ws/api/threeds/v2x/sessions
Common Parameters
Campos DAF (Visa Digital Authentication Framework)
These additional fields are required if the merchant participates in DAF:
billAddrCity,billAddrCountry,billAddrLine1,billAddrPostCode,billAddrStatemobilePhone
More details on DAF requirements: https://docs.placetopay.com/three-d-s-server/api/integration/session-d-a-f
Brand Examples
Mastercard – Initial Authentication (Installment 1)
{
"deviceChannel": "BRW",
"threeDSAuthenticationInd": "INSTALMENT_TRANSACTION",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"recurringExpiry": "20250101",
"recurringFrequency": "2",
"purchaseInstalData": "2",
"acctNumber": "5107000000010018",
"cardExpiryDate": "2902",
"redirectURI": "https://www.placetopay.com/web",
"purchaseAmount": "1000",
"purchaseCurrency": "USD",
"reference": "6-installment plan - Product X",
"messageVersion": "2.2.0"
}
Visa – Initial Authentication with DAF
{
"deviceChannel": "BRW",
"threeDSAuthenticationInd": "INSTALMENT_TRANSACTION",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"recurringExpiry": "20260101",
"recurringFrequency": "2",
"purchaseInstalData": "2",
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "1000",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "6-installment plan - Product X",
"billAddrCity": "Medellín",
"billAddrCountry": "COL",
"billAddrLine1": "Carrera 65 # 45 - 20",
"billAddrPostCode": "050004",
"billAddrState": "ANT",
"email": "[email protected]",
"mobilePhone": {
"cc": "57",
"subscriber": "3111111111"
},
"messageVersion": "2.2.0"
}
Response
For both Visa and Mastercard, initial authentications return the following parameters:
{
"action": "redirect",
"sessionToken": "398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"redirectURL": "https://3dss-test.placetopay.com/threeds/v2x/sessions/86036/398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"transactionID": 248002
}
Subsequent Authentications (RI)
In the recurring phase, use deviceChannel: RI.
Mastercard – example request for subsequent authentications
{
"deviceChannel": "RI",
"threeRIInd": "INSTALMENT_TRANSACTION",
"recurringExpiry": "20250101",
"recurringFrequency": "2",
"purchaseInstalData": "2",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T16:12:47+00:00",
"threeDSReqPriorRef": "51bbcd10-0c31-4efc-ad49-ba9bdea2f413"
},
"acctNumber": "5107000000010018",
"cardExpiryDate": "2902",
"purchaseAmount": "500",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "6-installment plan - Installment 2",
"messageVersion": "2.2.0"
}
Mastercard - Sample 3RI response
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "f5e8b9c4-5cfd-461d-9115-e51fe7d5c42a",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539",
"acsTransID": "98d5739a-c623-4512-9f87-a48368848d44",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "def67c44-653a-4879-b500-935d8429b4a4",
"messageVersion": "2.2.0",
"acsOperatorID": "ACS-V210-ACS-PLACETOPAY-11174",
"authenticationValue": "xgRKM8pzAAAAAAAAAAAAAAAAAAA=",
"eci": "07",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "FRICTIONLESS_AUTHENTICATION",
"authTimestamp": "2024-09-10T16:16:19+00:00",
"transactionID": 248067
}
Visa – sample request for subsequent authentications with DAF
{
"deviceChannel": "RI",
"threeRIInd": "INSTALMENT_TRANSACTION",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T16:35:31+00:00",
"threeDSReqPriorRef": "f0bb9172-018d-42ae-b2ad-715e274bddef"
},
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "500",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "6-installment plan - Installment 2",
"billAddrCity": "Medellín",
"billAddrCountry": "COL",
"billAddrLine1": "Carrera 65 # 45 - 20",
"billAddrPostCode": "050004",
"billAddrState": "ANT",
"email": "[email protected]",
"mobilePhone": {
"cc": "57",
"subscriber": "3111111111"
},
"messageVersion": "2.2.0"
}
Visa - 3RI response example
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "50709e2a-4dad-4c60-acaa-c5d3e1ede924",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539V3",
"acsTransID": "3cdfa009-4018-4230-a72b-658587a5794c",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "72455b8f-5a57-4716-93fe-b72d3878805b",
"messageVersion": "2.2.0",
"acsOperatorID": "10078025",
"authenticationValue": "BpkCBSMnAAAAAMNQhAJUdYknEmE=",
"eci": "05",
"messageExtension": [
{
"name": "DAF Extension",
"id": "A000000003-003",
"criticalityIndicator": false,
"data": {
"chAccReqID": "MUHZx0nojuVVAZJwPD4CWps0RuxUPxepI8sk57Yd/s4=",
"authPayProcessReqInd": "01",
"version": "1.0",
"authPayCredStatus": "Y",
"dafAdvice": "01"
}
}
],
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "FRICTIONLESS_AUTHENTICATION",
"authTimestamp": "2024-09-10T19:45:25+00:00",
"transactionID": 248109
}
Split Shipment
Objective: Allow separate charges associated with a single order when delivery is made in multiple shipments, reusing the initial authentication without additional interaction.
Glossary
- 3DS: Three-Domain Secure.
- 3RI: 3‑D Secure Recurrent Initiation.
- CAVV: Cardholder Authentication Verification Value.
- BRW: Browser Authentication (channel 02).
- RI: Recurring Initiation (channel 03).
Definition
This transaction type is used to indicate that the transaction corresponds to a Split Shipment. In a Split Shipment scenario, an order or booking is paid in several transactions because the services or products are provided at different times. Although the initial order is unique, delivery of its components is split, and each part can be charged when it is ready or confirmed.
Split Shipments allow merchants to request a new CAVV to obtain liability protection in subsequent authorizations that may be necessary due to multiple authorizations related to a single order. This type of request can be made by any merchant that needs to process multiple authorizations associated with a single authentication.
Data to consider when processing split shipments:
The 3DS requestor name threeDSRequestorName and the merchant name merchantName must be the same in the initial authentication request and in each of the associated 3RI requests. The total value of all 3RI requests must not exceed the sum of the amount of the initial authentication request and the total of the amounts already authorized. Issuers must track the total value using transaction data from both the direct authorization and the EMV 3DS authentication.
