3-D Secure v2 Liability

If the customer is authenticated as part of the EMV 3-D Secure process and it is later determined that fraud has been committed, the card issuer will be liable in the event of a fraudulent chargeback in the majority of cases. Please refer to the below for further information:

  Successful authentication of a transaction does not guarantee the liability shift or successful authorisation.

  If you would like to add rules that automatically block payments where you would be held liable in the event of fraud, please contact our Support Team to discuss.


Such rules are not supported if your solution processes transactions that are exempt from SCA because the liability shift cannot be applied to SCA exemptions.

  The criteria used to determine the liability is determined by the acquirer and is subject to change. As such, the information presented here may be subject to exceptions, depending on the parties facilitating the payment. For clarification, we recommend contacting your acquirer.

Mastercard

Description Status CAVV Leading Indicator ECI Liability
Transaction successfully authenticated by ACS - Frictionless Y kA 02 Issuer
Transaction successfully authenticated by ACS - Challenge Y kB 02 Issuer
Transaction successfully authenticated by Mastercard Smart Authentication - Stand-In - Frictionless (low risk) Y kC 02 Issuer
Transaction successfully authenticated by Mastercard Smart Authentication - Stand-In - Frictionless (non-low risk) A kE 01 Issuer
Transaction could not be authenticated by either the ACS or Mastercard Smart Authentication - Stand-In - Attempts A kF 01 Issuer

Transaction successfully authenticated by the ACS without challenging the cardholder using Trusted Merchant Listing Exemption

(3DS Requestor Challenge Indicator = 08)

Y kR 02 Issuer
Transaction successfully authenticated by the ACS with challenge using Decoupled Authentication Y kS 02 Issuer

Transaction was not authenticated by either ACS or Mastercard as Acquirer SCA Exemption was applied because of TRA exemption

(3DS Requestor Challenge Indicator = 05)

I kN 06 Merchant

Transaction was not authenticated by either ACS or Mastercard as Acquirer SCA Exemption was applied because an SCA was already performed

(3DS Requestor Challenge Indicator = 07)

I kN 06 Merchant

Transaction was not authenticated by either ACS or Mastercard as it was an Information Only / Data Share Only message

(3DS Requestor Challenge Indicator = 06)

I kN 06 Merchant

Transaction was not authenticated by either ACS or Mastercard as Smart Authentication Direct for Acquirer Exemption (SADAE) was applied

(3DS Requestor Challenge Indicator = 05/07)

I kN 06 Merchant
Transaction successfully authenticated by Mastercard Identity Check Express (IDCX) service Y kD 02 Issuer
Transaction could not be authenticated - Attempts doesn't apply N None 00 Merchant
Transaction rejected by issuer - Authorisation should not be attempted R None 00 N/A

 

Visa

Description Status CAVV Present? ECI Liability
Authentication Successful Y Y 05 Issuer*
Authentication Attempted A Y 06 Issuer*
Informational only:
3DS Requestor challenge preference acknowledged
I Y 07 Merchant
Authentication Failed;
Not Authenticated;
Transaction Denied
N N 07 Merchant
Authentication could not be performed; Technical or other problem U N 07 Merchant
Authentication Rejected R N 07 Merchant
Challenge Required to authenticate the cardholder C N/A N/A N/A
Challenge Required;
Decoupled Authentication confirmed
D N/A N/A N/A
No CAVV present [ Any ] N [ Any ] Merchant

*Where a valid CAVV is submitted but the transaction does not qualify for Visa’s 3-D Secure program, the merchant is liable for any resulting fraud chargebacks.

 

Mastercard - Not currently supported

Description Status CAVV Leading Indicator ECI Liability
Recurring transaction successfully authenticated by ACS - Frictionless Y kA 02 Issuer
Recurring transaction successfully authenticated by ACS - Challenge Y kB 02 Issuer
Recurring transaction successfully authenticated by Mastercard Smart Authentication - Stand-In - Frictionless (low risk) Y kC 02 Issuer
Recurring transaction successfully authenticated by Mastercard Smart Authentication - Stand-In - Frictionless (non-low risk) A kE 01 Issuer
Recurring transaction could not be authenticated by either the ACS or Mastercard Smart Authentication - Stand-In - Attempts A kF 01 Issuer
Subsequent Recurring transaction (3RI Payments) successfully authenticated by ACS - Frictionless Y kO 07 Issuer
Subsequent Recurring transaction (3RI Payments) successfully authenticated by ACS - Challenge using Decoupled Authentication Y kP 07 Issuer
Identity Check Insights - No Authentication performed by either the ACS or Mastercard Smart Authentication U kX 04 Merchant
3RI Identity Check Insights - No Authentication performed by either the ACS or Mastercard Smart Authentication U kX 04 Merchant
Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request