Verifone · Schema
LookupResponse
LookupResponse from 3D Secure API
PaymentsPOSTerminal ManagementeCommerceFinTechPayment ProcessingOmnichannel
Properties
| Name | Type | Description |
|---|---|---|
| acs_rendering_type | string | Identifies the UI Type the ACS will use to complete the challenge. NOTE: Only available for App transactions using the Cardinal Mobile SDK and is optional for an Issuer to return. |
| acs_transaction_id | string | Unique transaction identifier assigned by the ACS to identify a single transaction. |
| acs_url | string | The fully qualified URL to redirect the Consumer to complete the Consumer Authentication transaction. NOTE: Available if Enrolled = Y |
| authentication_id | string | Authentication ID for completing the 3D Secure flow. To complete the transaction, the value is required to be passed on the Authenticate message to link the Lookup and Authenticate message together. |
| authentication_type | string | Indicates the type of authentication that will be used to challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out of Band) |
| authorization_payload | string | The Base64 encoded JSON Payload of CB specific Authorization Values returned in the Frictionless Flow. |
| cardholder_info | string | Additional text provided by the Issuing Bank to the Cardholder during a Frictionless transaction and was not authenticated by the ACS. The Issuing Bank can optionally support this value. |
| cavv | string | Cardholder Authentication Verification Value (CAVV). This value should be appended to the authorization message signifying that the transaction has been successfully authenticated. It will be encoded |
| cavv_algorithm | string | Indicates the algorithm used to generate the CAVV value. Possible Values: 2 - CVV with ATN 3 - Mastercard SPA algorithm |
| challenge_required | string | Indicates whether a challenge is required to complete authentication. For example, regional mandates. Possible Values: Y - Challenge Required N - Challenge Not Required |
| card_brand | string | Card Brand |
| ds_transaction_id | string | Unique transaction identifier assigned by the Directory Server (DS) to identify a single transaction. NOTE: Required for Mastercard Identity Check transaction in Authorization - Only available in EMV |
| eci_flag | string | Electronic Commerce Indicator (ECI). The ECI value is part of the 2 data elements that indicate the transaction was processed electronically. This should be passed on the authorization transaction to |
| enrolled | string | Status of Authentication eligibility. Possible Values: Y - Yes, Bank is participating in 3D Secure protocol and will return the ACSUrl N - No, Bank is not participating in 3D Secure protocol U - Unava |
| error_desc | string | Application error description for the associated error number(s). NOTE: Multiple error descriptions are separated by a comma. |
| error_no | string | Application error number(s). A non-zero value represents the error encountered while attempting to process the message request. NOTE: Multiple error numbers are separated by a comma. |
| network_score | string | The global score calculated by the CB Scoring platform.. |
| order_id | string | 3DS server generated order identifier. Used to link multiple actions on a single order to a single identifier. Mod-10 compliant and unique BIN range to 3DS services. |
| pares_status | string | Transactions status result identifier. Possible Values: Y - Successful Authentication N - Failed Authentication U - Unable to Complete Authentication A - Successful Attempts Transaction C - Challenge |
| payload | string | The encoded payment request generated by Centinel. NOTE: Available if Enrolled = Y |
| reason_code | string | The error code indicating a problem with this transaction. |
| reason_desc | string | Text and additional detail about the error for this transaction. NOTE: This field concatenates the errorDescription and errorDetail from the authentication response message |
| signature_verification | string | Transaction Signature status identifier. Possible Values: Y - Indicates that the signature of the PARes has been validated successfully and the message contents can be trusted. N - Indicates that the |
| status_reason | string | Provides additional information as to why the PAResStatus has the specific value. NOTE: Required for Payment (e.g. Authentication Indicator equals 01 on Lookup Request) transactions when PAResStatus i |
| third_party_token | string | Third Party Token that is returned from the token provider after a card number is specified on the request. NOTE: This field is returned if Tokenization is enabled in the Merchant profile setting AND |
| threeds_version | string | This field contains the 3DS version that was used to process the transaction. Possible Values: 1.0.2 2.1.0 NOTE: Required for Mastercard Identity Check transactions in Authorization |