Use Cases
- Orders with multiple items: a customer places an order for several products that are not all available in the warehouse at the same time. Therefore, the merchant decides to ship the items in several deliveries, depending on availability.
Prerequisites
- Initial EMV 3DS authentication must be completed through a challenge.
- (Visa DAF) VMID and card range enabled.
General Flow Diagram
1. Initial authentication (total order amount)
2. Save threeDSRequestorPriorAuthenticationInfo and CAVV
3. For each partial shipment:
a. RI request (SPLIT_OR_DELAYED_SHIPMENT)
b. Send charge with obtained CAVV
Integration
Endpoint Base
POST https://3dss-dev.placetopay.ws/api/threeds/v2x/sessions
Common Parameters
Brand Examples
Mastercard – Initial Authentication (for the total amount of the order)
{
"deviceChannel": "BRW",
"threeDSAuthenticationInd": "PAYMENT_TRANSACTION",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"acctNumber": "5107000000010018",
"cardExpiryDate": "2902",
"redirectURI": "https://www.placetopay.com/web",
"purchaseAmount": "167",
"purchaseCurrency": "USD",
"reference": "Order #1234 - Total",
"messageVersion": "2.2.0"
}
Visa – First Authentication (for the total amount of the order)
{
"deviceChannel": "BRW",
"threeDSAuthenticationInd": "PAYMENT_TRANSACTION",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "167",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "Order #1234 - Total",
"messageVersion": "2.2.0"
}
Response
For both Visa and Mastercard, initial authentications are responded to with the following parameters:
{
"action": "redirect",
"sessionToken": "1e7c2e6f2516a07020f30f8e5ef63bca7de42e16ac9498b61f2a8efd5ba52968",
"redirectURL": "https://3dss-test.placetopay.com/threeds/v2x/sessions/86160/1e7c2e6f2516a07020f30f8e5ef63bca7de42e16ac9498b61f2a8efd5ba52968",
"transactionID": 248126
}
Subsequent Authentications (RI)
In the recurring phase, use deviceChannel: RI.
Mastercard – sample request for second good/service
{
"deviceChannel": "RI",
"threeRIInd": "SPLIT_OR_DELAYED_SHIPMENT",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-08-14T16:16:01+00:00",
"threeDSReqPriorRef": "bd8571cb-f4f3-4ec6-ac23-d7ec11038c1c"
},
"acctNumber": "5107000000010018",
"cardExpiryDate": "2902",
"purchaseAmount": "12",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "Order #1234 - Shipment 2",
"messageVersion": "2.2.0"
}
Mastercard - Sample 3RI response
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "4159591c-bb88-4321-a295-0e6397377d3b",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539",
"acsTransID": "b4ec2f82-106b-469b-897d-f2aa37bbf25f",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "dc477252-ff8d-433d-b44a-4f8edbb0cae8",
"messageVersion": "2.2.0",
"acsOperatorID": "ACS-V210-ACS-PLACETOPAY-11174",
"authenticationValue": "xgTkbC8MAAAAAAAAAAAAAAAAAAA=",
"eci": "07",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "FRICTIONLESS_AUTHENTICATION",
"authTimestamp": "2024-09-10T20:19:30+00:00",
"transactionID": 248121
}
Visa – request example for a second good/service
{
"deviceChannel": "RI",
"threeRIInd": "SPLIT_OR_DELAYED_SHIPMENT",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T20:33:55+00:00",
"threeDSReqPriorRef": "68ea3861-fa27-429b-8633-ff3f6a288f71"
},
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "12",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "Order #1234 - Shipment 2",
"messageVersion": "2.2.0"
}
Visa - 3RI response example
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "87b8930d-8523-4083-8780-67adf3aeca96",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539V3",
"acsTransID": "b02b97b8-6748-4ecb-9f42-441b7d83d9cd",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "26281147-cee2-4683-a538-c70fad690a08",
"messageVersion": "2.2.0",
"acsOperatorID": "10078025",
"authenticationValue": "AJkCBxaRcQAAAASwhAJUdYknEmE=",
"eci": "05",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "FRICTIONLESS_AUTHENTICATION",
"authTimestamp": "2024-09-10T20:35:17+00:00",
"transactionID": 248127
}
Mastercard – sample request for third and final good/service
{
"deviceChannel": "RI",
"threeRIInd": "SPLIT_OR_DELAYED_SHIPMENT",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T20:16:01+00:00",
"threeDSReqPriorRef": "49c34627-aa6b-41dc-bdc8-e21c0276d9ce"
},
"acctNumber": "5107000000010018",
"cardExpiryDate": "2902",
"purchaseAmount": "130",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "Order #1234 - Shipment 3",
"messageVersion": "2.2.0"
}
Mastercard - Sample 3RI response
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "bc925646-c654-4ba2-9e0a-9afaaa5684cc",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539",
"acsTransID": "187648b7-ae15-4da6-a5df-f7298db768d9",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "a0a446cd-0767-4fa7-942b-e94571f1f37c",
"messageVersion": "2.2.0",
"acsOperatorID": "ACS-V210-ACS-PLACETOPAY-11174",
"authenticationValue": "xgSlHx+5AAAAAAAAAAAAAAAAAAA=",
"eci": "07",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "FRICTIONLESS_AUTHENTICATION",
"authTimestamp": "2024-09-10T20:23:36+00:00",
"transactionID": 248122
}
Visa – request example for a second good/service
{
"deviceChannel": "RI",
"threeRIInd": "SPLIT_OR_DELAYED_SHIPMENT",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T20:33:55+00:00",
"threeDSReqPriorRef": "68ea3861-fa27-429b-8633-ff3f6a288f71"
},
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "130",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "Order #1234 - Shipment 3",
"messageVersion": "2.2.0"
}
Visa - 3RI response example
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "2f9f285a-f876-4744-adaa-9c1cedf97271",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539V3",
"acsTransID": "14f3123b-d769-4a14-afea-d6bd5719d332",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "f1ca5639-b587-4cd1-894e-fa14b97b9fdf",
"messageVersion": "2.2.0",
"acsOperatorID": "10078025",
"authenticationValue": "AJkCAWCXJgAAADLIhAJUdYknEmE=",
"eci": "05",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "FRICTIONLESS_AUTHENTICATION",
"authTimestamp": "2024-09-10T20:38:23+00:00",
"transactionID": 248129
}
Delayed Shipment
Objective: Provide merchants with an extension of liability protection beyond 90 days after the initial authentication, issuing a new CAVV through 3RI for shipments or services that are delayed.
