PayShield - 3D Secure2+

3DS Response

3DS response fields and their values/meanings

This section provides an overview of the 3DS response fields and their associated values/meanings.

There is also a translation of the TxShield response to 3DS1 naming conventions (TxShield response matches naming conventions of 3DS2).

Example Response

{
  threeDSIntegratorOid: 'string',
  threeDSRequestorOrderID: 'string',
  threeDSRequestorData: 'string',
  threeDSRequestorID: 'string',
  threeDSServerTransID: 'string',
  shieldReference: 'string',
  acsTransID: 'string',
  dsTransID: 'string',
  transStatus: 'string',
  transStatusReason: 'string',
  authenticationValue: 'string',
  authenticationAlgorithm: 'string',
  eci: 'string',
  version: 'string',
  errCode: 'string',
  errMsg: 'string'
}

transStatus

The values in the transStatus field along with the eci field indicate whether a liability shift has occurred. If the value is Y, U, A you can attempt the authorisation (payment) transaction. If the value is N, C, R we recommend not attempting the authorisation transaction, however, it is at the merchant's discretion if they wish to proceed.

Only a status of Y guarantees a full liability shift.

A transStatus of C should only be returned by the 3DS SDK if challenges are turned off. This turns the 3DS SDK into a frictionless workflow. If you receive a transStatus of C the frictionless transaction has not been authenticated. The ACS server (the card issuer) requested the Challenge workflow, and in a forced frictionless scenario this means the authentication has failed. You should not proceed to payment. The 3DS SDK returns the transStatus of C so that the merchant can keep statistics and track how many potential authentications failed because the ACS requested a challenge. You can use this information to make a more informed decision as to whether you turn challenges on, or keep them turned off.

transStatus ValueDescriptionContinue to Payment

Y

Authentication successful

Y

N

Not authenticated, transaction denied

N

U

Authentication/account verification could not be performed

Y

A

Not authenticated, but a proof of attempted authentication is provided

Y

C

Challenge required; additional authentication is required. Only returned if challenge disabled (frictionless)

N

R

Authentication rejected; issuer is rejecting authentication and requesting authorisation not be attempted.

N

transStatusReason

The values in the transStatusReason field can be mapped to the below meanings. The full text should already be in the msg field in the response data so you don't need to map this yourself.

transStatusReason ValueMeaning

01

Card authentication failed

02

Unknown Device

03

Unsupported Device

04

Exceeds authentication frequency limit

05

Expired card

06

Invalid card number

07

Invalid transaction

08

No card record

09

Security failure

10

Stolen card

11

Suspected fraud

12

Transaction not permitted to cardholder

13

Cardholder not enrolled in service

14

Transaction timed out at the ACS

15

Low confidence

16

Medium confidence

17

High confidence

18

Very High confidence

19

Exceeds ACS maximum challenges

20

Non-Payment transaction not supported

21

3RI transaction not supported

TxShield (3DS2) fields to 3DS1 translation

TxShield Field (3DS2)3DS1 NameDescription

acsTransId

-

ACS servers reference

authenticationValue

cavv

-

dsTransId

xid

Director servers reference

eci

eci

Ecommer Indiciator

protocolVersion

-

-

transStatus

transStatus / status

Depends on the processor as to which they use.

authenticationAlgorithm

authenticationAlgorithm

Alorithm Identifier. 3DS1 Only

Previous3DS SDK OptionsNext3DS DOM elements

Last updated