PCI/Charge/CreateToken
The Charge/CreateToken operation is a REST API Web Service. It allows you to create a new alias from a card number.
In PCI-DSS mode, you can directly fill in card details in the web service.
A verification transaction is created at the same time as the token. The token will be located inside the transaction, in the paymentMethodToken parameter.
For non-PCI use with embedded form, go here: Charge/CreateToken(non-PCI).
This web service allows you to perform a 3D Secure authentication when creating the token. It is therefore necessary to become familiar with the functioning of this feature. To learn about its integration, go to: PCI token creation service
Important aspect related to CB payments
With the implementation of PSD2, issuers can refuse the creation of the alias if the 3D Secure authentication has not been performed. This behavior is called "Soft Decline".
In the case of a "Soft Decline" the transactionDetails.cardDetails.authorizationResponse.authorizationResult field is valued at 81. It is the merchant's responsibility to initiate a new alias creation with 3D secure authentication.
Request parameters
contrib
Name of the e-commerce solution used on the merchant website and its version number.
Format
currency
Payment currency. Alphabetic code in uppercase according to alpha-3 (ISO 4217).
Eg: "EUR" for the euro.
Format
Possible values
The possible values are:
| Currency | ISO 4217 ENCODING | Fractional unit |
|---|---|---|
| Australian dollar (036) | AUD | 2 |
| Canadian dollar (124) | CAD | 2 |
| Swiss franc (756) | CHF | 2 |
| Danish crown (208) | DKK | 2 |
| Euro (978) | EUR | 2 |
| Pound Sterling (826) | GBP | 2 |
| Japanese yen (392) | JPY | 0 |
| Norwegian crown (578) | NOK | 2 |
| Swedish krona (752) | SEK | 2 |
| US dollar (840) | USD | 2 |
ipnTargetUrl
You can override the Instant Payment Notification (also called IPN) in the payment form in case you use one shop for various sales channels, payment types, languages, etc.
Format
orderId
Order reference defined by the Merchant.Does not support UTF-8 characters.
Format
metadata
Custom values linked to the transaction, in JSON format.
Example of a call
For example, to pass a custom value, such as the Buyer's eye color, add the following to your query:
{
"metadata": {
"eyesColor": "blue"
}
}This value will be returned in the newly created transaction object.
You can also use the metadata " orderInfo1 ", " orderInfo2 " and " orderInfo3 " to send complementary information about the order.
This data can be found later in the Extra tab of the transaction details via your
Format
fingerPrintId
This field is used by merchants who implement the risk analyzer in their payment page. Allows you to send the session ID (or fingerPrint Id) to the payment platform to finalize the risk analysis.
The supported analyzers are:
- NOTO
- Cybersource
- MonitorPlus
- ClearSale
Can contain uppercase and lowercase characters, numbers or hyphens ([A-Z] [a-z], 0-9, _, -).
Format
paymentMethodType
Path: paymentForms.paymentMethodType
Type of payment method.
Possible values
| Value | Description |
|---|---|
| CARD | Card payment. |
| SDD | SEPA Direct Debit |
Format
paymentForms.pan
PAN (Primary Account Number) is the primary card number usually consisting of 16 digits.
Format
expiryMonth
Path: paymentForms.expiryMonth
Expiration month in a two-digit format. Example: "09" for September.
Format
expiryYear
Path: paymentForms.expiryYear
Expiration year in a two-digit format. Example: "25" for 2025.
Format
securityCode
Path: paymentForms.securityCode
Card security code.
Its length can vary between 3 or 4 digits depending on the card type.
Format
paymentForms.brand
Card brand.
Format
cardHolderName
Path: paymentForms.cardHolderName
Cardholder's first and last names.
Format
identityDocumentNumber
Path: paymentForms.identityDocumentNumber
Buyer's ID number.
The format depends on the ID type: between 7 and 13 characters, digits, letters and/or dots.
In Latin America, this parameter may be mandatory for some buyers.
Format
identityDocumentType
Path: paymentForms.identityDocumentType
ID type.
Possible values:
| Type | Description |
|---|---|
| DNI | Documento Nacional de Identidad |
| CC | Cédula de ciudadania |
| TI | Tarjeta de Identidad |
| CE | Cédula de Extranjeria |
| NI | Número de Identificación Tributaria |
| PS | Pasaporte |
Format
paymentForms.mid
Merchant ID number. If this field is populated, make sure you use the appropriate MID depending on the card scheme.