Glossary
- 3DS: Three-Domain Secure.
- 3RI: 3‑D Secure Recurrent Initiation.
- CAVV: Cardholder Authentication Verification Value.
- BRW: Browser Authentication (channel 02).
- RI: Recurring Initiation (channel 03).
Definitions
Allows merchants to maintain liability protection beyond 90 days after an initial authentication. Merchants can use this functionality when, for example, a shipment/service is delayed for more than 90 days. If the 3RI request is successful, a new CAVV will be generated for the merchant, granting another 90 days of liability protection.
When merchants request a new CAVV through a 3RI authentication, they must do so within 90 days of the date of the initial authentication. Merchants should only send this type of request if they need liability protection beyond the 90 days from the initial authentication. They should delay the request for a new CAVV as much as possible within the 90-day period. If the initial CAVV has expired, although it no longer provides liability protection, issuers should consider that it may still be used by the merchant as proof that authentication took place.
Data to consider when processing split shipments:
- The 3DS requestor name threeDSRequestorName and the merchant name merchantName must be the same in the initial authentication request and in each associated 3RI request.
- The total value of all 3RI requests must not exceed the amount of the initial authentication request and the total of the amounts already authorized.
Use Cases
- Product pre-orders: A customer purchases a product in pre-order, such as a book or an electronic device that is not yet available. The card is charged at the time of purchase, but the product will be shipped weeks or months later when it becomes available.
- Out-of-stock products: A customer buys a product that is not in stock at the time, but which will be shipped once it becomes available. The card is charged when the order is placed, and the product is shipped when inventory is replenished.
- Orders with scheduled shipments: A customer purchases several products but requests that the shipment be made on a specific future date. The payment is processed immediately, but the shipment is delayed until the requested date.
Prerequisites
- Initial EMV 3DS authentication must be completed through a challenge.
- (Visa DAF) VMID and card range enabled.
General Flow Diagram
1. Initial authentication (total order amount)
2. Store threeDSRequestorPriorAuthenticationInfo and initial CAVV
3. Before 90 days, send 3RI (`SPLIT_OR_DELAYED_SHIPMENT`) for new CAVV
Integration
Endpoint Base
POST https://3dss-dev.placetopay.ws/api/threeds/v2x/sessions
Parámetros Comunes
Brand Examples
Mastercard – Initial Authentication
{
"deviceChannel": "BRW",
"threeDSAuthenticationInd": "PAYMENT_TRANSACTION",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"acctNumber": "5107000000010018",
"cardExpiryDate": "2902",
"redirectURI": "https://www.placetopay.com/web",
"purchaseAmount": "112",
"purchaseCurrency": "USD",
"reference": "Product X",
"messageVersion": "2.2.0"
}
Visa – First Authentication
{
"deviceChannel": "BRW",
"threeDSAuthenticationInd": "PAYMENT_TRANSACTION",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "112",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "Product X",
"messageVersion": "2.2.0"
}
Response
For both Visa and Mastercard, initial authentications are responded to with the following parameters:
{
"action": "redirect",
"sessionToken": "398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"redirectURL": "https://3dss-test.placetopay.com/threeds/v2x/sessions/86036/398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"transactionID": 248002
}
Subsequent authentications
In the recurring phase, use deviceChannel: RI.
Mastercard – Example of a 3RI request for a delayed good/service
{
"deviceChannel": "RI",
"threeRIInd": "SPLIT_OR_DELAYED_SHIPMENT",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T21:06:02+00:00",
"threeDSReqPriorRef": "2dd8d5d0-8563-4ae5-aa9e-23d31fa6fb85"
},
"acctNumber": "5107000000010018",
"cardExpiryDate": "2902",
"purchaseAmount": "112",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "Product X",
"messageVersion": "2.2.0"
}
Mastercard - Sample 3RI response
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "f91b89a9-7924-48de-97ab-8cc58bc5fcc2",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539",
"acsTransID": "cc3b5ff3-9dd7-44ae-bfa0-472de466f449",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "a730d64c-ddb1-4f99-8f2c-4591d00021e3",
"messageVersion": "2.2.0",
"acsOperatorID": "ACS-V210-ACS-PLACETOPAY-11174",
"authenticationValue": "xgQkuJ5tAAAAAAAAAAAAAAAAAAA=",
"eci": "07",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "FRICTIONLESS_AUTHENTICATION",
"authTimestamp": "2024-09-10T21:07:09+00:00",
"transactionID": 248135
}
Visa – example of a 3RI request for a delayed good/service
{
"deviceChannel": "RI",
"threeRIInd": "SPLIT_OR_DELAYED_SHIPMENT",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T21:10:29+00:00",
"threeDSReqPriorRef": "7f7c0594-7e0f-4b13-bd45-6d180c35ffb0"
},
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "112",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "Product X",
"messageVersion": "2.2.0"
}
Visa - 3RI response example
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "0ec3a36a-3c91-4864-bfc0-730300027805",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539V3",
"acsTransID": "4483ff06-0f36-45a2-aa13-b7f88564910b",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "8360727e-22ff-4c23-bef8-ba2510eaf59b",
"messageVersion": "2.2.0",
"acsOperatorID": "10078025",
"authenticationValue": "AJkCAREXeQAAACvAhAJUdYknEmE=",
"eci": "05",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "FRICTIONLESS_AUTHENTICATION",
"authTimestamp": "2024-09-10T21:12:29+00:00",
"transactionID": 248138
}
Other Payments / Multi-Party Commerce
Objective: Provide support for scenarios in which multiple parties (agents, suppliers, merchants) participate in a single authentication flow and multiple authorizations under the same booking or payment.
