PCI/Charge/CreatePayment
The Charge/CreatePayment operation is a REST API Web Service. It allows to create a new transaction using a card number.
In PCI-DSS mode, you can directly fill in card details in the web service.
For non-PCI use with embedded form, go here: Charge/CreatePayment(non-PCI).
Authentication with our authentication server
This Web Service allows to make a 3DS transaction. It is therefore necessary to know how this functionality works. To see how to integrate it, the reference documentation is present here: PCI Payment Creation Web Service.
Important aspect related to CB payments
With the implementation of PSD2, issuers can refuse the transaction if 3D Secure authentication has not been performed. This behavior is called "Soft Decline".
In the case of a "Soft Decline" the transactionDetails.cardDetails.authorizationResponse.authorizationResult field is valued at 81. It is the responsibility of the merchant to initiate a new payment with 3D secure authentication.
Authentication with another authentication server
The PCI/Charge/CreatePayment service allows PCI-DSS merchants who have performed cardholder authentication via their own authentication servers to create a payment method alias by passing card information as well as cardholder authentication data in their request.
See the integration guide for more information.
Request parameters
The PCI/Charge/CreatePayment REST Web Service supports the following parameters:
amount
Payment amount in its smallest currency unit (cent for euro).
Example: 30050 for EUR 300.50.
Format
currency
Payment currency. Alphabetic code in uppercase according to alpha-3 (ISO 4217).
Eg: "EUR" for the euro.
Format
Possible values
. The possible values are:
Currency | ISO 4217 ENCODING | Fractional unit |
---|---|---|
Australian dollar (036) | AUD | 2 |
Lev Bulgare (975) | BGN | 2 |
Brazilian real (986) | BRL | 2 |
Canadian dollar (124) | CAD | 2 |
Swiss franc (756) | CHF | 2 |
Chinese renminbi (156) | CNY | 1 |
Czech koruna (203) | CZK | 2 |
Danish crown (208) | DKK | 2 |
Euro (978) | EUR | 2 |
Pound Sterling (826) | GBP | 2 |
Hong Kong dollar (344) | HKD | 2 |
Kuna Croate (191) | HRK | 2 |
Hungarian forint (348) | HUF | 2 |
Indian rupee (356) | INR | 2 |
Indonesian rupiah (360) | IDR | 2 |
Japanese yen (392) | JPY | 0 |
Cambodian riel (116) | KHR | 0 |
South Korean won (410) | KRW | 0 |
Mexican peso (484) | MXN | 2 |
Malaysian ringgit (458) | MYR | 2 |
New Zealand dollar (554) | NZD | 2 |
Norwegian crown (578) | NOK | 2 |
Philippine peso (608) | PHP | 2 |
Polish zloty (985) | PLN | 2 |
Leu Roumain (946) | RON | 2 |
Russian ruble (643) | RUB | 2 |
Singapore dollar (702) | SGD | 2 |
Swedish krona (752) | SEK | 2 |
Thai baht (764) | THB | 2 |
Turkish lira (949) | TRY | 2 |
New Taiwan dollar (901) | TWD | 2 |
US dollar (840) | USD | 2 |
CFP Franc (953) | XPF | 0 |
South African rand (710) | ZAR | 2 |
orderId
Order reference defined by the Merchant.Does not support UTF-8 characters.
Format
formAction
formAction allows you to define the type of desired behavior when creating the transaction.
Format
Possible values
. The possible values are:
value | Description |
---|---|
PAYMENT | Creating a simple transaction. Default behavior. |
REGISTER_PAY | Creation of an alias (token) of the payment method at the same time as the transaction. Does not allow the creation of an alias associated with an IBAN. |
null | If the value is null or undefined, PAYMENT is applied. |
PAYMENT:
The web service will return a formToken.
This is the default behavior. The call to Charge/CreatePayment creates a transaction without performing any additional operations.
REGISTER_PAY:
The web service will return a formToken.
A payment method token is created simultaneously with the transaction. This token will then allow you to create one-click transactions. The newly created token will be specified in the paymentMethodToken property. For more information, see the article dedicated to Creating and using tokens.
paymentMethodType
Path: paymentForms.paymentMethodType
Payment method type Example: PAYCONIQ
Format
paymentForms.pan
PAN (Primary Account Number) is the primary card number usually consisting of 16 digits.
Format
expiryMonth
Path: paymentForms.expiryMonth
Expiration month in a two-digit format. Example: "09" for September.
