Content

Challenge, Frictionless and Responsibility

For transactions subject to 3DS authentication, the merchant can send a preference as to authentication type : threeDSInfo.challengeInd parameter in doWebPayment and verifyEnrollment.

In any case, the authentification server decide.
According to bank card regulations, liability in fraud event depends on preference expressed by the merchant and authentication required by authentification server (ACS).

The matrix below defines the person responsible in fraud event for different combinations :

		No choice	No challenge	Challenge
		Merchant preference
Authentication server	No challenge	Issuer	Acquier	Issuer
Authentication server	Challenge	Issuer	Issuer	Issuer

Data related to authentication server risk analysis

The authentication server risk analysis is based on information provided by merchant in doWebPayment and verifyEnrollment.

The merchant who wishes to obtain frictionless must do their best to provide the information requested by authentication server.

No data is mandatory.

This information is distributed in Payline interface objects :

card ;
order ;
buyer ;
threedsInfo
Web service settings

These objects are formally described in web services API.

Object Card..

Object and tag

Indication

Recommended

CB

card.cardholder

Cardholder on the payment card

X

Object order..

Object and tag	Indication	Recommended CB
order.details.deliveryTime	Specifies the shipping frequency (same day, next day, etc.).	X
order.details.deliveryMode	Indicates the delivery method (home delivery, collection at a relay point, etc.).	X
order.details.deliveryExpectedDate	Indicates the expected delivery date.	X
order.details.deliveryExpectedDelay	Indicates the expected duration of the expedition.	X
order.details.deliveryCharge	Shipping cost.
orderExtended.giftCardAmount	If the payment is realized with a gift card then indicate the amount paid.
orderExtended.giftCardCount	If the payment is realized with a gift card then indicate the number of cards used.
order.orderExtended	ReorderIndicator JSON key. Specifies whether it is the renewal of a purchase already made.	X

Object buyer...

Object and tag	Indication	Recommended CB
buyer.lastName	Buyer's name.
buyer.firstName	Buyer's first name.
buyer.mobilePhone	Buyer's mobile phone number.	X
buyer.email	Highly recommended (for CB scoring).
buyer.shippingAdress.addressCreateDate	Creation date of the delivery address.	X
buyer.shippingAdress.firstName	Delivery's first name.
buyer.shippingAdress.lastName	Delivery's name.	X
buyer.shippingAdress.street1	Street delivery address.	X
buyer.shippingAdress.street2	Complement street delivery address.	X
buyer.shippingAdress.cityName	City delivery address.	X
buyer.shippingAdress.zipCode	Postal code delivery address.	X
buyer.shippingAdress.country	Country delivery address.	X
buyer.shippingAdress.email	Delivery email.	X
buyer.billingAddress.street1	Billing address street.	X
buyer.billingAddress.street2	Street supplement to the billing address	X
buyer.billingAddress.cityName	Billing address city	X
buyer.billingAddress.zipCode	Postal code of billing address	X
buyer.billingAddress.country	Country of billing address	X
buyer.billingAddress.phone	Home phone number	X
buyer.ip	Required for a buyer on a web browser	Mandatory if connection via web browser
buyer.merchantAuthentication.method	Buyer authentication method by merchant	X
buyer.merchantAuthentication.date	Date and time of the buyer's connection to the merchant account	X
buyer.accountCreateDate	Creation date of the buyer's account	X
buyer.buyerExtended.buyerExtendedHistory	Strongly recommended. Recommendation valid for all fields of the structure orderCount6Months: Number of purchases during the last 6 months; provisionAttemptsDay: Number of attempts to add card in the last 24 hours; transactionCountDay: Number of attempted purchases in the last 24 hours; suspiciousActivity: The merchant indicates if he had any doubt about the activity of this account, fraudulent or fraudulent account, etc ...;	X

Object three3dsInfo..

Object and tag	Indication	Recommended CB
challengeInd	Optional: indicates the merchant's preference for cardholder authentication
threeDSReqPriorAuthData	For future use
threeDSReqPriorAuthMethod	3DS authentication method of the previous payment.	X
threeDSReqPriorAuthTimestamp	Date and time of the previous payment.	X
browser	Required if payment is initiated from a web browser.
sdk	Required if payment is initiated from a mobile app.

Web service verifyEnrollment ou doWebPayment...

Object and tag

Indication

Recommended

CB

merchantScore

Transaction score calculated by the merchant using their own tools

X

We give you examples of valuation below.