Glossary
- 3DS: Three-Domain Secure
- 3RI: 3D-Secure Recurrent Initiation
- CAVV: Cardholder Authentication Verification Value
- BRW: Browser Authentication (channel 02)
- RI: Recurring Initiation (channel 03)
Definitions
Other payments is the category reserved for multi-party commerce scenarios that may occur when multiple parties are involved in processing multiple authorizations associated with a single travel booking, or when multiple parties in sectors other than travel are involved in processing multiple authorizations associated with a single payment from the cardholder’s point of view.
In the initial authentication request and associated 3RI requests, booking agents/service providers must also use the appropriate naming conventions and identifiers for the use case they are authenticating for:
- Authentication solely on behalf of a single merchant
- Authentication on behalf of multiple merchants
- Authenticating themselves and on behalf of another merchant
Similar to split shipments, issuers must track the total value using both authorization and authentication transaction data. This is necessary because the booking agent/merchant’s service provider cannot make a 3RI request for all parties involved in the transaction, and as such, the issuer cannot assume that the sum of all 3RI requests will equal the total of the original initial authentication amount — however, 3RI amounts must not exceed the original authenticated amount.
Booking agent authenticating on behalf of a single merchant
The cardholder has booked an item on the travel agent’s website — for example, a flight worth $395 — which must be paid to the seller (i.e., the airline, which will be the merchant in the authorization system) or charged by them at the time of booking, but the travel agent handles the authentication.
Booking agent authenticating on behalf of multiple merchants
A cardholder has booked three items on a booking agent travel website, payable to each individual travel provider (merchant 1, 2, and 3 in the authorization system). The travel website is not collecting funds but is performing the authentication on behalf of the 3 travel providers:
- A $170 flight payable to the airline (provider/merchant 1) at the time of booking
- A hotel for which no deposit is required at the time of booking (provider/merchant 2 takes the card details in case a no-show payment is needed)
- A car rental requiring a $50 deposit to the rental company (seller/merchant 3) at the time of booking
Integration
Endpoint Base
POST https://3dss-dev.placetopay.ws/api/threeds/v2x/sessions
Common Parameters
Brand Examples
Initial authentication for the total order amount by the booking agent
Mastercard
{
"deviceChannel": "BRW",
"threeDSAuthenticationInd": "MASTERCARD_THE_PAYMENT_REQUEST_IS_FOR_AN_AGENT_PAYMENT_TRANSACTION",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"acctNumber": "5107000000010018",
"cardExpiryDate": "2902",
"redirectURI": "https://www.placetopay.com/web",
"purchaseAmount": "395",
"purchaseCurrency": "USD",
"reference": "January 2024",
"messageVersion": "2.2.0"
}
Visa
{
"deviceChannel": "BRW",
"threeDSAuthenticationInd": "PAYMENT_TRANSACTION",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"redirectURI": "https://www.placetopay.com/web",
"purchaseAmount": "395",
"purchaseCurrency": "USD",
"reference": "January 2024",
"messageVersion": "2.2.0"
}
Response
For both Visa and Mastercard, initial authentications are responded to with the following parameters:
{
"action": "redirect",
"sessionToken": "398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"redirectURL": "https://3dss-test.placetopay.com/threeds/v2x/sessions/86036/398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"transactionID": 248002
}
Initial authentication for the total order amount by the booking agent
Mastercard
{
"deviceChannel": "BRW",
"threeDSAuthenticationInd": "MASTERCARD_THE_PAYMENT_REQUEST_IS_FOR_AN_AGENT_PAYMENT_TRANSACTION",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"acctNumber": "5107000000010018",
"cardExpiryDate": "2902",
"redirectURI": "https://www.placetopay.com/web",
"purchaseAmount": "395",
"purchaseCurrency": "USD",
"reference": "January 2024",
"messageVersion": "2.2.0"
}
Visa
{
"deviceChannel": "BRW",
"threeDSAuthenticationInd": "PAYMENT_TRANSACTION",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"redirectURI": "https://www.placetopay.com/web",
"purchaseAmount": "395",
"purchaseCurrency": "USD",
"reference": "January 2024",
"messageVersion": "2.2.0"
}
Response
For both Visa and Mastercard, initial authentications are responded to with the following parameters:
{
"action": "redirect",
"sessionToken": "398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"redirectURL": "https://3dss-test.placetopay.com/threeds/v2x/sessions/86036/398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"transactionID": 248002
}
Initial authentication by the booking agent for the amount owed for the order.
Mastercard
{
"deviceChannel": "BRW",
"threeDSAuthenticationInd": "MASTERCARD_THE_PAYMENT_REQUEST_IS_FOR_AN_AGENT_PAYMENT_TRANSACTION",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"acctNumber": "5107000000010018",
"cardExpiryDate": "2806",
"purchaseAmount": "220",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"messageVersion": "2.2.0"
}
Visa
{
"deviceChannel": "BRW",
"threeDSAuthenticationInd": "PAYMENT_TRANSACTION",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"recurringExpiry": "20260101",
"recurringFrequency": "2",
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "220",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "January 2024",
"messageVersion": "2.2.0"
}
Response
For both Visa and Mastercard, initial authentications are responded to with the following parameters:
{
"action": "redirect",
"sessionToken": "398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"redirectURL": "https://3dss-test.placetopay.com/threeds/v2x/sessions/86036/398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"transactionID": 248002
}
Subsequent authentications
In the recurring phase, use deviceChannel: RI.
3RI airline transactions
The reservation agent performs the 3RI transaction to obtain the CAVV and provide it to travel merchant 1 (airline).