Format
expiryYear
Path: paymentForms.expiryYear
Expiration year in a two-digit format. Example: "25" for 2025.
Format
securityCode
Path: paymentForms.securityCode
Card security code.
Its length can vary between 3 or 4 digits depending on the card type.
Format
paymentForms.brand
Card brand.
Format
cardHolderName
Path: paymentForms.cardHolderName
Cardholder's first and last names.
Format
firstInstallmentDelay
Path: paymentForms.firstInstallmentDelay
Number of deferred months to be applied to the first installment of payment in installments. Field specific to acquirers in Latin America.
Format
identityDocumentNumber
Path: paymentForms.identityDocumentNumber
Buyer's ID number.
The format depends on the ID type: between 7 and 13 characters, digits, letters and/or dots.
In Latin America, this parameter may be mandatory for some buyers.
Format
identityDocumentType
Path: paymentForms.identityDocumentType
ID type.
Format
installmentNumber
Path: paymentForms.installmentNumber
Number of installments.
Format
overridePaymentCinematic
Path: paymentForms.overridePaymentCinematic
Allows you to change the capture mode. Specific to Latin American purchasers. This feature is not available in Colombia.
Possible values:
value | Description |
---|---|
IMMEDIATE_CAPTURE | Immediate capture scenario: the capture is triggered by the acquirer on the day of payment. |
DELAYED_CAPTURE | Deferred capture process: the capture is triggered by the payment gateway, always before the authorization request expiry. |
Format
paymentMethodToken
Path: paymentForms.paymentMethodToken
Token associated with a payment method.
Format
taxAmount
Amount of taxes for the entire order expressed in the smallest monetary unit (cent for euro).
Example: 30050 for EUR 300.50.
Format
taxRate
Used by some payment methods in Latin America. Allows you to transmit the tax rate applied to the entire order. The value must be the percentage to apply (21 for 21%).
Format
device.deviceType
Type of device on which the authentication takes place.
Possible values
value | Description |
---|---|
BROWSER | Authentication in a browser. |
Format
device.acceptHeader
Exact content of the Accept HTTP header as it is sent by the Buyer’s browser.
Format
device.userAgent
Exact content of the HTTP "user-agent" header sent by the browser. Must be truncated if the value exceeds 2048 characters.
Obtained from the client’s browser via the “navigator.userAgent” property.
JavaScript code allowing to retrieve the value:
const language = navigator.userAgent;
Format
device.ip
Browser’s IP address as returned in HTTP headers by the client. IPV4 format (e.g.: 1.12.123.255) or IPV6 (e.g.: 2011:0db8:85a3:0101:0101:8a2e:0370:7334). Variable length, maximum 45 characters.
Format
device.javaEnabled
Boolean that represents the browser's capacity to execute Java.The value is the one returned by the “navigator.javaEnabled()” function, it can be true or false.
JavaScript code allowing to retrieve the value:
const javaEnabled = navigator.javaEnabled();
Format
device.language
Obtained from the client browser via the "navigator.language" property.
Examples: “en”, “en-US”, “de”, “fr”, etc.
JavaScript code allowing to retrieve the value:
const language = navigator.language;
Format
device.colorDepth
Value representing the depth of the color palette used to display images, in bits per pixel.
Obtained from the client’s browser via the “screen.colorDepth” property.
JavaScript code allowing to retrieve the value:
const colorDepth = screen.colorDepth;
Format
device.screenHeight
The total height of the client's screen in pixels. The value is the one returned by the "screen.height" property. From 1 to 6 characters.
JavaScript code allowing to retrieve the value:
const screenHeight = screen.height;
Format
device.screenWidth
The total width of the client's screen in pixels. The value is the one returned by the "screen.width" property. From 1 to 6 characters.
JavaScript code allowing to retrieve the value:
const screenWidth = screen.width;
Format
timeZoneOffset
Path: device.timeZoneOffset
Time difference between UTC time and the local time of the client browser, in minutes. Its value is -120 for a user in the UTC+2 time zone and 570 for the UTC-09:30 time zone.
JavaScript code allowing to retrieve the value:
const timeZoneOffset = new Date().getTimezoneOffset();
Format
customer.reference
Buyer ID on the merchant side.
Format
customer.email
Buyer's e-mail address.
- Email structure specifications: RFC-2822
Format
address
Path: customer.billingDetails.address
Billing address.
Warning: the characters > and < are not authorized.
