1. TRU Security   
  2. EMV 3-D Secure

Manually requesting step up (challenge) authentication

  Last updated: 

 

  Visa and Mastercard require merchants in PSD2-mandated countries to re-attempt authentication using the forced challenge (mandate) indicator (scaexemptionindicator=14) when a soft decline response is received.

 

There are certain circumstances where you may prefer transactions be subject to more stringent EMV 3-D Secure authentication. To allow for this, you can submit the additional field scaexemptionindicator in THREEDQUERY requests to the Trust Payments gateway with one of the following supported values:

  • scaexemptionindicator=13 - This will request the card issuer performs a step up (challenge) authentication with EMV 3DS, but if the card issuer deems this unnecessary, frictionless authentication will occur and the card issuer will assume liability in most circumstances.
  • scaexemptionindicator=14 - This will request the card issuer performs a step up (challenge) authentication with EMV 3DS in all circumstances.

For further information regarding different integrations, please refer to the sections provided below:

TRU Connect - Payment Pages
  • Update your POST to Trust Payments to include the field scaexemptionindicator with one of the following supported values:
  Field Format Description
X2-EN.png scaexemptionindicator Numeric (1)
  • 13 – Step up authentication at card issuer's discretion.
  • 14 –Step up authentication performed.

  In situations where a soft decline response has been returned, scaexemptionindicator=14 must be included in the POST in order to trigger step up authentication.

Example

<html>
  <body>
    <form method="POST" action="<DOMAIN>/process/payments/choice">
      <input type="hidden" name="sitereference" value="test_site12345">
      <input type="hidden" name="stprofile" value="default">
      <input type="hidden" name="currencyiso3a" value="GBP">
      <input type="hidden" name="mainamount" value="1.00">
      <input type="hidden" name="version" value="2">
      <input type="hidden" name="scaexemptionindicator" value="14">
      <input type="submit" value="Pay">
    </form>
  </body>
</html>

Replace <DOMAIN> with a supported domain. Click here for a full list.

TRU Connect - JavaScript Library

Update the JWT payload to include the field scaexemptionindicator with one of the following supported values:

  Field Format Description
X2-EN.png scaexemptionindicator Numeric (1)
  • 13 – Step up authentication at card issuer's discretion.
  • 14 –Step up authentication performed.

  In situations where a soft decline response has been returned, scaexemptionindicator=14 must be included in the payload in order to trigger step up authentication.

  Click here for JavaScript Library documentation.

TRU Security - 3DS API

You will need to ensure the THREEDQUERY submitted includes the field scaexemptionindicator with one of the following supported values:

  Field Format Description
X2-EN.png

scaexemptionindicator
XPath: /operation/scaexemptionindicator

 Numeric (1)
  • 13 – Step up authentication at card issuer's discretion.
  • 14 –Step up authentication performed.

  In situations where a soft decline response has been returned, scaexemptionindicator=14 must be included in the payload in order to trigger step up authentication.
TRU Mobile

Update the JWT payload to include the field scaexemptionindicator with one of the following supported values:

  Field Format Description
X2-EN.png scaexemptionindicator Numeric (1)
  • 13 – Step up authentication at card issuer's discretion.
  • 14 –Step up authentication performed.

  In situations where a soft decline response has been returned, scaexemptionindicator=14 must be included in the payload  in order to trigger step up authentication.
Was this article helpful?
0 out of 0 found this helpful
Avatar
Michael Buckley

 

Further reading on this topic