Glossary

Acronyms used in the documentation in context of EMV 3D Secure.

Acronym Expansion
3DS 3D Secure
3RI 3DS Requestor Initiated
ACS Access Control Server
AFS Advanced Fraud Services
AReq Authentication Request
ARes Authentication Response
BIN Bank Identification Number
CNP Card Not Present
CReq Challenge Request
CRes Challenge Response
DS Directory Server
FSG Fraud Services Gateway
NPA Non-Payment Authentication
OTP One-time Passcode
OOB Out-of-Band
PA Payment Authentication
PAN Primary Account Number
RReq Result Request
RRes Result Response

Glossary terms used in the documentation in context of EMV 3D Secure

Term Explanation
3D Secure (3DS) An e-commerce authentication protocol that enables the secure processing of payment, non-payment and account confirmation card transactions.
3DS Client The consumer-facing component that allows the cardholder to interact with other components and vice versa.
3DS Method A scripting call provided by the 3DS Integrator that is placed on the 3DS Requestor website. Optionally used to obtain additional browser information to facilitate risk-based decisioning.
3DS Requestor Initiator of the 3DS authentication request.
3DS Requestor App An App on a consumer device that can process a 3D Secure transaction through the use of Elavon's FSG SDK (iOS or Android).
3DS Server Elavon's server that handles online transactions and facilitates communication between the 3DS Requestor and the DS.
3DS Integrator Also referred as 'Integrator' in our 3DS documentation. An EMV 3D Secure participant that facilitates and integrates the 3DS Requestor Environment, and optionally facilitates integration between the Merchant and the Acquirer.
3DS Requestor Initiated (3RI) 3D Secure transaction initiated by the 3DS Requestor for the purposes of confirming that an account is still valid or for Cardholder authentication. Main use case of a 3RI transaction is recurrent transactions (TV subscriptions, utility bill payments, etc.) where the merchant wants to perform a payment transaction to receive authentication data for each bill or a non-payment transaction to verify that a subscription user still has a valid form of payment. The second main use case is when the 3DS Requestor requests Decoupled Authentication as a method to authenticate the Cardholder.
Access Control Server (ACS) A component of the Issuer Domain that verifies whether authentication is available for a card number and device type, and authenticates specific Cardholders.
Authentication request (AReq) Message requesting authentication of the cardholder. Might contain cardholder, payment, and device details used in the transaction. 
Authentication response (ARes) ACS's response if the transaction has been authenticated or needs further interaction to complete the authentication. 
Authorisation A process by which an Issuer, or a processor on the Issuer's behalf, approves a transaction for payment.
Challenge flow A 3D Secure flow that requires further cardholder authentication to process the transaction.
Challenge request (CReq) Initiates cardholder interaction in a challenge flow. Sent by FSG SDK in an app-based scenario and sent by 3DS Server in a browser-based scenario.
Challenge response (CRes) ACS response to indicate the result of cardholder authentication. In an app-based scenario, the CRes contains necessary elements to generate and display the UI for the challenge.
Decoupled Authentication Decoupled Authentication is an authentication method whereby authentication can occur independent from the cardholder’s experience with the 3DS Requestor (browser/SDK). For example, a push notification to a banking app that completes authentication and then sends the results to the ACS (issuer).
Device Information Data provided by the Consumer Device that is used in the authentication process.
Directory Server (DS) A server that performs a number of functions that include: authenticating the 3DS Server, routing messages between the 3DS Server and the ACS, and validating the 3DS Server, the FSG SDK, and the 3DS Requestor.
Frictionless flow ACS authenticates the transaction without a challenge.
FSG SDK (Releasing soon) Fraud Services Gateway (FSG) Software Development Kit (SDK). You must integrate the SDK into the merchant app so that it can be used for the 3D Secure (3DS) transaction authentication process. This SDK supports both EMV 3D Secure 2.1 and 2.2.
Merchant Entity that contracts with an Acquirer to accept payment cards. Manages the online shopping experience with the Cardholder, obtains card number, and then transfers control to the 3DS Server, which conducts payment authentication.
Message Category Indicates the category of the EMV 3D Secure message. Either: Payment (01-PA) or Non-Payment (02-NPA)
Out-of-Band (OOB) A Challenge activity that is completed outside of, but in parallel to, the 3D Secure flow. The final Challenge Request is not used to carry the data to be checked by the ACS but signals only that the authentication has been completed.
Result request (RReq) Communicates the authentication result sent by the ACS to the 3DS Server. Present only in a challenge flow.
Result response (RRes) Receipt acknowledgement of the RReq message from the 3DS Server to the ACS. Present only in a challenge flow.
Whitelisting In this specification, the process of an ACS enabling the cardholder to place the 3DS Requestor on their trusted beneficiaries list.