Format
address2
Path: customer.billingDetails.address2
Second line of the billing address.
Warning: the characters > and < are not authorized.
Format
category
Path: customer.billingDetails.category
Buyer type.
Format
Possible values
Values | Description |
---|---|
PRIVATE | Individual buyer type. |
COMPANY | Company buyer type. |
cellPhoneNumber
Path: customer.billingDetails.cellPhoneNumber
Buyer's cell phone number.
Accepts all formats:
Examples:
- 0623456789
- +33623456789
- 0033623456789
- (+34) 824 65 43 21
- 87 77 12 34
Format
city
Path: customer.billingDetails.city
City of the billing address.
Format
country
Path: customer.billingDetails.country
Buyer's country (in uppercase, in accordance with the ISO 3166-1 alpha-2 country codes).
Format
Possible values
Examples of possible values:
Country | Code |
---|---|
AUSTRIA | AT |
BRAZIL | BR |
CORSICA | FR |
IVORY COAST | CI |
FRANCE | FR |
GUADELOUPE | GP |
INDIA | IN |
MARTINIQUE | MQ |
NEW CALEDONIA | NC |
ST-PIERRE-ET-MIQUELON | PM |
FRENCH POLYNESIA | PF |
district
Path: customer.billingDetails.district
District of the billing address.
Format
firstName
Path: customer.billingDetails.firstName
Buyer's first name.
Format
identityCode
Path: customer.billingDetails.identityCode
National identifier. Allows to identify each citizen within a country.
Format
identityType
Path: customer.billingDetails.identityType
ID type.
Format
language
Path: customer.billingDetails.language
Buyer's language code, according to ISO 639-1.
Specify the language in which payment confirmation e-mails are sent.
Format
Possible values
Examples of possible values:
Language | Code |
---|---|
German (Germany) | DE |
English (United Kingdom) | EN |
English (United States) | EN |
Chinese (Traditional) | ZH |
Spanish (Spain) | ES |
Spanish (Chile) | ES |
French (France) | FR |
Italian (Italy) | IT |
Japanese (Japan) | JP |
Dutch (the Netherlands) | NL |
Polish (Poland) | PL |
Portuguese (Brazil) | PT |
Portuguese (Portugal) | PT |
Russian (Russia) | RU |
lastName
Path: customer.billingDetails.lastName
Buyer's last name.
Format
legalName
Path: customer.billingDetails.legalName
Legal name.
Format
phoneNumber
Path: customer.billingDetails.phoneNumber
Buyer's phone number.
Accepts all formats:
Examples:
- 0123456789
- +33123456789
- 0033123456789
- (00.571) 638.14.00
- 40 41 42 42
Format
state
Path: customer.billingDetails.state
Region (state) of the billing address. It is recommended, but not mandatory, to pass the value in ISO-3166-2.
Format
streetNumber
Path: customer.billingDetails.streetNumber
Street number of the billing address.
Accepted characters:
- Alphabetical characters (from "A" to "Z" and from "a" to "z")
- Space
Format
title
Path: customer.billingDetails.title
Buyer's title.
Examples:
- Mr
- Ms.
- Mrs
Format
zipCode
Path: customer.billingDetails.zipCode
Zip code of the billing address.
Format
address
Path: customer.shippingDetails.address
Shipping address.
Warning: the characters > and < are not authorized.
Format
address2
Path: customer.shippingDetails.address2
Second line of the shipping address.
Warning: the characters > and < are not authorized.
Format
category
Path: customer.shippingDetails.category
Buyer type.
Format
Possible values
Values | Description |
---|---|
PRIVATE | Individual buyer type. |
COMPANY | Company buyer type. |
city
Path: customer.shippingDetails.city
Shipping city.
Format
country
Path: customer.shippingDetails.country
Shipping country (in uppercase, in accordance with the ISO 3166-1 alpha-2 country codes).
Format
Possible values
Examples of possible values:
Country | Code |
---|---|
AUSTRIA | AT |
BRAZIL | BR |
CORSICA | FR |
IVORY COAST | CI |
FRANCE | FR |
GUADELOUPE | GP |
INDIA | IN |
MARTINIQUE | MQ |
NEW CALEDONIA | NC |
ST-PIERRE-ET-MIQUELON | PM |
FRENCH POLYNESIA | PF |
deliveryCompanyName
Path: customer.shippingDetails.deliveryCompanyName
Name of the delivery company.
Format
district
Path: customer.shippingDetails.district
District of the billing address.