Mastercard – 3RI request example
{
"deviceChannel": "RI",
"threeRIInd": "MASTERCARD_3RI_IS_FOR_AN_AGENT_PAYMENT_TRANSACTION",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T22:21:27+00:00",
"threeDSReqPriorRef": "c524216d-a19e-4a6b-ae1c-40b82c59fe38"
},
"acctNumber": "5107000000010018",
"cardExpiryDate": "2902",
"purchaseAmount": "170",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "March 2024",
"messageVersion": "2.2.0"
}
Mastercard - Sample 3RI response
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "1045a464-161f-4538-a769-9a0f84e27a3d",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539",
"acsTransID": "f31f4da1-7ac1-4be4-b37a-9e28d8e4eb9e",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "a0dca8a6-5fc5-49f9-96b2-8ee5c9e51508",
"messageVersion": "2.2.0",
"acsOperatorID": "ACS-V210-ACS-PLACETOPAY-11174",
"authenticationValue": "xgSFPEJIAAAAAAAAAAAAAAAAAAA=",
"eci": "07",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "FRICTIONLESS_AUTHENTICATION",
"authTimestamp": "2024-09-10T22:34:13+00:00",
"transactionID": 248159
}
Visa – 3RI request example
{
"deviceChannel": "RI",
"threeRIInd": "OTHER_PAYMENT",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T22:44:39+00:00",
"threeDSReqPriorRef": "9e4c13a7-0813-4402-9c53-687a01303f78"
},
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "170",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "February 2024",
"messageVersion": "2.2.0"
}
Visa - 3RI response example
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "1a53d143-230f-47b9-b886-a201ee867489",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539V3",
"acsTransID": "179f6511-b042-41f3-939d-7f862a527751",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "f5eb0bae-dccf-498e-b639-4abf5e86b162",
"messageVersion": "2.2.0",
"acsOperatorID": "10078025",
"authenticationValue": "AJkCAhAyeQAAAEJohAJUdYknEmE=",
"eci": "05",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "FRICTIONLESS_AUTHENTICATION",
"authTimestamp": "2024-09-10T22:46:32+00:00",
"transactionID": 248164
}
3RI hotel transactions
Mastercard – 3RI request example
{
"deviceChannel": "RI",
"threeRIInd": "MASTERCARD_3RI_IS_FOR_AN_AGENT_PAYMENT_TRANSACTION",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T22:21:27+00:00",
"threeDSReqPriorRef": "c524216d-a19e-4a6b-ae1c-40b82c59fe38"
},
"acctNumber": "5107000000010018",
"cardExpiryDate": "2902",
"purchaseAmount": "0",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "April 2024",
"messageVersion": "2.2.0"
}
Mastercard - Sample 3RI response
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "32c88ea6-7841-4c8b-9067-b84c99b20784",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539",
"acsTransID": "fa92fe01-84f7-4ae7-a3f1-1dd50f97ebef",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "634b8dc1-aa5b-48c3-b367-022156663c81",
"messageVersion": "2.2.0",
"acsOperatorID": "ACS-V210-ACS-PLACETOPAY-11174",
"authenticationValue": "xgRTaR2SAAAAAAAAAAAAAAAAAAA=",
"eci": "07",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "FRICTIONLESS_AUTHENTICATION",
"authTimestamp": "2024-09-10T22:36:05+00:00",
"transactionID": 248160
}
Visa – 3RI request example
{
"deviceChannel": "RI",
"threeRIInd": "OTHER_PAYMENT",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T22:44:39+00:00",
"threeDSReqPriorRef": "9e4c13a7-0813-4402-9c53-687a01303f78"
},
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "0",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "March 2024",
"messageVersion": "2.2.0"
}
Visa - 3RI response example
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "b9913d5d-4980-4103-b77c-5daf0c7054b0",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539V3",
"acsTransID": "e9b7726c-6f9a-4606-afe3-09dce49f49a2",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "6f9c449a-0ff3-4438-8c47-e3009ded9cd1",
"messageVersion": "2.2.0",
"acsOperatorID": "10078025",
"authenticationValue": "AJkCB4EjdQAAAAAAhAJUdYknEmE=",
"eci": "05",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "01",
"authTimestamp": "2024-09-10T22:48:07+00:00",
"transactionID": 248165
}
3RI Car Transactions The booking agent performs the 3RI transaction to obtain the CAVV and provide it to the travel merchant 3 (car rental).
Mastercard – 3RI request example
{
"deviceChannel": "RI",
"threeRIInd": "85",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T22:21:27+00:00",
"threeDSReqPriorRef": "c524216d-a19e-4a6b-ae1c-40b82c59fe38"
},
"acctNumber": "5107000000010018",
"cardExpiryDate": "2902",
"purchaseAmount": "50",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "March 2024",
"messageVersion": "2.2.0"
}
Mastercard - Sample 3RI response
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "c34f67dc-7a25-4977-97f7-ca1f961946be",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539",
"acsTransID": "fd189ecf-c65e-4a7d-9640-89662b850038",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "4680679e-d6ed-48d2-89d2-b73de0828a57",
"messageVersion": "2.2.0",
"acsOperatorID": "ACS-V210-ACS-PLACETOPAY-11174",
"authenticationValue": "xgSELtLrAAAAAAAAAAAAAAAAAAA=",
"eci": "07",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "01",
"authTimestamp": "2024-09-10T22:38:11+00:00",
"transactionID": 248161
}
Visa – 3RI request example
{
"deviceChannel": "RI",
"threeRIInd": "OTHER_PAYMENT",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T22:44:39+00:00",
"threeDSReqPriorRef": "9e4c13a7-0813-4402-9c53-687a01303f78"
},
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "50",
"redirectURI": "https://www.placetopay.com/web",
"purchaseCurrency": "USD",
"reference": "May 2024",
"messageVersion": "2.2.0"
}
Visa - 3RI response example
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "7a64778d-45de-48ae-8c78-ec688775315d",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539V3",
"acsTransID": "d4b3bbae-5594-4c89-9cf8-ae2ac3499223",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "5c4c3ec0-d31b-442d-81e8-86025c08cb9d",
"messageVersion": "2.2.0",
"acsOperatorID": "10078025",
"authenticationValue": "AJkCByOJNAAAABOIhAJUdYknEmE=",
"eci": "05",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "01",
"authTimestamp": "2024-09-10T22:49:54+00:00",
"transactionID": 248166
}
Unscheduled Card-on-File Transactions (UCOF)
Objective: Allow merchants to process one-time, unscheduled charges using previously stored card information, without requiring additional cardholder interaction, protected by 3DS.