Objet Order

  <ns1:order>														
    <ns2:ref>47960539</ns2:ref>
    <ns2:origin xsi:nil="true"/>
    <ns2:country>FR</ns2:country>
    <ns2:taxes xsi:nil="true"/>
    <ns2:amount>16230</ns2:amount>
    <ns2:currency>978</ns2:currency>
    <ns2:date>27/01/2019 11:01</ns2:date>
		
    <ns2:details>
      <ns2:details>
        <ns2:ref>93813</ns2:ref>
        <ns2:price>6870</ns2:price>
        <ns2:comment>205/55R16 94 V</ns2:comment>
        <ns2:category>PNEU voiture Tourisme 4saisons</ns2:category>
        <ns2:brand>Hankook</ns2:brand>
        <ns2:subcategory1>tire</ns2:subcategory1>
        <ns2:subcategory2>KINERGY 4S H740</ns2:subcategory2>
        <ns2:additionalData xsi:nil="true"/>
        <ns2:taxRate xsi:nil="true"/>
      </ns2:details>
    </ns2:details>
    <ns2:deliveryTime>6</ns2:deliveryTime>							<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
    <ns2:deliveryMode>7</ns2:deliveryMode>							<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
    <ns2:deliveryExpectedDate xsi:nil="true"/>						<!-- Si pre-commande indiquer la date de livraison prévue	-->
																	<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
    <ns2:deliveryExpectedDelay xsi:nil="true"/>
    <ns2:deliveryCharge>2490</ns2:deliveryCharge>
    <ns2:orderExtended>
           {
               "deliveryProvider": "deliveryProvider",
               "riskLevel": "3",
               "giftCardAmount": "4000",
               "giftCardCurrency": "978",
               "giftCardCount": "2",
               "reorderIndicator": "01"
           }
    </ns2:orderExtended>
 </ns1:order>