Format
firstName
Path: customer.shippingDetails.firstName
First name of the recipient.
Format
identityCode
Path: customer.shippingDetails.identityCode
National identifier. Allows to identify each citizen within a country.
Format
lastName
Path: customer.shippingDetails.lastName
Buyer's last name.
Format
legalName
Path: customer.shippingDetails.legalName
Legal name in case of shipping to a company.
Format
phoneNumber
Path: customer.shippingDetails.phoneNumber
Buyer's phone number.
Accepts all formats:
Examples:
- 0123456789
- +33123456789
- 0033123456789
- (00.571) 638.14.00
- 40 41 42 42
Format
shippingMethod
Path: customer.shippingDetails.shippingMethod
Shipping mode.
Format
Possible values
value | Description |
---|---|
RECLAIM_IN_SHOP | Item pickup at the shop. |
RELAY_POINT | Use of a third-party pickup network (Kiala, Alveol, etc.). |
RECLAIM_IN_STATION | Pickup at an airport, a train station or a travel agency. |
PACKAGE_DELIVERY_COMPANY | Shipping by the transporter (Colissimo, UPS, etc.). |
ETICKET | Issue of an electronic ticket, online download of the product. |
CARD_HOLDER_ADDRESS | Delivery to the buyer. Reserved for future use. |
VERIFIED_ADDRESS | Delivery to a verified address.Reserved for future use. |
NOT_VERIFIED_ADDRESS | Delivery to a non-verified address.Reserved for future use. |
SHIP_TO_STORE | In-store pickup.Reserved for future use. |
DIGITAL_GOOD | Digital delivery.Reserved for future use. |
ETRAVEL_OR_ETICKET | E-ticket.Reserved for future use. |
OTHER | Other: Reserved for future use. |
PICKUP_POINT | Pickup point delivery.Reserved for future use. |
AUTOMATED_PICKUP_POINT | Pickup at an automatic pickup point.Reserved for future use. |
shippingSpeed
Path: customer.shippingDetails.shippingSpeed
Shipping delay.
Format
Possible values
Examples of possible values:
value | Description |
---|---|
STANDARD | Standard shipping. |
EXPRESS | Express shipping (in less than 24h). |
PRIORITY | Priority shipping (Click & Collect). |
state
Path: customer.shippingDetails.state
Region of the billing address.
Format
streetNumber
Path: customer.shippingDetails.streetNumber
Street number of the delivery address.
Accepted characters:
- Alphabetical characters (from "A" to "Z" and from "a" to "z")
- Space
Format
zipCode
Path: customer.shippingDetails.zipCode
Zip code of the billing address.
Format
insuranceAmount
Path: customer.shoppingCart.insuranceAmount
Insurance amount for the entire order, expressed in the smallest monetary unit (cent for euro).
Example: 30050 for EUR 300.50.
Format
shippingAmount
Path: customer.shoppingCart.shippingAmount
Amount of delivery fees for the entire order, expressed in its smallest monetary unit (cent for euro).
Example: 30050 for EUR 300.50.
Format
taxAmount
Path: customer.shoppingCart.taxAmount
Amount of taxes for the entire order expressed in the smallest monetary unit (cent for euro).
Example: 30050 for EUR 300.50.
Format
cartItemInfo
Path: customer.shoppingCart.cartItemInfo
cardItemInfo is a list that contains Customer/ShoppingCartItemInfo objects.
It allows you to describe each item in the cart.
Format
productAmount
Path: customer.shoppingCart.cartItemInfo.productAmount
Amount of the product expressed in the smallest currency unit (cent for euro).
Example: 30050 for EUR 300.50.
Format
productLabel
Path: customer.shoppingCart.cartItemInfo.productLabel
Product name.
Format
productQty
Path: customer.shoppingCart.cartItemInfo.productQty
Product quantity.
Format
productRef
Path: customer.shoppingCart.cartItemInfo.productRef
Product reference.
Format
productType
Path: customer.shoppingCart.cartItemInfo.productType
Product type.