Glossary
- 3DS: Three-Domain Secure.
- 3RI: 3‑D Secure Recurrent Initiation.
- UCOF: Unscheduled Card-On-File.
- NPA: No Payment (transaction with no debiting of funds).
- PA: Payment (transaction that verifies funds).
- BRW: Browser Authentication (channel 02).
- RI: Recurring Initiation (channel 03).
Definitions
Unscheduled Card-on-File (UCOF) transactions occur when a merchant uses card information stored in their system to perform a one-time, unscheduled charge to the customer’s card. These transactions are not associated with recurring or installment payments; instead, they are one-time transactions that leverage previously stored card details to facilitate payment.
- Online purchases without cardholder intervention: For example, a customer makes a purchase on a website using the save card for future purchases option. Later, on a different date, the merchant uses the stored card information to process a payment for an additional purchase without requiring further interaction from the customer.
- Automatic renewals for non-periodic services: Some services do not follow a regular billing cycle but may still opt to use stored card information to facilitate automatic renewals. For example, the annual renewal of a software subscription that is not billed monthly, but automatically charges the stored card when the renewal date arrives.
- One-time fees or charges: Situations in which a customer needs to make a one-time, unscheduled payment to a merchant, such as paying an outstanding invoice, an extra service fee, or a last-minute purchase.
Use Cases
- Additional purchases without login: Use of “save card” for future purchases.
- Non-periodic renewals: Annual subscription payments.
- One-time service charges: Outstanding invoices, penalties, last-minute purchases.
Prerequisites
- Initial EMV 3DS authentication.
- Merchant credentials and HMAC signature configured.
General Flow Diagram
1. Initial authentication (ADD_CARD or NPA)
2. Store threeDSRequestorPriorAuthenticationInfo and CAVV
3. RI (UCOF) request for one-time charge
Integration
Endpoint Base
POST https://3dss-dev.placetopay.ws/api/threeds/v2x/sessions
Common Parameters
Brand Examples
Visa No Payment (NPA)
NPA option: This option does not require verifying account funds.
Visa – First Authentication, Add Card
{
"deviceChannel": "BRW",
"messageCategory": "02",
"threeDSAuthenticationInd": "ADD_CARD",
"threeDSChallengeInd": "CHALLENGE_REQUESTED_MANDATE",
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"redirectURI": "https://www.placetopay.com/web",
"reference": "January 2024",
"messageVersion": "2.2.0",
"billAddrCity": "Medellín",
"billAddrCountry": "COL",
"billAddrLine1": "Carrera 65 # 45 - 20",
"billAddrPostCode": "050004",
"billAddrState": "ANT",
"email": "[email protected]",
"mobilePhone": {
"cc": "57",
"subscriber": "3111111111"
}
}
Response
{
"action": "redirect",
"sessionToken": "398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"redirectURL": "https://3dss-test.placetopay.com/threeds/v2x/sessions/86036/398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"transactionID": 248002
}
Subsequent authentications
Visa – 3RI request example
{
"deviceChannel": "RI",
"threeRIInd": "81",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-05-03T22:48:06+00:00",
"threeDSReqPriorRef": "5d822226-d2ad-4a43-8270-87c95003dad4",
"threeDSReqPriorAuthData": "valid_data"
},
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "1.00",
"purchaseCurrency": "USD",
"redirectURI": "https://www.placetopay.com/web",
"reference": "February 2024",
"messageVersion": "2.2.0"
}
Visa - 3RI response example
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "aec4b66f-f4ce-4bbf-9904-0759efa6ea8e",
"acsReferenceNumber": "PTOPID",
"acsTransID": "f7a98ab1-37d1-4e20-a7db-8f0491fbdd6d",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "655fabd4-ee08-4bab-963f-68c79063438f",
"messageVersion": "2.2.0",
"acsOperatorID": "CAS_OPERD_DR",
"authenticationValue": "BpkCBBYBJAAAAABkhAEkdYR0cUU=",
"eci": "05",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "RI",
"messageCategory": "PA",
"authMethod": "FRICTIONLESS_AUTHENTICATION",
"authTimestamp": "2024-05-03T22:49:38+00:00"
}
Visa Non-Payment (NPA) and DAF
Implementation with DAF is optional.
Visa
{
"deviceChannel": "02",
"messageCategory": "02",
"threeDSAuthenticationInd": "04",
"threeDSChallengeInd": "04",
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"redirectURI": "https://www.placetopay.com/web",
"reference": "January 2024",
"messageVersion": "2.2.0",
"billAddrCity": "Medellín",
"billAddrCountry": "COL",
"billAddrLine1": "Carrera 65 # 45 - 20",
"billAddrPostCode": "050004",
"billAddrState": "ANT",
"email": "[email protected]",
"mobilePhone": {
"cc": "57",
"subscriber": "3111111111"
}
}
Response
{
"action": "redirect",
"sessionToken": "398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"redirectURL": "https://3dss-test.placetopay.com/threeds/v2x/sessions/86036/398864c1e4c8217283b67f0312a2d8ee14e3814c0e000a92d4532bc406f65d2f",
"transactionID": 248002
}
Subsequent authentications
Visa – 3RI request example
{
"deviceChannel": "03",
"threeRIInd": "81",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T22:53:21+00:00",
"threeDSReqPriorRef": "e59f9e12-aaa5-4f29-a5ce-0acbb90fc2cb"
},
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "1.00",
"purchaseCurrency": "USD",
"redirectURI": "https://www.placetopay.com/web",
"reference": "February 2024",
"billAddrCity": "Medellín",
"billAddrCountry": "COL",
"billAddrLine1": "Carrera 65 # 45 - 20",
"billAddrPostCode": "050004",
"billAddrState": "ANT",
"email": "[email protected]",
"mobilePhone": {
"cc": "57",
"subscriber": "3111111111"
},
"messageVersion": "2.2.0"
}
Visa - 3RI response example
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "d48e4da7-889c-41c1-82eb-a8dba4e58d44",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539V3",
"acsTransID": "710adf8a-aaa2-43a1-9510-80edda02f347",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "b2255f0e-6bce-4a63-973c-396c03abe85d",
"messageVersion": "2.2.0",
"acsOperatorID": "10078025",
"authenticationValue": "BpkCCAAhkgAAAABkhAJUdYknEmE=",
"eci": "05",
"messageExtension": [
{
"name": "DAF Extension",
"id": "A000000003-003",
"criticalityIndicator": false,
"data": {
"chAccReqID": "MUHZx0nojuVVAZJwPD4CWps0RuxUPxepI8sk57Yd/s4=",
"authPayProcessReqInd": "01",
"version": "1.0",
"authPayCredStatus": "Y",
"dafAdvice": "01"
}
}
],
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "03",
"messageCategory": "PA",
"authMethod": "01",
"authTimestamp": "2024-09-10T22:56:48+00:00",
"transactionID": 248168
}
Visa Payment (PA)
PA Option: This option requires verification of account funds. A minimum sample value is assigned; please consider this value during implementation.