Format
customer.reference
Buyer ID on the merchant side.
Format
customer.email
Buyer's e-mail address.
Format
customer.ipAddress
Buyer's IP address.
Format
address
Path: customer.billingDetails.address
Billing address.
Warning: the characters > and < are not authorized.
Format
address2
Path: customer.billingDetails.address2
Second line of the billing address.
Warning: the characters > and < are not authorized.
Format
category
Path: customer.billingDetails.category
Buyer type.
Format
Possible values
| values | Description |
|---|---|
| PRIVATE | Individual buyer type. |
| COMPANY | Company buyer type. |
cellPhoneNumber
Path: customer.billingDetails.cellPhoneNumber
Buyer's cell phone number.
Accepts all formats:
Examples:
- 0623456789
- +33623456789
- 0033623456789
- (+34) 824 65 43 21
- 87 77 12 34
Format
city
Path: customer.billingDetails.city
City of the billing address.
Format
country
Path: customer.billingDetails.country
Buyer's country (in uppercase, in accordance with the ISO 3166-1 alpha-2 country codes).
Format
Possible values
Examples of possible values:
| Country | Code |
|---|---|
| AUSTRIA | AT |
| BRAZIL | BR |
| CORSICA | FR |
| IVORY COAST | CI |
| FRANCE | FR |
| GUADELOUPE | GP |
| INDIA | IN |
| MARTINIQUE | MQ |
| NEW CALEDONIA | NC |
| ST-PIERRE-ET-MIQUELON | PM |
| FRENCH POLYNESIA | PF |
district
Path: customer.billingDetails.district
District of the billing address.
Format
firstName
Path: customer.billingDetails.firstName
Buyer's first name.
Format
identityCode
Path: customer.billingDetails.identityCode
National identifier. Allows to identify each citizen within a country.
Format
identityType
Path: customer.billingDetails.identityType
ID type.
Possible values:
| Type | Description |
|---|---|
| DNI | Documento Nacional de Identidad |
| CC | Cédula de ciudadania |
| TI | Tarjeta de Identidad |
| CE | Cédula de Extranjeria |
| NI | Número de Identificación Tributaria |
| PS | Pasaporte |
Format
language
Path: customer.billingDetails.language
Buyer's language code, according to ISO 639-1.
Specify the language in which payment confirmation e-mails are sent.
The device object and its attributes are not required if paymentSource is set to MOTO.
Format
Possible values
Examples of possible values:
| Language | Code |
|---|---|
| German (Germany) | DE |
| English (United Kingdom) | EN |
| English (United States) | EN |
| Chinese (Traditional) | ZH |
| Spanish (Spain) | ES |
| Spanish (Chile) | ES |
| French (France) | FR |
| Italian (Italy) | IT |
| Japanese (Japan) | JP |
| Dutch (the Netherlands) | NL |
| Polish (Poland) | PL |
| Portuguese (Brazil) | PT |
| Portuguese (Portugal) | PT |
| Russian (Russia) | RU |
lastName
Path: customer.billingDetails.lastName
Buyer's last name.
Format
legalName
Path: customer.billingDetails.legalName
Legal name.
Format
phoneNumber
Path: customer.billingDetails.phoneNumber
Buyer's phone number.
Accepts all formats:
Examples:
- 0123456789
- +33123456789
- 0033123456789
- (00.571) 638.14.00
- 40 41 42 42
Format
state
Path: customer.billingDetails.state
Region (state) of the billing address. It is recommended, but not mandatory, to pass the value in ISO-3166-2.
Format
streetNumber
Path: customer.billingDetails.streetNumber
Street number of the billing address.
Accepted characters:
- Alphabetical characters (from "A" to "Z" and from "a" to "z")
- Space
Format
title
Path: customer.billingDetails.title
Buyer's title.
Examples:
- Mr
- Ms.
- Mrs
Format
zipCode
Path: customer.billingDetails.zipCode
Zip code of the billing address.
Format
insuranceAmount
Path: customer.shoppingCart.insuranceAmount
Insurance amount for the entire order, expressed in the smallest monetary unit (cent for euro).
Example: 30050 for EUR 300.50.
Format
shippingAmount
Path: customer.shoppingCart.shippingAmount
Amount of delivery fees for the entire order, expressed in its smallest monetary unit (cent for euro).