Possible values
value | Description |
---|---|
FOOD_AND_GROCERY | Food and grocery |
AUTOMOTIVE | Cars / Moto |
ENTERTAINMENT | Entertainment / Culture |
HOME_AND_GARDEN | Home and gardening |
HOME_APPLIANCE | Household appliances |
AUCTION_AND_GROUP_BUYING | Auctions and group purchasing |
FLOWERS_AND_GIFTS | Flowers and presents |
COMPUTER_AND_SOFTWARE | Computers and software |
HEALTH_AND_BEAUTY | Health and beauty |
SERVICE_FOR_INDIVIDUAL | Services for individuals |
SERVICE_FOR_BUSINESS | Services for companies |
SPORTS | Sports |
CLOTHING_AND_ACCESSORIES | Clothes and accessories |
TRAVEL | Travel |
HOME_AUDIO_PHOTO_VIDEO | Sound, image and video |
TELEPHONY | Telephony |
Format
productVat
Path: customer.shoppingCart.cartItemInfo.productVat
Product type.
Tax fee amount (expressed in the smallest currency unit).
Possible values
value | Description |
---|---|
integer | Transaction amount. Its value must be a positive integer (e.g.: 1234 for 12.34 EUR). |
Decimal number, lower than 100 | Percentage applied to the amount. Examples: 20.0 or 19.6532 |
To display a percentage applied to the payment amount for the product in question, the value should have maximum 4 digits after the decimal point. The decimal separator is mandatory for displaying a percentage. The decimal separator is represented by the "." symbol.
Format
acquirerTransientData
Allows to transmit information specific to certain acquirers.
Use with Conecs
Optional field that allows to transmit the amount of items eligible for payment with the CONECS meal voucher card.
If the field is not transmitted, the whole amount will be considered eligible for payment by meal vouchers, including any delivery fees included in the order amount.
Example for an eligible amount of €17.25:
Example: .
{"CONECS":{"eligibleAmount":"1725"}}
Restrict the accepted BIN codes
To limit the accepted payment cards based on their BIN code, the expected format is:
{"MULTI":{"bins": ["bin1","bin2","bin3"]}}
NB : Supports 6-digit BIN codes or 8-digit BIN codes.
Example: .
code BIN à6 digits: 4012 34XX XXXX XXXX;
code BIN à8 digit: 4000 1234 XXXX XXXX.
Format
contrib
Name of the e-commerce solution used on the merchant website and its version number.
Format
ipnTargetUrl
You can override the Instant Payment Notification (also called IPN) in the payment form in case you use one shop for various sales channels, payment types, languages, etc.
Format
fingerPrintId
This field is used by merchants who implement the risk analyzer in their payment page. Allows you to send the session ID (or fingerPrint Id) to the payment platform to finalize the risk analysis.
The supported analyzers are:
- NOTO
- Cybersource
- MonitorPlus
- ClearSale
Can contain uppercase and lowercase characters, numbers or hyphens ([A-Z] [a-z], 0-9, _, -).
Format
metadata
Custom values linked to the transaction, in JSON format.
Example of a call
For example, to pass a custom value, add the following to your query:
{ "metadata": { "MyValueKey": "1234" } }
This value will be returned in the newly created transaction object.
You can also use the metadata “ orderInfo1 ”, “ orderInfo2 ” and “ orderInfo3 ” to send complementary information about the order.
This data can be found later in the Extra tab of the transaction details via your
Format
merchantPostUrlRefused
Allows to define the URL to which the browser will be redirected after a failed 3D Secure authentication.
Format
merchantPostUrlSuccess
Allows you to set the URL for browser redirection after a successful 3D Secure authentication.
Format
strongAuthentication
strongAuthentication is used to indicate the merchant preference during buyer authentication.
- Without cardholder interaction ( frictionless ).
- With cardholder interaction (strong authentication or challenge ).
- No merchant preference.
Strong authentication is required when registering a card. Use the formAction field with the following values:
- REGISTER_PAY : to make a payment while registering the payment method.
- ASK_REGISTER_PAY : to make a payment and request registration of the payment method.
- CUSTOMER_WALLET : to register the payment method.
In this case, the strongAuthentication field automatically takes the CHALLENGE_MANDATE value.
Use cases | Possible values |
---|---|
CHALLENGE : With cardholder interaction |
|
| |
| |
FRICTIONLESSWithout cardholder interaction “Frictionless 3DS2” option mandatory |
If you do not have the “Frictionless 3DS” option, the choice of preference is delegated to the card issuer (No Preference). If the request for frictionless is accepted, the transaction does not benefit from the liability shift in case of a dispute by the cardholder. |
No merchant preference |
|
|
Table of exemptions (DISABLED value)
exemption | Description |
---|---|
Low value transaction | For payments in EUR, you can requestan exemptionTo strong authentication:
|
LRM (Low Risk Merchant) |
CB's LRM (Low Risk Merchant) program aims to meet the expectations of merchants with very low risk and high volume (120,000 CB transactions / year). Vous pouvez demander une exemption à l'authentification forte : |
Format
useCase
Specify the desired use case.