Visa
{
"deviceChannel": "02",
"messageCategory": "01",
"threeDSAuthenticationInd": "04",
"threeDSChallengeInd": "04",
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "1.00",
"purchaseCurrency": "USD",
"redirectURI": "https://www.placetopay.com/web",
"reference": "January 2024",
"messageVersion": "2.2.0"
}
Response
{
"action": "redirect",
"sessionToken": "ea515edd9d05e07ad58df6a96adf6b806172de055743099787318236304899f4",
"redirectURL": "https://3dss-test.placetopay.com/threeds/v2x/sessions/86202/ea515edd9d05e07ad58df6a96adf6b806172de055743099787318236304899f4",
"transactionID": 248168
}
Subsequent authentications
Visa – 3RI request example
{
"deviceChannel": "03",
"threeRIInd": "81",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T22:53:21+00:00",
"threeDSReqPriorRef": "e59f9e12-aaa5-4f29-a5ce-0acbb90fc2cb"
},
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "1.00",
"purchaseCurrency": "USD",
"redirectURI": "https://www.placetopay.com/web",
"reference": "February 2024",
"messageVersion": "2.2.0"
}
Visa - 3RI response example
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "d48e4da7-889c-41c1-82eb-a8dba4e58d44",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539V3",
"acsTransID": "710adf8a-aaa2-43a1-9510-80edda02f347",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "b2255f0e-6bce-4a63-973c-396c03abe85d",
"messageVersion": "2.2.0",
"acsOperatorID": "10078025",
"authenticationValue": "BpkCCAAhkgAAAABkhAJUdYknEmE=",
"eci": "05",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "03",
"messageCategory": "PA",
"authMethod": "01",
"authTimestamp": "2024-09-10T22:56:48+00:00",
"transactionID": 248168
}
Visa Payment (PA) and DAF
Implementation with DAF is optional.
PA Option: This option requires verification of account funds. A minimum sample value is assigned; please consider this value during implementation.
Visa
{
"deviceChannel": "02",
"messageCategory": "01",
"threeDSAuthenticationInd": "04",
"threeDSChallengeInd": "04",
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "1.00",
"purchaseCurrency": "USD",
"redirectURI": "https://www.placetopay.com/web",
"reference": "January 2024",
"messageVersion": "2.2.0",
"billAddrCity": "Medellín",
"billAddrCountry": "COL",
"billAddrLine1": "Carrera 65 # 45 - 20",
"billAddrPostCode": "050004",
"billAddrState": "ANT",
"email": "[email protected]",
"mobilePhone": {
"cc": "57",
"subscriber": "3111111111"
}
}
Response
{
"action": "redirect",
"sessionToken": "ea515edd9d05e07ad58df6a96adf6b806172de055743099787318236304899f4",
"redirectURL": "https://3dss-test.placetopay.com/threeds/v2x/sessions/86202/ea515edd9d05e07ad58df6a96adf6b806172de055743099787318236304899f4",
"transactionID": 248168
}
Subsequent authentications
Visa – 3RI request example
{
"deviceChannel": "03",
"threeRIInd": "81",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T22:53:21+00:00",
"threeDSReqPriorRef": "e59f9e12-aaa5-4f29-a5ce-0acbb90fc2cb"
},
"acctNumber": "4931119220729333",
"cardExpiryDate": "2902",
"purchaseAmount": "1.00",
"purchaseCurrency": "USD",
"redirectURI": "https://www.placetopay.com/web",
"reference": "February 2024",
"billAddrCity": "Medellín",
"billAddrCountry": "COL",
"billAddrLine1": "Carrera 65 # 45 - 20",
"billAddrPostCode": "050004",
"billAddrState": "ANT",
"email": "[email protected]",
"mobilePhone": {
"cc": "57",
"subscriber": "3111111111"
},
"messageVersion": "2.2.0"
}
Visa - 3RI response example
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "d48e4da7-889c-41c1-82eb-a8dba4e58d44",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539V3",
"acsTransID": "710adf8a-aaa2-43a1-9510-80edda02f347",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "b2255f0e-6bce-4a63-973c-396c03abe85d",
"messageVersion": "2.2.0",
"acsOperatorID": "10078025",
"authenticationValue": "BpkCCAAhkgAAAABkhAJUdYknEmE=",
"eci": "05",
"messageExtension": [
{
"name": "DAF Extension",
"id": "A000000003-003",
"criticalityIndicator": false,
"data": {
"chAccReqID": "MUHZx0nojuVVAZJwPD4CWps0RuxUPxepI8sk57Yd/s4=",
"authPayProcessReqInd": "01",
"version": "1.0",
"authPayCredStatus": "Y",
"dafAdvice": "01"
}
}
],
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "03",
"messageCategory": "PA",
"authMethod": "01",
"authTimestamp": "2024-09-10T22:56:48+00:00",
"transactionID": 248168
}
Mastercard Non-Payment (NPA)
NPA Option: This option does not require verification of account funds.