Example: 30050 for EUR 300.50.
Format
taxAmount
Path: customer.shoppingCart.taxAmount
Amount of taxes for the entire order expressed in the smallest monetary unit (cent for euro).
Example: 30050 for EUR 300.50.
Format
cartItemInfo
Path: customer.shoppingCart.cartItemInfo
cardItemInfo is a list that contains Customer/ShoppingCartItemInfo objects.
It allows you to describe each item in the cart.
Format
productAmount
Path: customer.shoppingCart.cartItemInfo.productAmount
Amount of the product expressed in the smallest currency unit (cent for euro).
Example: 30050 for EUR 300.50.
Format
productLabel
Path: customer.shoppingCart.cartItemInfo.productLabel
Product name.
Format
productQty
Path: customer.shoppingCart.cartItemInfo.productQty
Product quantity.
Format
productRef
Path: customer.shoppingCart.cartItemInfo.productRef
Product reference.
Format
productType
Path: customer.shoppingCart.cartItemInfo.productType
Product type.
Possible values
| Value | Description |
|---|---|
| FOOD_AND_GROCERY | Food and grocery |
| AUTOMOTIVE | Cars / Moto |
| ENTERTAINMENT | Entertainment / Culture |
| HOME_AND_GARDEN | Home and gardening |
| HOME_APPLIANCE | Household appliances |
| AUCTION_AND_GROUP_BUYING | Auctions and group purchasing |
| FLOWERS_AND_GIFTS | Flowers and presents |
| COMPUTER_AND_SOFTWARE | Computers and software |
| HEALTH_AND_BEAUTY | Health and beauty |
| SERVICE_FOR_INDIVIDUAL | Services for individuals |
| SERVICE_FOR_BUSINESS | Services for companies |
| SPORTS | Sports |
| CLOTHING_AND_ACCESSORIES | Clothes and accessories |
| TRAVEL | Travel |
| HOME_AUDIO_PHOTO_VIDEO | Sound, image and video |
| TELEPHONY | Telephony |
Format
productVat
Path: customer.shoppingCart.cartItemInfo.productVat
Product type.
Tax fee amount (expressed in the smallest currency unit).
Possible values
| Value | Description |
|---|---|
| Integer | Transaction amount. Its value must be a positive integer (e.g.: 1234 for 12.34 EUR). |
| Decimal number, lower than 100 | Percentage applied to the amount. Examples: 20.0 or 19.6532 |
To display a percentage applied to the payment amount for the product in question, the value should have maximum 4 digits after the decimal point. The decimal separator is mandatory for displaying a percentage. The decimal separator is represented by the "." symbol.
Format
strongAuthentication
strongAuthentication is used to indicate the Merchant's preference for strong buyer authentication.
With 3DS2, it is no longer possible to disable 3DS. However, the merchant can request an exemption in his payment request (this is called "merchant preference").
In this case, if the request is accepted by the issuer, the Buyer will not have to authenticate him/herself (no challenge) but the Merchant will assume the responsibility in case of chargeback (no liability shift to the issuer).
In any case, the issuing bank itself determines whether interaction with the Buyer (challenge) is necessary.
Under PSD2, strong authentication is required when registering a card, regardless of the merchant's preference.
Possible values
The possible values are:
| Value | 3DS1 description | 3DS2 description |
|---|---|---|
| ENABLED | Enables strong authentication (if possible). | Depreciated.This value will be interpreted as CHALLENGE_REQUESTED. |
| DISABLED | Disables (if possible) strong authentication. Requires the "3DS1 Selective" option.. By using this value, you expose yourself to "Soft decline" refusals. Deactivation will not be taken into account if the payment method requires strong authentication. This is the case for MAESTRO cards. | Allows to request authentication without interaction (frictionless). Requires the "Frictionless 3DS2" option.
If the shop does not have the "Frictionless 3DS2" option, the choice of preference is delegated to the card issuer (No Preference). |
| CHALLENGE_REQUESTED | Enables strong authentication (if possible). | Allows you to request strong authentication for the transaction. |
| CHALLENGE_MANDATE | Enables strong authentication (if possible). | Allows you to indicate that for regulatory reasons, strong authentication is required for the transaction. |
| NO_PREFERENCE | Enables strong authentication (if possible). | Indicates to the DS that the merchant does not have a preference. If the issuer decides to perform frictionless authentication, the payment will be guaranteed. |
| AUTO | Enables strong authentication (if possible). | The choice of preference is delegated to the card issuer (No Preference). |
Format
mid
Path: transactionOptions.cardOptions.mid
Merchant ID number. If this field is populated, make sure you use the appropriate MID depending on the card scheme.