Possible value
Value to be entered for multiple payment on shipment:
value | Description |
---|---|
SHIPMENT_MULTIPLE_AUTHORISATION | Use case "Payment on shipment multiple authorizations". |
Format
paymentSource
Path: transactionOptions.cardOptions.paymentSource
Payment source.
Format
Possible values
. The possible values are:
value | Description |
---|---|
EC | E-Commerce: the data of the means of payment are entered by the buyer. This value allows a strong authentication during the payment. |
MOTO | MAIL OR TELEPHONE ORDER: entry by an operator.The payment information is sent by mail or e-mail. Requires a VAD contract. |
CC | Call Center: payment made through a call center. Requires a VAD contract. |
OTHER | Other sales channel.Returned output value for payments made via the |
Absent ou null | The default value is "EC". |
mid
Path: transactionOptions.cardOptions.mid
Merchant ID number. If this field is populated, make sure you use the appropriate MID depending on the card scheme.
Format
manualValidation
Path: transactionOptions.cardOptions.manualValidation
Transaction validation mode.
Format
Possible values
. The possible values are:
value | Description |
---|---|
NO | Automatic validation by the payment gateway. |
YES | Manual validation by the Merchant. |
null | Default configuration of the selected shop (configurable in the |
captureDelay
Path: transactionOptions.cardOptions.captureDelay
Delay to be applied to the capture date.
Description
Indicates the delay (in days) before the capture.
If this parameter is not passed, then the default value set in the
It can be set in the
If the capture delay is higher than 365 days in the payment request, it will be automatically reset to 365 days.
Format
firstInstallmentDelay
Path: transactionOptions.cardOptions.firstInstallmentDelay
Number of deferred months to be applied to the first installment of payment in installments. Field specific to acquirers in Latin America.
Format
installmentNumber
Path: transactionOptions.cardOptions.installmentNumber
Number of installments.
Format
retry
Path: transactionOptions.cardOptions.retry
Number of new attempts available in case the payment is rejected (3 by default).
Format
name
Path: authenticationDetails.protocol.name
Name of the protocol used by the cardholder authentication services.
Possible values
value | Description |
---|---|
THREEDS | 3D Secure protocol |
Format
version
Path: authenticationDetails.protocol.version
Version of the protocol used by the cardholder authentication services.
Possible values
value | Description | Compatible protocol |
---|---|---|
2 | must be filled in if the exact version is not known. In this case, the latest version supported in 3D Secure 2 by the payment platform will be considered | ALL |
1.0.2 | Version 1.0.2 | THREEDS |
2.1.0 | Version 2.1.0 | THREEDS |
2.2.0 | Version 2.2.0 | THREEDS |
Format
directoryServer
Path: authenticationDetails.protocol.directoryServer
Name of the DS network where the authentication took place.
Possible values
PROTOCOL NAME | VALUE OF DIRECTORYSERVER | NETWORK NAME |
---|---|---|
THREEDS | AMEX | American Express network (SafeKey) |
CB | Bank Card Network | |
VISA | Visa network | |
ELO | Elo network (Brazil) | |
DINERS | Diners network | |
DISCOVER | Discover network | |
ELO | Reseau Elo |
Format
challengePreference
Path: authenticationDetails.protocol.challengePreference
Indicates whether or not the Merchant has requested a challenge.
Possible values
value | 3DS2 card | |
---|---|---|
NO_PREFERENCE | The choice of preference is delegated to the card issuer. | |
NO_CHALLENGE_REQUESTED | Allows to request an authentication without interaction (frictionless). | |
CHALLENGE_REQUESTED | Allows you to request strong authentication for the transaction. | |
CHALLENGE_MANDATED | Allows to indicate that, for regulatory reasons, strong authentication is required for the transaction. | |
DATA_ONLY | Allows you to request authentication without interaction, processed by the DS instead of the ACS of the issuing bank.The transaction cannot benefit from the liability shiftThe authentication will be disabled if the network does not support this feature. The PCI/Charge/Authenticate service returns an INT_808 error code if the fieldtransactionCategory is not valued atPAYMENT . |
Format
authenticationType
Path: authenticationDetails.authenticationType
Type of authentication that has been applied.
