Release notes

On this page:

October, 2022

This release adds support of EMV 3-D Secure 2.2 features

Authentication request sent for information only (transStatus = I)

Information only is a new transaction status value (transStatus = I) added in 3D Secure 2.2. If you want to send the data only for information purposes and do not need authentication, send a value of 05, 06, or 07 in the threeDSRequestorChallengeInd field in the authentication request.

All integration options support this new transaction status request field.

Support of message category 02 (NPA) for merchant-initiated transactions

The message category (messageCategory) field helps the merchant and the issuer to identify data elements that should be included in a message based on the type of transaction. When sending a merchant-initiated (3RI) authentication request (deviceChannel = 03), you can now send the request for non-payment authentication by specifying messageCategory = 02. Use this message category when you want to send a request for identity verification and account confirmation.

Learn more about the 3D Secure 2 message categories in the 3D Secure Concepts topic.

ACS Information Indicator

The acsInfoInd field value in the /lookup response indicates the 3DS support available for the account number. For example, if the acsInfoInd field value is 03, it means that the issuer will support decoupled authentication for this card number. You could then indicate support for decoupled authentication in the authentication request.

Review these sample /lookup responses and the API reference topics to learn more.

• Sample /lookup response when using the direct integration to the 3DS Server option
• Sample /lookup response when using the 3DS Web SDK
• Sample /lookup response when using the merchant-initiated transaction option
• API Reference

Support of MOTO transactions

Merchant-initiated (3RI) transactions (deviceChannel = 03) now support Mail order Telephone order (MOTO) transactions. In the case of decoupled authentication for a MOTO transaction, the merchant’s customer service representative can convey the Cardholder Information Text (cardholderInfo) verbally for transactions conducted via a landline or mobile phone.

Support of card schemes for 3DS 2.2

Our 3DS 2 solution supports following card schemes for the 3DS 2.2 specification: Visa, Mastercard, American Express, and Discover/Diners. To test different authentication scenarios, use our test card numbers on the test your integration page.

3D Secure 2.2 to 3D Secure 2.1 fallback

The 3D Server supports fallback to 3DS 2.1 if the issuer or the account number does not support 3D Secure 2.2. To learn more about the conditions for 3DS Server’s fallback strategy, visit the following links:

• If integrating directly with the 3DS Server, review the step 4 of the Direct integration to the 3DS Server topic.
• If using the 3DS Web SDK, review the Web SDK Overview topic.
• If initiating a transaction on behalf of the cardholder (merchant-initiated transactions of 3RI), review step 3 of the 3RI transactions topic.

3DS 1.0 support discontinued

Beginning mid-October 2022, most card brands will stop support for 3DS 1.0 . Therefore, with the 3DS 2.0 release, we have also discontinued the support for 3DS 1.0. We strongly recommend that you upgrade your environment to use to 3D Secure 2.

The 3DS server will return an error for the following scenarios:

• The customer attempts to make a transaction using a card (account) that does not support 3DS 2.1 or later.
• You have set the clientEndProtocolVersion = 1.0.2 in the /lookup or /authenticate request.

To get started with 3D Secure 2, review the high-level integration steps.

August 2021

This release supports the following features.

3D Secure 2 now available also for merchants who do not process their payment with Elavon

Even merchants who do not process their payment with Elavon can also use the 3D Secure 2 solution by Elavon now. Such merchants will be registered as service provider merchants. After the registration is complete, they can use the 3D Secure solution just like merchants who process their payments with Elavon.

Message extension elements for the travel industry

Partners and merchants who operate in the travel industry can send travel-related data such as air, car rental, hotel, and travelers to the issuer (ACS) in the /authenticate request. The issuer uses this data in risk-decisioning and determining the appropriate authentication response that it will send to the merchant.

Token expiry timestamp

The /token response returns a new field: validTo. This field value indicates the exact time of token expiry in the UTC format. Review the authentication page for more details.

Web SDK updates

New features in the Web SDK version 1.0.5

• Supports the ‘service provider fields’ in the /authenticate request for merchants who do not process their payment with Elavon. For details on these fields, see the 3D Secure 2 authenticate sample request in either the all-in-one workflow or the toolkit workflow
• Supports travel industry data in the messageExtension element of the /authenticate request.
• Error messages return all fields that were wrong in the corresponding request message.
• Accepts acctInfo object and its fields in the authenticate request

Bug fixes in the Web SDK

• threeDSServerTransID is now an optional field to send an authenticate request.

Install the latest version of Web SDK.

Web SDK demo application

The Web SDK demo application helps you to test all the functionalities that the Web SDK supports. You can now download the Web SDK demo application from the developer portal. Use the demo credentials listed on this page to send requests and responses in a test environment.

June 2021 (Documentation update only)

To receive authentication credentials that you would need to test the different integration options in the sandbox environment, fill in the information requested in this form.

3D Secure 2 test credentials request formopen_in_newLink opens new window

We will send you the credentials by the next business day. We will also send contact details to whom you can reach out for any help required during the integration and testing process.

February 2021

The first release of the 3D Secure 2.0 solution by Elavon. This release supports the following features:

Available integration options

Two integration options are supported in this release: integrate directly to the 3DS Server or use the Web SDK for integration to the 3DS Server.

Fallback to 3D Secure 1

When the issuer or the card used for the transaction does not support 3D Secure 2, the transaction falls back to 3D Secure 1. Review the page to understand when a transaction will fall back to 3DS 1 and the integration steps.

Test environment to test different authentication scenarios

Use the test environment to test the authentication scenarios supported by 3D Secure 2. Use the test card numbers to test these scenarios. To test the Web SDK, you can also download the Web SDK demo app and use these test card numbers to generate different authentication scenarios.

Elavon’s 3D Secure 2 solution supports 3D Secure 2.1 authentication for Mastercard, Visa, American Express, and Diners card schemes. Review the Getting started page for a brief overview of 3D Secure 2.1 and the different authentication flows supported.

Related topics

• Direct integration to 3DS Server

• 3DS Web SDK Integration

• 3D Secure 2 for merchants who do not process their payments with Elavon

• Test your integration

• API reference

• previousHTTP response status codes
• nextProduct Security and Best Practices