WL SIPS DOCS

No, it is not possible to deactivate the 3-D Secure authentication, you would no longer be compliant with the PSD2 regulation which imposes strong customer authentication, and you would expose yourself to authorisation refusals (called “Soft Decline”, field acquirerResponseCode set to A1) for unauthenticated transactions from the issuer.

However, in order to improve the user experience of your customer during the payment process, you can request an exemption (see Strong authentication exemptions).

The holderAuthentStatus field gives the result of the 3D-Secure authentication. The main values are :

• SUCCESS : successful carrier authentication
• FAILURE : carrier authentication failed
• ERROR : technical problem during authentication
• CANCEL : the holder has abandoned during authentication
• ATTEMPT : the holder did not have to authenticate himself These fields are visible in the automatic response, in the transaction logs (from version TAB20_V3) and via the Sips Office Extranet.

14 October 2022 for Mastercard and 15 October for Visa.

Duplicates are not subject to strong authentication because the cardholder is not present. However, they must be chained to an “original” CIT, using a chaining identifier (or grouping identifier) to comply with PSD2 (see MIT/CIT chaining). If you do not, you may be refused permission.

You risk refusal of authorisation from the issuer.

No, recurring transactions, even when chained, do not benefit from the payment guarantee. Exception for a recurring transaction of the multiple payment on delivery type on the CB network respecting specific criteria (see Calculation of the transfer of responsibility for a MIT).

If your risk analysis shows that the risk of fraud is low enough to require frictionless authentication, then to take advantage of this feature, you should ask your acquirer for authorisation, who will tell you how to use this exemption (maximum amount, rules to be applied in the event of changes over time, etc.), and ask your usual contact to activate the “Acquirer’s TRA” option on your shop. In your payment request, value the fraudData.challengeMode3DS field with the value NO_CHALLENGE_TRA_ACQ.

If the first transaction (the CIT) does not have an STI, then it must be duplicated without chaining (thus without valuing the initialSchemeTransactionIdentifier field, then use the STI that will be recovered in this duplication to perform the chaining of the next MITs (see Unknown STI).

The authentAmount field is the amount to be authenticated, which may be different from the amount to be authorised. It is used either in the case of multiple payment on delivery or in the case of payment in instalments and must be valued with the total amount of the order (see Multiple payment on delivery ou Payment in instalments) ; either in the case of subscription payment via duplication or via Wallet and must be valued with the average amount of the subscription (see Subscription payment via duplication ou Subscription payment via wallet).

No. 3-D Secure exists in the so-called INTERNET mode, where the cardholder is present. The MOTO mode is a mode where the cardholder is not present and therefore 3-D Secure does not apply. It is not possible to switch from one mode to the other. You are either in MOTO mode without 3-D Secure or in INTERNET mode with 3-D Secure.

At present, there is no validity period for the chain identifier. It will no longer be valid when the validity date of the card is exceeded. A new CIT will then have to be generated with the new card/validity date to obtain a new chain identifier to be used for future MIT transactions.

As with INTERNET transactions, MOTO transactions each have a transaction identifier (STI) which must then be communicated in the MIT to ensure chaining.