Possible values
value | Description |
---|---|
FRICTIONLESS | Authentication in Frictionless mode, i.e. transparent for the Buyer. |
CHALLENGE | Authentication with a Challenge, the Buyer had to explicitly authenticate him/herself via the ACS. |
DATA_ONLY | Authentication processed by the DS without client interaction |
Format
status
Path: authenticationDetails.status
Authentication status, i.e. the positive/negative outcome of the authentication.
Possible values
value | Description |
---|---|
ATTEMPT | Proof of authentication attempt when authentication is not available. |
ENROLLED_UNAVAILABLE | Unable to assess the enrollment status. |
FAILED | Authentication error |
NOT_ENROLLED | Card not enrolled. |
SUCCESS | Successful authentication. |
UNAVAILABLE | The authentication could not be completed (technical error, etc.). |
DISABLED | Disabled authentication. The exemption field becomes mandatory. |
Format
commerceIndicator
Path: authenticationDetails.commerceIndicator
Commerce Indicator, or ECI (Electronic Commerce Indicator) for the 3DS protocol. Indicator returned by the ACS to report the results of cardholder’s authentication attempt.
In case of authentication without payment (e.g. in case of card registration) MasterCard can return the following 2 values:
value | Description |
---|---|
N0 | Not authenticated |
N2 | Authenticated |
Format
authenticationValue
Path: authenticationDetails.authenticationValue
Final authentication value (depending on the DS this value can be called CAVV, AEVV or AAV). Character string encoded in base64 with a size of 28 characters.
Format
dsScore
Path: authenticationDetails.dsScore
Score de l'authentification spécifié par le DS, uniquement pour le réseau CB. Voir : Guide d'intégration.
Format
authValueAlgorithm
Path: authenticationDetails.authValueAlgorithm
Algorithme utilisé pour calculer le champ authenticationValue. Ce champ concerne uniquement le réseau CB. Voir : Guide d'intégration.
Format
requestorName
Path: authenticationDetails.requestorName
RequestorName utilisé lors de l'authentification initiale. En général ce champ correspond au nom du marchand. Ce champ concerne uniquement le réseau CB. Voir : Guide d'intégration.
Format
dsTransID
Path: authenticationDetails.dsTransID
DS transaction ID.
Format
acsTransID
Path: authenticationDetails.acsTransID
Identifiant de transaction de l'ACS. Ce champ concerne uniquement le réseau CB. Voir : Guide d'intégration
Format
xid
Path: authenticationDetails.xid
Unique transaction ID.
Format
exemption
Path: authenticationDetails.exemption
Indicates the reason for the lack of strong authentication (Required in case of DISABLED status, or in case of FRICTIONLESS authentication).
Possible values
Values | Description |
---|---|
LOW_VALUE | Low value transaction (e.g.: amount less than 30€ in Europe) |
ACQUIRER_TRA | Prior risk analysis carried out by the buyer |
ISSUER_TRA | Prior risk analysis carried out by the issuer |
LOW_RISK_MERCHANT | Merchant enrolled in the LOW RISK MERCHANT CB program |
OUT_OF_SCOPE | Authentication not required as it is outside the RTS SCA scope |
DELEGATED_SCA | Strong authentication delegated to a third party. |
FIXED_RECURRING_PAYMENT | Recurring payment with a fixed amount and term |
TRUSTED_BENEFICIARY | Trusted beneficiary |
AUTOMATIC_PAYMENT_MACHINES | Payment terminal |
CORPORATE | Secure payment procedure for companies |
OTHER_EXEMPTION | Other use cases exempt from authentication |
TECHNICAL_ERROR | Technical problem rendering authentication impossible |
Format
challengeCancelationIndicator
Path: authenticationDetails.challengeCancelationIndicator
Challenge cancellation indicator received in the RReq. (Value returned by the DS in case of authentication cancellation).
Format
transactionStatusReason
Path: authenticationDetails.transactionStatusReason
Indicates the reason for the authentication failure. (Value returned by the DS in case of authentication failure).
Format
name
Path: instructionResult.name
Instruction name.
Possible values
value | Description |
---|---|
CHALLENGE | Challenge Instruction that allows interactive user authentication via the ACS. |
FINGERPRINT | Fingerprint Instruction that allows to identify the user via the ACS. |
Format
value
Path: instructionResult.value
Result as a JWT string, or a plain text error code in case of an error (timeout
for example).