Format
paymentSource
Path: transactionOptions.cardOptions.paymentSource
Payment source.
Format
Possible values
The possible values are:
| Value | Description |
|---|---|
| EC | E-Commerce: the data of the means of payment are entered by the buyer. This value allows a strong authentication during the payment. |
| MOTO | MAIL OR TELEPHONE ORDER: entry by an operator.The payment information is sent by mail or e-mail. Requires a VAD contract. |
| CC | Call Center: payment made through a call center. Requires a VAD contract. |
| OTHER | Other sales channel.Returned output value for payments made via the |
| Absent ou null | The default value is "EC". |
retry
Path: transactionOptions.cardOptions.retry
Number of new attempts available in case the payment is rejected (3 by default).
Format
device.deviceType
Type of device on which the authentication takes place.
Several methods can be used to identify the device type (screen size, user-agent, etc.).
Example of JavaScript code based on the screen size:
var isMobile = "";
var testMobile = window.matchMedia("only screen and (max-width: 760px)");
if (testMobile.matches){
isMobile="MOBILE";
}
else{
isMobile="BROWSER"
}The device object and its attributes are not required if paymentSource is set to MOTO.
Possible values
| Value | Description |
|---|---|
| BROWSER | Authentication in a browser. |
| MOBILE | Authentication by phone. |
Format
device.acceptHeader
Exact content of the Accept HTTP header as it is sent by the Buyer's browser.
The device object and its attributes are not required if paymentSource is set to MOTO.
Format
device.userAgent
Exact content of the HTTP "user-agent" header sent by the browser. Must be truncated if the value exceeds 2048 characters.
Obtained from the client's browser via the "navigator.userAgent" property.
JavaScript code allowing to retrieve the value:
const language = navigator.userAgent;
The device object and its attributes are not required if paymentSource is set to MOTO.
Format
device.ip
Browser's IP address as returned in HTTP headers by the client. IPV4 format (e.g.: 1.12.123.255) or IPV6 (e.g.: 2011:0db8:85a3:0101:0101:8a2e:0370:7334). Variable length, maximum 45 characters.
The device object and its attributes are not required if paymentSource is set to MOTO.
Format
device.javaEnabled
Boolean that represents the browser's capacity to execute Java.The value is the one returned by the "navigator.javaEnabled()" function, it can be true or false.
JavaScript code allowing to retrieve the value:
const javaEnabled = navigator.javaEnabled();
The device object and its attributes are not required if paymentSource is set to MOTO.
Format
device.language
Obtained from the client browser via the "navigator.language" property.
Examples: "en", "en-US", "de", "fr", etc.
JavaScript code allowing to retrieve the value:
const language = navigator.language;
Format
device.colorDepth
Value representing the depth of the color palette used to display images, in bits per pixel.
Obtained from the client's browser via the "screen.colorDepth" property.
JavaScript code allowing to retrieve the value:
const colorDepth = screen.colorDepth;
The device object and its attributes are not required if paymentSource is set to MOTO.
Format
device.screenHeight
The total height of the client's screen in pixels. The value is the one returned by the "screen.height" property. From 1 to 6 characters.
JavaScript code allowing to retrieve the value:
const screenHeight = screen.height;
The device object and its attributes are not required if paymentSource is set to MOTO.
Format
device.screenWidth
The total width of the client's screen in pixels. The value is the one returned by the "screen.width" property. From 1 to 6 characters.
JavaScript code allowing to retrieve the value:
const screenWidth = screen.width;
The device object and its attributes are not required if paymentSource is set to MOTO.
Format
timeZoneOffset
Path: device.timeZoneOffset
Time difference between UTC time and the local time of the client browser, in minutes. Its value is -120 for a user in the UTC+2 time zone and 570 for the UTC-09:30 time zone.
JavaScript code allowing to retrieve the value:
const timeZoneOffset = new Date().getTimezoneOffset();
The device object and its attributes are not required if paymentSource is set to MOTO.
Format
name
Path: authenticationDetails.protocol.name
Name of the protocol used by the cardholder authentication services.
