Using your Results
Once you have completed the 3DS2 authentication process, you should have enough data from either the Authentication Response or the GetResult Response to decide whether to proceed to Authorisation (EftRequest). The below table provides guidance on which TransactionStatus codes can lead to Authorisation requests being attempted compliant with the Strong Customer Authentication mandate.
| Status Code | Description | Guidance |
| Y | Authentication Verification Successful. | Proceed to Eft Request. |
| N | Not Authenticated/Account Not Verified; Transaction denied. | Do not proceed; Reject Transaction Attempt. |
| U | Authentication/Account Verification Could Not Be Performed; Technical or other problem, as indicated in ARes or RReq. | Do not proceed; Reject Transaction Attempt. SCA Exemption could apply. |
| A | Attempts Processing Performed; Not Authenticated/Verified, but a proof of attempted authentication/verification is provided. | Proceed to Eft Request. |
| R | Authentication/Account Verification Rejected; Issuer is rejecting authentication/verification and request that authorisation not be attempted. | Do not proceed; Reject Transaction Attempt. SCA Exemption could apply. |
Some merchants may be considered exempt from the SCA requirements, and can proceed to EftRequest in additional statuses. This is done at their own risk, and the issuer is still free to decline the EftRequest.
Gateway EftRequest fields
Below are the fields you will need to retain for the EftRequest.
| Field Name (in Eft Request) | Field Name (in 3DS2 Response) | State | Description | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Ats | AtsData | Conditional | Additional Transaction Security (ATS) data. Returned only if fallback to V1 has occurred. | ||||||||||||||||
| Cavv | AuthenticationValue | Mandatory | Cardholder Authentication Verification Value (CAVV) - a 28-byte base64 encoded value | ||||||||||||||||
| DSTransactionId | DSTransactionId | Mandatory | Universally unique transaction identifier assigned by the Directory Server to identify a single transaction. | ||||||||||||||||
| Eci | AuthenticationEci | Mandatory | Electronic Commerce Indicator (ECI) - consists of two digits | ||||||||||||||||
| Status | TransactionStatus | Mandatory | The result of the payer authentication checks.
|
Fallback to V1
If fallback to V1 occurs, then additional data will be provided as per the existing Gateway Documentation. This is documented extensively in the PDF document.