Format
challengePreference
Path: instructionResult.protocol.challengePreference
Indicates whether or not the Merchant has requested a challenge.
Possible values
value | 3DS2 card | |
---|---|---|
NO_PREFERENCE | The choice of preference is delegated to the card issuer. | |
NO_CHALLENGE_REQUESTED | Allows to request an authentication without interaction (frictionless). | |
CHALLENGE_REQUESTED | Allows you to request strong authentication for the transaction. | |
CHALLENGE_MANDATED | Allows to indicate that, for regulatory reasons, strong authentication is required for the transaction. | |
DATA_ONLY | Allows you to request authentication without interaction, processed by the DS instead of the ACS of the issuing bank.The transaction cannot benefit from the liability shiftThe authentication will be disabled if the network does not support this feature. The PCI/Charge/Authenticate service returns an INT_808 error code if the fieldtransactionCategory is not valued atPAYMENT . |
Format
name
Path: instructionResult.protocol.name
Name of the protocol used by the cardholder authentication services.
Possible values
value | Description |
---|---|
THREEDS | 3D Secure protocol |
Format
network
Path: instructionResult.protocol.network
Network where the payment method was authenticated.
This field is obligatoire for the management of the timeout on the 3ds method, when the instructionResult.value field is set to TIMEOUT.
Currently supported networks
value |
---|
CB |
VISA |
MASTERCARD |
AMEX_SAFEKEY |
PROTECTBUY |
Format
simulation
Path: instructionResult.protocol.simulation
Boolean that indicates if the authentication must be done in simulation mode. If you set this mandatory field to:
true
, you activate the simulation mode.false
, you do not enable the simulation mode.
This mode allows you to perform a merchant integration without being in production mode, and without using real cards.
Format
version
Path: instructionResult.protocol.version
Version of the protocol used by the cardholder authentication services.
Currently supported versions
value | Description |
---|---|
1.0.2 | Version 1.0.2 |
2.1.0 | Version 2.1.0 |
2.2.0 | Version 2.2.0 |
Format
operationSessionId
Unique identifier for the authentication session.
Format
companyType
Path: subMerchantDetails.companyType
Company type of the sub-merchant.Transmitted by the payment facilitator.
Different rules may apply depending on the acquirer. This field is often used for specifying the type of Legal Number
of the buyer.
Format
legalNumber
Path: subMerchantDetails.legalNumber
Legal number of sub-merchant according to field companyType
. Transmitted by the payment facilitator.
Format
name
Path: subMerchantDetails.name
Business name of the sub-merchant.Transmitted by the payment facilitator.
Format
url
Path: subMerchantDetails.url
URL of the sub-merchant.Transmitted by the payment facilitator.
Format
phoneNumber
Path: subMerchantDetails.phoneNumber
Telephone number of the sub-merchant.Transmitted by the payment facilitator.
Format
address1
Path: subMerchantDetails.address1
Address of the sub-merchant.Transmitted by the payment facilitator.
Format
address2
Path: subMerchantDetails.address2
Addition of the sub-merchant's address. Transmitted by the payment facilitator.
Format
zip
Path: subMerchantDetails.zip
Zip code of the sub-merchant.Transmitted by the payment facilitator.
Format
city
Path: subMerchantDetails.city
City of the sub-merchant.Transmitted by the payment facilitator.
Format
country
Path: subMerchantDetails.country
Country code of the sub-merchant address (ISO 3166 alpha-2 standard). Transmitted by the payment facilitator.
Format
mcc
Path: subMerchantDetails.mcc
MCC code of the sub-merchant.Transmitted by the payment facilitator.
Format
mid
Path: subMerchantDetails.mid
Contract number (MID) of the sub-merchant.Transmitted by the payment facilitator.
Format
softDescriptor
Path: subMerchantDetails.softDescriptor
Label (Soft-descriptor) of the sub-merchant that appears on the buyer's bank statement. Transmitted by the payment facilitator.
Format
state
Path: subMerchantDetails.state
Region of the sub-merchant's address. Transmitted by the payment facilitator.
Format
facilitatorId
Path: subMerchantDetails.facilitatorId
Payment Facilitator ID. Transmitted by the payment facilitator.
Format
Response reference
Several responses are possible, depending on the context:
Response | Context |
---|---|
Payment | Object containing the generated transaction. This object is directly returned during a single payment by token. |
AuthenticationResponseData | Object returned if 3DS authentication is required. |
See response references for more information.