Manually requesting step up (challenge) authentication

  Visa and Mastercard advise that merchants in PSD2-mandated countries must re-attempt authentication using the forced challenge (mandate) indicator (scaexemptionindicator=14) when a soft decline response is received.

 

There are certain circumstances where you may prefer transactions be subject to more stringent EMV 3-D Secure authentication. To allow for this, you can submit the additional field scaexemptionindicator in THREEDQUERY requests to the Trust Payments gateway with one of the following supported values:

  • scaexemptionindicator=13 - This will request the card issuer performs a step up (challenge) authentication with EMV 3DS, but if the card issuer deems this unnecessary, frictionless authentication will occur and the card issuer will assume liability in most circumstances.
  • scaexemptionindicator=14 - This will request the card issuer performs a step up (challenge) authentication with EMV 3DS in all circumstances.

For further information regarding different integrations, please refer to the sections provided below:

TRU Connect - Payment Pages
  • Update your POST to Trust Payments to include the field scaexemptionindicator with one of the following supported values:
  Field Format Description
table-conditional.png scaexemptionindicator Numeric (1)
  • 13 – Step up authentication at card issuer's discretion.
  • 14 –Step up authentication performed.

  In situations where a soft decline response has been returned, scaexemptionindicator=14 must be included in the POST in order to trigger step up authentication.

Example

<html>
<body>
<form method="POST" action="<DOMAIN>/process/payments/choice">
<input type="hidden" name="sitereference" value="test_site12345">
<input type="hidden" name="stprofile" value="default">
<input type="hidden" name="currencyiso3a" value="GBP">
<input type="hidden" name="mainamount" value="1.00">
<input type="hidden" name="version" value="2">
<input type="hidden" name="scaexemptionindicator" value="14">
<input type="submit" value="Pay">
</form>
</body>
</html>

Replace <DOMAIN> with a supported domain. Click here for a full list.

TRU Connect - JavaScript Library

Update the JWT payload include the field scaexemptionindicator with one of the following supported values:

  Field Format Description
table-conditional.png scaexemptionindicator Numeric (1)
  • 13 – Step up authentication at card issuer's discretion.
  • 14 –Step up authentication performed.

  In situations where a soft decline response has been returned, scaexemptionindicator=14 must be included in the payload in order to trigger step up authentication.

TRU Connect - Webservices API

You will need to ensure the THREEDQUERY submitted includes the field scaexemptionindicator with one of the following supported values. As there are a number of different workflows that can include Webservices API, the steps that need to be taken will depend on your integration:

  • If using Webservices API to process authorisation, following 3DS authentication using JavaScript Library or TRU Mobile (Android/iOS SDK), the payload will need to be updated to include the field scaexemptionindicator with one of the following supported values.
  • If using our 3DS API to process the EMV 3DS authentication, the THREEDQUERY request will need to be updated to include the field scaexemptionindicator with one of the following supported values.
  Field Format Description
table-conditional.png

scaexemptionindicator
XPath: /operation/scaexemptionindicator

Numeric (1)
  • 13 – Step up authentication at card issuer's discretion.
  • 14 –Step up authentication performed.

  In situations where a soft decline response has been returned, scaexemptionindicator=14 must be included in the payload in order to trigger step up authentication.

TRU Mobile

Update the JWT payload include the field scaexemptionindicator with one of the following supported values:

  Field Format Description
table-conditional.png scaexemptionindicator Numeric (1)
  • 13 – Step up authentication at card issuer's discretion.
  • 14 –Step up authentication performed.

  In situations where a soft decline response has been returned, scaexemptionindicator=14 must be included in the payload  in order to trigger step up authentication.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request