| token | string | Server generated order identifier. NOTE: This field is returned if Tokenization is enabled in the Merchant profile settings. |
| transaction_id | string | To complete the transaction, the value is required to be passed on the Cardinal.Continue(). |
| xid | string | Third Party Token that is returned from the token provider after a card number is specified on the request. NOTE: This field is returned if Tokenization is enabled in the Merchant profile setting AND |
JSON Schema
{
"$schema": "http://json-schema.org/draft-07/schema#",
"$id": "https://raw.githubusercontent.com/api-evangelist/verifone/refs/heads/main/json-schema/3ds-authentication-api-lookupresponse.json",
"title": "LookupResponse",
"description": "LookupResponse from 3D Secure API",
"type": "object",
"properties": {
"acs_rendering_type": {
"type": "string",
"description": "Identifies the UI Type the ACS will use to complete the challenge. NOTE: Only available for App transactions using the Cardinal Mobile SDK and is optional for an Issuer to return."
},
"acs_transaction_id": {
"type": "string",
"description": "Unique transaction identifier assigned by the ACS to identify a single transaction."
},
"acs_url": {
"type": "string",
"description": "The fully qualified URL to redirect the Consumer to complete the Consumer Authentication transaction. NOTE: Available if Enrolled = Y"
},
"authentication_id": {
"type": "string",
"description": "Authentication ID for completing the 3D Secure flow. To complete the transaction, the value is required to be passed on the Authenticate message to link the Lookup and Authenticate message together."
},
"authentication_type": {
"type": "string",
"description": "Indicates the type of authentication that will be used to challenge the card holder. Possible Values: 01 - Static 02 - Dynamic 03 - OOB (Out of Band)"
},
"authorization_payload": {
"pattern": "^(?:[A-Za-z0-9+\\/]{2}[A-Za-z0-9+\\/]{2})*(?:[A-Za-z0-9+\\/]{2}==|[A-Za-z0-9+\\/]{3}=)?$",
"type": "string",
"description": "The Base64 encoded JSON Payload of CB specific Authorization Values returned in the Frictionless Flow."
},
"cardholder_info": {
"type": "string",
"description": "Additional text provided by the Issuing Bank to the Cardholder during a Frictionless transaction and was not authenticated by the ACS. The Issuing Bank can optionally support this value."
},
"cavv": {
"type": "string",
"description": "Cardholder Authentication Verification Value (CAVV). This value should be appended to the authorization message signifying that the transaction has been successfully authenticated. It will be encoded according to the Merchant's configuration in either Base64 encoding or Hex encoding. A Base64 encoding Merchant configuration will produce values of 28 or 32 characters. A Hex encoding Merchant configuration will produce values of 40 or 48 characters. The value when decoded will either be 20 bytes for CAVV."
},
"cavv_algorithm": {
"type": "string",
"description": "Indicates the algorithm used to generate the CAVV value. Possible Values: \n 2 - CVV with ATN 3 - Mastercard SPA algorithm"
},
"challenge_required": {
"type": "string",
"description": "Indicates whether a challenge is required to complete authentication. For example, regional mandates. Possible Values: Y - Challenge Required N - Challenge Not Required"
},
"card_brand": {
"type": "string",
"description": "Card Brand"
},
"ds_transaction_id": {
"type": "string",
"description": "Unique transaction identifier assigned by the Directory Server (DS) to identify a single transaction. NOTE: Required for Mastercard Identity Check transaction in Authorization - Only available in EMV 3DS (3DS 2.0) transactions"
},
"eci_flag": {
"type": "string",
"description": "Electronic Commerce Indicator (ECI). The ECI value is part of the 2 data elements that indicate the transaction was processed electronically. This should be passed on the authorization transaction to the Gateway/Processor. Possible Values: 02 or 05 - Fully Authenticated Transaction 01 or 06 - Attempted Authentication Transaction 00 or 07 - Non 3D Secure Transaction Mastercard - 02, 01, 00 VISA - 05, 06, 07 AMEX - 05, 06, 07 JCB - 05, 06, 07 DINERS CLUB - 05, 06, 07 NOTE: 3DS 2.0 field"
},
"enrolled": {
"type": "string",
"description": "Status of Authentication eligibility. \n Possible Values: \n Y - Yes, Bank is participating in 3D Secure protocol and will return the ACSUrl \n N - No, Bank is not participating in 3D Secure protocol \n U - Unavailable, The DS or ACS is not available for authentication at the time of the request \n B - Bypass, Merchant authentication rule is triggered to bypass authentication in this use case \n NOTE: If the Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication."
