On this page:
This release adds support of EMV 3-D Secure 2.2 features
Authentication request sent for information only (
transStatus = I)
Information only is a new transaction status value (
transStatus = I) added in 3D Secure 2.2. If you want to send the data only for information purposes and do not need authentication, send a value of
05, 06, or 07 in the
threeDSRequestorChallengeInd field in the authentication request.
All integration options support this new transaction status request field.
Support of message category 02 (NPA) for merchant-initiated transactions
The message category (
messageCategory) field helps the merchant and the issuer to identify data elements that should be included in a message based on the type of transaction. When sending a merchant-initiated (3RI) authentication request (
deviceChannel = 03), you can now send the request for non-payment authentication by specifying
messageCategory = 02. Use this message category when you want to send a request for identity verification and account confirmation.
Learn more about the 3D Secure 2 message categories in the 3D Secure Concepts topic.
ACS Information Indicator
acsInfoInd field value in the
/lookup response indicates the 3DS support available for the account number. For example, if the
acsInfoInd field value is
03, it means that the issuer will support decoupled authentication for this card number. You could then indicate support for decoupled authentication in the authentication request.
This release does not support the decoupled authentication feature that is supported in the EMVco 3DS 2.2 specification.
Review these sample
/lookup responses and the API reference topics to learn more.
- Sample /lookup response when using the direct integration to the 3DS Server option
- Sample /lookup response when using the 3DS Web SDK
- Sample /lookup response when using the merchant-initiated transaction option
- API Reference
Support of MOTO transactions
Merchant-initiated (3RI) transactions (
deviceChannel = 03) now support Mail order Telephone order (MOTO) transactions. In the case of decoupled authentication for a MOTO transaction, the merchant’s customer service representative can convey the Cardholder Information Text (
cardholderInfo) verbally for transactions conducted via a landline or mobile phone.
Support of card schemes for 3DS 2.2
Our 3DS 2 solution supports following card schemes for the 3DS 2.2 specification: Visa, Mastercard, American Express, and Discover/Diners. To test different authentication scenarios, use our test card numbers on the test your integration page.
3D Secure 2.2 to 3D Secure 2.1 fallback
The 3D Server supports fallback to 3DS 2.1 if the issuer or the account number does not support 3D Secure 2.2. To learn more about the conditions for 3DS Server’s fallback strategy, visit the following links:
- If integrating directly with the 3DS Server, review the step 4 of the Direct integration to the 3DS Server topic.
- If using the 3DS Web SDK, review the Web SDK Overview topic.
- If initiating a transaction on behalf of the cardholder (merchant-initiated transactions of 3RI), review step 3 of the 3RI transactions topic.
3DS 1.0 support discontinued
Beginning mid-October 2022, most card brands will stop support for 3DS 1.0 . Therefore, with the 3DS 2.0 release, we have also discontinued the support for 3DS 1.0. We strongly recommend that you upgrade your environment to use to 3D Secure 2.
The 3DS server will return an error for the following scenarios:
- The customer attempts to make a transaction using a card (
account) that does not support 3DS 2.1 or later.
- You have set the
clientEndProtocolVersion = 1.0.2in the
To get started with 3D Secure 2, review the high-level integration steps.
This release supports the following features.
3D Secure 2 now available also for merchants who do not process their payment with Elavon
Even merchants who do not process their payment with Elavon can also use the 3D Secure 2 solution by Elavon now. Such merchants will be registered as service provider merchants. After the registration is complete, they can use the 3D Secure solution just like merchants who process their payments with Elavon.
Message extension elements for the travel industry
Partners and merchants who operate in the travel industry can send travel-related data such as air, car rental, hotel, and travelers to the issuer (ACS) in the
/authenticate request. The issuer uses this data in risk-decisioning and determining the appropriate authentication response that it will send to the merchant.
Token expiry timestamp
/token response returns a new field:
validTo. This field value indicates the exact time of token expiry in the UTC format. Review the authentication page for more details.
Web SDK updates
New features in the Web SDK version 1.0.5
- Supports the ‘service provider fields’ in the
/authenticaterequest for merchants who do not process their payment with Elavon. For details on these fields, see the 3D Secure 2 authenticate sample request in either the all-in-one workflow or the toolkit workflow
- Supports travel industry data in the
messageExtensionelement of the
- Error messages return all fields that were wrong in the corresponding request message.
acctInfoobject and its fields in the authenticate request
Bug fixes in the Web SDK
threeDSServerTransIDis now an optional field to send an authenticate request.
Install the latest version of Web SDK.
Web SDK demo application
The Web SDK demo application helps you to test all the functionalities that the Web SDK supports. You can now download the Web SDK demo application from the developer portal. Use the demo credentials listed on this page to send requests and responses in a test environment.
June 2021 (Documentation update only)
To receive authentication credentials that you would need to test the different integration options in the sandbox environment, fill in the information requested in this form.
3D Secure 2 test credentials request formopen_in_newLink opens new window
We will send you the credentials by the next business day. We will also send contact details to whom you can reach out for any help required during the integration and testing process.
The first release of the 3D Secure 2.0 solution by Elavon. This release supports the following features:
Available integration options
Fallback to 3D Secure 1
When the issuer or the card used for the transaction does not support 3D Secure 2, the transaction falls back to 3D Secure 1. Review the page to understand when a transaction will fall back to 3DS 1 and the integration steps.
Test environment to test different authentication scenarios
Use the test environment to test the authentication scenarios supported by 3D Secure 2. Use the test card numbers to test these scenarios. To test the Web SDK, you can also download the Web SDK demo app and use these test card numbers to generate different authentication scenarios.
Elavon’s 3D Secure 2 solution supports 3D Secure 2.1 authentication for Mastercard, Visa, American Express, and Diners card schemes. Review the Getting started page for a brief overview of 3D Secure 2.1 and the different authentication flows supported.