Objet Buyer

  <ns1:buyer>
    <ns2:title>4</ns2:title>
    <ns2:lastName>Dupont</ns2:lastName>								<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
    <ns2:firstName>Jean</ns2:firstName>								<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
    <ns2:email>jean.dupont@monext.net</ns2:email>					<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
    <ns2:shippingAdress>											<!-- Adresse postale si livraison à domicile dans un point relais ou dans un point de vente -->
      <ns2:title>4</ns2:title>										<!-- Adresse email si bien dématérialisé envoyé par courrier électronique -->
      <ns2:name xsi:nil="true"/>
	  <ns2:createDate>05/11/2011</ns2:createDate>					<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
      <ns2:firstName>Jean</ns2:firstName>							<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
      <ns2:lastName>Dupont</ns2:lastName>							<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
      <ns2:street1>260, rue Claude Nicolas Ledoux</ns2:street1>		<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
      <ns2:street2>CS 60507</ns2:street2>							<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
      <ns2:cityName>Aix-en-Provence cedex 3</ns2:cityName>			<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
      <ns2:zipCode>13593</ns2:zipCode>								<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
      <ns2:country>FR</ns2:country> 								<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
	  <ns2:email></ns2:email> 										<!-- Si livraison du produit par email -->
      <ns2:phone>0442251515</ns2:phone>
      <ns2:state>13</ns2:state>
      <ns2:county xsi:nil="true"/>
      <ns2:phoneType xsi:nil="true"/>
    </ns2:shippingAdress>
    <ns2:billingAddress>
      <ns2:title>4</ns2:title>
      <ns2:name xsi:nil="true"/>
      <ns2:firstName>Jean</ns2:firstName>
      <ns2:lastName>Dupont</ns2:lastName>
      <ns2:street1>260, rue Claude Nicolas Ledoux</ns2:street1>			<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
      <ns2:street2>CS 60507</ns2:street2>								<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
      <ns2:cityName>Aix-en-Provence cedex 3</ns2:cityName>				<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
      <ns2:zipCode>13593</ns2:zipCode>									<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
      <ns2:country>FR</ns2:country>										<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) -->
      <ns2:phone>0442251515</ns2:phone>									<!-- Fortement recommande pour favoriser le frictionless (pour scoring CB) --> 
																		<!-- Numéro de téléphone du domicile	-->
      <ns2:state>13</ns2:state>
      <ns2:county xsi:nil="true"/>
      <ns2:phoneType xsi:nil="true"/>
    </ns2:billingAddress>
    <ns2:accountCreateDate>05/11/11</ns2:accountCreateDate>
    <ns2:accountAverageAmount xsi:nil="true"/>
    <ns2:accountOrderCount>0</ns2:accountOrderCount>
    <ns2:walletId xsi:nil="true"/>
    <ns2:walletDisplayed xsi:nil="true"/>
    <ns2:walletSecured xsi:nil="true"/>
    <ns2:walletCardInd xsi:nil="true"/>
    <ns2:ip>90.37.101.225</ns2:ip>						<!-- Obligatoire pour un acheteur sur un navigateur web	--> 
														<!-- et autorise par legislation du pays 				-->					
    <ns2:mobilePhone>0627720695</ns2:mobilePhone>			
    <ns2:customerId>4805157</ns2:customerId>
    <ns2:legalStatus>1</ns2:legalStatus>
    <ns2:legalDocument xsi:nil="true"/>
    <ns2:birthDate xsi:nil="true"/>
    <ns2:fingerprintID xsi:nil="true"/>
    <ns2:deviceFingerprint xsi:nil="true"/>
    <ns2:isBot xsi:nil="true"/>
    <ns2:isIncognito xsi:nil="true"/>
    <ns2:isBehindProxy xsi:nil="true"/>
    <ns2:isFromTor xsi:nil="true"/>
    <ns2:isEmulator xsi:nil="true"/>
    <ns2:isRooted xsi:nil="true"/>
    <ns2:hasTimezoneMismatch xsi:nil="true"/>
	<ns2:merchantAuthentication>
		<ns2:method>02</ns2:method>							<!-- Recommande pour favoriser le frictionless --> 
															<!-- methode d'authentification de l'acheteur sur le compte marchand -->; 
		<ns2:date>27/01/2019 12:01</ns2:date>				<!-- Recommande pour favoriser le frictionless -->
															<!-- date et heure de connexion de l'acheteur sur le compte marchand -->
	</ns2:merchantAuthentication>
	<ns2:buyerExtended>										<!-- Fortement recommande pour favoriser le frictionless -->
															<!-- Recommandation valable pour tous les champs de la structure ci-dessous -->
	  {														
		"buyerExtendedHistory": {
				"suspiciousActivity": "N",					// Precise si une activite suspecte a ete detectee par le marchand
				"lastChange": "07/12/2018 10:40",			// date de derniere modification du compte acheteur chez le commercant 
				"lastPasswordChange": "07/12/2018 10:40",	// date de derniere modification du mot de passe par l'acheteur 
				"orderCount6Months": "15",					// Nombre de commandes de l'acheteur lors des 6 derniers mois
				"provisionAttemptsDay": "0",				// Nombre de tentatives d'ajout de carte de paiement dans le compte
															// acheteur au cours des dernières 24 heures
				"transactionCountDay": "0",					// Nombre de tentatives de paiement dans les dernières 24 heures
				"transactionCountYear": "38",				// Nombre de tentatives de paiement depuis 1 an
				"paymentAccountAge": "14/11/2015"			// Date de création du compte client
		}
	  }
	</ns2:buyerExtended>
  </ns1:buyer>

Objet 3dsInfo

  <ns1:3DSInfo>
	<ns2:challengeInd>02</ns2:challengeInd>													<!-- Optional: indique la preference du commercant pour l'authentification du porteur; 02: pas de challenge> -->
	<ns2:threeDSReqPriorAuthData/> <!-- Pour usage futur -->
	<ns2:threeDSReqPriorAuthMethod>02</ns2:threeDSReqPriorAuthMethod> 						<!-- Recommande pour favoriser le frictionless --> 
																							<!-- Method d'authentification 3DS du dernier paiement -->
	<ns2:threeDSReqPriorAuthTimestamp>12/01/2017 11:59</ns2:threeDSReqPriorAuthTimestamp> 	<!-- Recommande pour favoriser le frictionless -->
																							<!-- date et heure du dernier paiement -->
	<ns2:browser/>                                                                          <!-- Requis si paiement initie a partir d'un navigateur web -->
	<ns2:sdk/>																				<!-- Requis si paiement initie a partir d'une application mobile -->
  </ns1:3DSInfo>

Linked pages

Page:

3D Secure 2.0 - Comply with DSP2
Page:

3DSv2 - Acquirer exemption
Page:

3DSV2 - Direct Interface
Page:

3DSV2 - Direct Interface - Recurring payments
Page:

3DSv2 - Increase frictionless
Page:

3DSV2 - Mail Order / Telephon Order (MO /TO) Payments
Page:

3DSv2 - Webpage Interface

Arborescence des pages

3DSv2 - Increase frictionless

Challenge, Frictionless and Responsibility

Data related to authentication server risk analysis

Linked pages