},
"error_desc": {
"type": "string",
"description": "Application error description for the associated error number(s). NOTE: Multiple error descriptions are separated by a comma."
},
"error_no": {
"type": "string",
"description": "Application error number(s). A non-zero value represents the error encountered while attempting to process the message request. NOTE: Multiple error numbers are separated by a comma."
},
"network_score": {
"maxLength": 2,
"type": "string",
"description": "The global score calculated by the CB Scoring platform.."
},
"order_id": {
"type": "string",
"description": "3DS server generated order identifier. Used to link multiple actions on a single order to a single identifier. Mod-10 compliant and unique BIN range to 3DS services."
},
"pares_status": {
"type": "string",
"description": "Transactions status result identifier. Possible Values: Y - Successful Authentication N - Failed Authentication U - Unable to Complete Authentication A - Successful Attempts Transaction C - Challenge Required for Authentication R - Authentication Rejected (Merchant must not submit for authorization) NOTE: Statuses of C and R only apply to Consumer Authentication 2.0.,"
},
"payload": {
"type": "string",
"description": "The encoded payment request generated by Centinel. NOTE: Available if Enrolled = Y"
},
"reason_code": {
"type": "string",
"description": "The error code indicating a problem with this transaction."
},
"reason_desc": {
"type": "string",
"description": "Text and additional detail about the error for this transaction. NOTE: This field concatenates the errorDescription and errorDetail from the authentication response message"
},
"signature_verification": {
"type": "string",
"description": "Transaction Signature status identifier. Possible Values: Y - Indicates that the signature of the PARes has been validated successfully and the message contents can be trusted. N - Indicates that the PARes could not be validated. This result could be for a variety of reasons; tampering, certificate expiration, etc., and the result should not be trusted."
},
"status_reason": {
"type": "string",
"description": "Provides additional information as to why the PAResStatus has the specific value. NOTE: Required for Payment (e.g. Authentication Indicator equals 01 on Lookup Request) transactions when PAResStatus is equal to N, U, or R in the Lookup Response"
},
"third_party_token": {
"type": "string",
"description": "Third Party Token that is returned from the token provider after a card number is specified on the request. NOTE: This field is returned if Tokenization is enabled in the Merchant profile setting AND the Merchant is using a third party token provider."
},
"threeds_version": {
"type": "string",
"description": "This field contains the 3DS version that was used to process the transaction. \n Possible Values: \n 1.0.2 \n 2.1.0 \n NOTE: Required for Mastercard Identity Check transactions in Authorization"
},
"token": {
"type": "string",
"description": "Server generated order identifier. NOTE: This field is returned if Tokenization is enabled in the Merchant profile settings."
},
"transaction_id": {
"type": "string",
"description": "To complete the transaction, the value is required to be passed on the Cardinal.Continue()."
},
"xid": {
"type": "string",
"description": "Third Party Token that is returned from the token provider after a card number is specified on the request. NOTE: This field is returned if Tokenization is enabled in the Merchant profile setting AND the Merchant is using a third party token provider."
}
}
}