Merchant preference
The merchant can express their choice concerning strong buyer authentication using the fieldstrongAuthentication.
The value transmitted in the payment request has priority over the risk rules potentially defined by the merchant in their Expert Back Office.
Here is how to use it:
Use case | Values | Description |
---|---|---|
CHALLENGE: With cardholder interaction | ENABLED | Deprecated. |
CHALLENGE_REQUESTED | 3DS Requestor Preference. Allows to request strong authentication for the transaction. | |
CHALLENGE_MANDATE | Challenge request mandate. Allows to indicate that, due to regulatory reasons, strong authentication is required for the transaction. | |
FRICTIONLESS: Without cardholder interaction. Mandatory “Frictionless 3DS2” option | DISABLED | Allows to request an exemption from strong authentication:
More information: Exemption table. |
No merchant preference | AUTO | The choice of the preference is transferred to the card issuer. If the issuer decides to perform an authentication without interaction (frictionless), the payment will be guaranteed. |
NO_PREFERENCE |
Exemptions | Description |
---|---|
Low value transactions | In Europe, you can request an exemption from strong authentication, for transactions of less than €30, and within the limit of either 5 successive operations or a cumulative amount of less than €100. If the amount is higher than €30, the value transmitted by the merchant is ignored and the choice of the preference is transferred to the card issuer (No Preference). For payments made in a currency other than euro, a request for frictionless is transmitted to the issuer. If the frictionless request is accepted, the transaction does not benefit from the liability shift in case of dispute initiated by the cardholder.. If the shop does not have the “Frictionless 3DS2” option, the choice of the preference is delegated to the card issuer (No Preference). |
Transactional Risk Analysis (Acquirer TRA) | If your shop has the “3DS2 Acquirer TRA” option, you can ask the issuer for an exemption from strong authentication if the amount is below the threshold set by your financial institution. If the frictionless request is accepted, the transaction does not benefit from the liability shift in case of a dispute initiated by the cardholder. The activation of the “3DS2 Acquirer TRA” option is subject to the prior agreement of your financial institution. |
LRM (Low Risk Merchant) | CB offers the LRM (=Low Risk Merchant) program. This program is designed to meet the needs of very low-risk, high-volume merchants. You can request an exemption from strong authentication:
|