Possible values
| Value | Description |
|---|---|
| THREEDS | 3D Secure protocol |
Format
version
Path: authenticationDetails.protocol.version
Version of the protocol used by the cardholder authentication services.
Possible values
| Value | Description | Compatible protocol |
|---|---|---|
| 1 | To be filled in if the exact version is not known. In this case, the latest version supported in 3D Secure 1 by the payment platform will be considered | All |
| 2 | must be filled in if the exact version is not known. In this case, the latest version supported in 3D Secure 2 by the payment platform will be considered | All |
| 1.0.2 | Version 1.0.2 | THREEDS |
| 2.1.0 | Version 2.1.0 | THREEDS |
| 2.2.0 | Version 2.2.0 | THREEDS |
Format
directoryServer
Path: authenticationDetails.protocol.directoryServer
Name of the DS network where the authentication took place.
Possible values
| PROTOCOL NAME | DIRECTORYSERVER VALUE | NETWORK NAME |
|---|---|---|
| THREEDS | AMEX | American Express network (SafeKey) |
| CB | Réseau Carte Bancaire | |
| VISA | Réseau Visa | |
| ELO | Réseau Elo (Brésil) | |
| DINERS | Réseau Diners | |
| DISCOVER | Réseau Discover | |
| ELO | Réseau Elo |
Format
challengePreference
Path: authenticationDetails.protocol.challengePreference
Indicates whether or not the Merchant has requested a challenge.
Possible values
| Value | 3DS1 card | 3DS2 card | |
|---|---|---|---|
| NO_PREFERENCE | Forced 3DS1 authentication. | The choice of preference is delegated to the card issuer. | |
| NO_CHALLENGE_REQUESTED | Disabled 3DS1 authentication. | Allows you to request authentication without interaction (frictionless). | |
| CHALLENGE_REQUESTED | Forced 3DS1 authentication. | Allows you to request strong authentication for the transaction. | |
| CHALLENGE_MANDATED | Forced 3DS1 authentication. | Allows to indicate that, for regulatory reasons, strong authentication is required for the transaction. | |
| DATA_ONLY | Disabled 3DS1 authentication. | Allows you to request authentication without interaction, processed by the DS instead of the ACS of the issuing bank. The transaction cannot benefit from the liability shift The authentication will be disabled if the network does not support this feature. The PCI/Charge/Authenticate service returns an INT_808 error code if the field transactionCategory is not valued at PAYMENT. |
Format
authenticationType
Path: authenticationDetails.authenticationType
Type of authentication that has been applied.
Possible values
| Value | Description |
|---|---|
| FRICTIONLESS | Authentication in Frictionless mode, i.e. transparent for the Buyer. |
| CHALLENGE | Authentication with a Challenge, the Buyer had to explicitly authenticate him/herself via the ACS. |
| DATA_ONLY | Authentication processed by the DS without client interaction |
Format
status
Path: authenticationDetails.status
Authentication status, i.e. the positive/negative outcome of the authentication.
Possible values
| Value | Description |
|---|---|
| ATTEMPT | Proof of authentication attempt when authentication is not available. |
| ENROLLED_UNAVAILABLE | Unable to assess the enrollment status. |
| FAILED | Authentication error. |
| NOT_ENROLLED | Card not enrolled. |
| SUCCESS | Successful authentication. |
| UNAVAILABLE | The authentication could not be completed (technical error, etc.). |
| DISABLED | Disabled authentication. The exemption field becomes mandatory. |
Format
commerceIndicator
Path: authenticationDetails.commerceIndicator
Commerce Indicator, or ECI (Electronic Commerce Indicator) for the 3DS protocol. Indicator returned by the ACS to report the results of cardholder's authentication attempt.
In case of authentication without payment (e.g. in case of card registration) MasterCard can return the following 2 values:
| VALUE | DESCRIPTION |
|---|---|
| N0 | Not authenticated |
| N2 | Authenticated |
Format
authenticationValue
Path: authenticationDetails.authenticationValue
Final authentication value (depending on the DS this value can be called CAVV, AEVV or AAV). Character string encoded in base64 with a size of 28 characters.
Format
dsScore
Path: authenticationDetails.dsScore
Authentication score indicated by the DS.
Format
authValueAlgorithm
Path: authenticationDetails.authValueAlgorithm
Algorithm used to calculate the authenticationValue field. This field is mandatory in 3D Secure V2 CB as well as in 3D Secure V1 with an authentication value (non-zero CAVV).