Mastercard
{
"deviceChannel": "02",
"messageCategory": "02",
"threeDSAuthenticationInd": "04",
"threeDSChallengeInd": "04",
"acctNumber": "5180300000000005",
"cardExpiryDate": "2902",
"redirectURI": "https://www.placetopay.com/web",
"reference": "MC_3DS_2024",
"messageVersion": "2.2.0"
}
Response
{
"action": "redirect",
"sessionToken": "ea515edd9d05e07ad58df6a96adf6b806172de055743099787318236304899f4",
"redirectURL": "https://3dss-test.placetopay.com/threeds/v2x/sessions/86203/ea515edd9d05e07ad58df6a96adf6b806172de055743099787318236304899f4",
"transactionID": 248168
}
Subsequent authentications
Mastercard – 3RI request example
{
"deviceChannel": "03",
"threeRIInd": "11",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T22:53:21+00:00",
"threeDSReqPriorRef": "e59f9e12-aaa5-4f29-a5ce-0acbb90fc2cb"
},
"acctNumber": "5180300000000005",
"cardExpiryDate": "2902",
"purchaseAmount": "1.00",
"purchaseCurrency": "USD",
"redirectURI": "https://www.placetopay.com/web",
"reference": "February 2024",
"messageVersion": "2.2.0"
}
Mastercard - Sample 3RI response
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "d48e4da7-889c-41c1-82eb-a8dba4e58d44",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539V3",
"acsTransID": "710adf8a-aaa2-43a1-9510-80edda02f347",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "b2255f0e-6bce-4a63-973c-396c03abe85d",
"messageVersion": "2.2.0",
"acsOperatorID": "10078025",
"authenticationValue": "BpkCCAAhkgAAAABkhAJUdYknEmE=",
"eci": "02",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "03",
"messageCategory": "PA",
"authMethod": "01",
"authTimestamp": "2024-09-10T22:56:48+00:00",
"transactionID": 248168
}
Mastercard Payment (PA)
PA Option: This option requires verification of account funds. A minimum sample value is assigned; please consider this value during implementation.
Mastercard
{
"deviceChannel": "02",
"messageCategory": "01",
"threeDSAuthenticationInd": "04",
"threeDSChallengeInd": "04",
"acctNumber": "5180300000000005",
"cardExpiryDate": "2902",
"purchaseAmount": "1.00",
"purchaseCurrency": "USD",
"redirectURI": "https://www.placetopay.com/web",
"reference": "MC_3DS_2024",
"messageVersion": "2.2.0"
}
Response
{
"action": "redirect",
"sessionToken": "ea515edd9d05e07ad58df6a96adf6b806172de055743099787318236304899f4",
"redirectURL": "https://3dss-test.placetopay.com/threeds/v2x/sessions/86203/ea515edd9d05e07ad58df6a96adf6b806172de055743099787318236304899f4",
"transactionID": 248168
}
Subsequent authentications
Mastercard – 3RI request example
{
"deviceChannel": "03",
"threeRIInd": "11",
"threeDSRequestorPriorAuthenticationInfo": {
"threeDSReqPriorAuthMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"threeDSReqPriorAuthTimestamp": "2024-09-10T22:53:21+00:00",
"threeDSReqPriorRef": "e59f9e12-aaa5-4f29-a5ce-0acbb90fc2cb"
},
"acctNumber": "5180300000000005",
"cardExpiryDate": "2902",
"purchaseAmount": "1.00",
"purchaseCurrency": "USD",
"redirectURI": "https://www.placetopay.com/web",
"reference": "February 2024",
"messageVersion": "2.2.0"
}
Mastercard - Sample 3RI response
{
"action": "continue",
"messageType": "ARes",
"threeDSServerTransID": "d48e4da7-889c-41c1-82eb-a8dba4e58d44",
"acsReferenceNumber": "3DS_LOA_ACS_EISF_020200_00539V3",
"acsTransID": "710adf8a-aaa2-43a1-9510-80edda02f347",
"dsReferenceNumber": "3DS_LOA_DIS_PPFU_020100_00010",
"dsTransID": "b2255f0e-6bce-4a63-973c-396c03abe85d",
"messageVersion": "2.2.0",
"acsOperatorID": "10078025",
"authenticationValue": "BpkCCAAhkgAAAABkhAJUdYknEmE=",
"eci": "02",
"transStatus": "Y",
"whiteListStatusSource": "03",
"whiteListStatus": "Y",
"deviceChannel": "03",
"messageCategory": "PA",
"authMethod": "01",
"authTimestamp": "2024-09-10T22:56:48+00:00",
"transactionID": 248168
}
Obtain the data from the threeDSRequestorPriorAuthenticationInfo
To obtain the required data, the CIT transaction first authentication must be launched. The transaction data can then be queried and the threeDSRequestorPriorAuthenticationInfo information can be sent in the MIT transaction.
Request Lookup
GET https://3dss-dev.placetopay.ws/api/v2x/transactions/{transactionID}
Response Lookup
{
"transStatus": "Y",
"transStatusReason": null,
"eci": "05",
"acsTransID": "5d822226-d2ad-4a43-8270-87c95003dad4",
"dsTransID": "5b3e6516-0a88-41a4-9c20-f97af2003acd",
"threeDSServerTransID": "fbefea2f-2ae6-4a21-94cc-d7e5083f05a6",
"sdkTransID": null,
"authenticationValue": "AAICAImZhwAAAAAAAAEkdYR0cUU=",
"messageVersion": "2.2.0",
"authMethod": "CARDHOLDER_CHALLENGE_OCCURRED",
"authTimestamp": "2024-05-03T22:48:06+00:00",
"enrolled": "Y",
"messageCategory": "NPA"
}
Improve Authentication Rates with Additional Data
We are pleased to invite you to visit the Additional Data section of our API documentation. This section provides crucial information for optimizing the 3DS authentication process.
Including this additional data in your requests allows issuers to perform a more accurate evaluation, which can significantly improve the successful authentication rate.
We encourage you to review these guidelines to take full advantage of the API's features and thus offer a more secure and efficient experience to your users.