Format
requestorName
Path: authenticationDetails.requestorName
RequestorName used during the initial authentication. Usually this field is the name of the merchant.
Format
dsTransID
Path: authenticationDetails.dsTransID
DS transaction ID.
Format
acsTransID
Path: authenticationDetails.acsTransID
ACS transaction ID.
Format
xid
Path: authenticationDetails.xid
Unique transaction ID.(Required in 3D Secure V1).
Format
exemption
Path: authenticationDetails.exemption
Indicates the reason for the lack of strong authentication (Required in case of DISABLED status, or in case of FRICTIONLESS authentication).
Possible values
| values | Description |
|---|---|
| LOW_VALUE | Low value transaction (e.g.: amount less than 30€ in Europe) |
| ACQUIRER_TRA | Prior risk analysis carried out by the buyer |
| ISSUER_TRA | Prior risk analysis carried out by the issuer |
| LOW_RISK_MERCHANT | Merchant enrolled in the LOW RISK MERCHANT CB program |
| OUT_OF_SCOPE | Authentication not required as it is outside the RTS SCA scope |
| DELEGATED_SCA | Strong authentication delegated to a third party. |
| FIXED_RECURRING_PAYMENT | Recurring payment with a fixed amount and term |
| TRUSTED_BENEFICIARY | Trusted beneficiary |
| AUTOMATIC_PAYMENT_MACHINES | Payment terminal |
| CORPORATE | Secure payment procedure for companies |
| OTHER_EXEMPTION | Other use cases exempt from authentication |
| TECHNICAL_ERROR | Technical problem rendering authentication impossible |
Format
challengeCancelationIndicator
Path: authenticationDetails.challengeCancelationIndicator
Challenge cancellation indicator received in the RReq. (Value returned by the DS in case of authentication cancellation).
Format
transactionStatusReason
Path: authenticationDetails.transactionStatusReason
Indicates the reason for the authentication failure. (Value returned by the DS in case of authentication failure).
Format
name
Path: instructionResult.name
Instruction name.
Possible values
| Value | Description |
|---|---|
| CHALLENGE | Challenge Instruction that allows interactive user authentication via the ACS. |
| FINGERPRINT | Fingerprint Instruction that allows to identify the user via the ACS. |
Format
value
Path: instructionResult.value
Result as a JWT string, or a plain text error code in case of an error ( timeout for example).
Format
challengePreference
Path: instructionResult.protocol.challengePreference
Indicates whether or not the Merchant has requested a challenge.
Possible values
| Value | 3DS1 card | 3DS2 card | |
|---|---|---|---|
| NO_PREFERENCE | Forced 3DS1 authentication. | The choice of preference is delegated to the card issuer. | |
| NO_CHALLENGE_REQUESTED | Disabled 3DS1 authentication. | Allows you to request authentication without interaction (frictionless). | |
| CHALLENGE_REQUESTED | Forced 3DS1 authentication. | Allows you to request strong authentication for the transaction. | |
| CHALLENGE_MANDATED | Forced 3DS1 authentication. | Allows to indicate that, for regulatory reasons, strong authentication is required for the transaction. | |
| DATA_ONLY | Disabled 3DS1 authentication. | Allows you to request authentication without interaction, processed by the DS instead of the ACS of the issuing bank. The transaction cannot benefit from the liability shift The authentication will be disabled if the network does not support this feature. The PCI/Charge/Authenticate service returns an INT_808 error code if the field transactionCategory is not valued at PAYMENT. |
Format
name
Path: instructionResult.protocol.name
Name of the protocol used by the cardholder authentication services.
Possible values
| Value | Description |
|---|---|
| THREEDS | 3D Secure protocol |
Format
network
Path: instructionResult.protocol.network
Name of the network recommended by the Merchant in case of multi-brand cards (e.g.: CB and VISA within the same card).
Possible values
| Value | Description |
|---|---|
| AMEX | American Express network (SafeKey) |
| CB | Bank Card Network |
| MASTERCARD | MasterCard network |
| VISA | Visa network |
| ELO | Elo network (Brazil) |
| DINERS | Diners network |
| DISCOVER | Discover network |
| OSB | Network OSB |
Format
simulation
Path: instructionResult.protocol.simulation
Boolean indicating if the authentication must be carried out in simulation mode. Simulation mode allows to perform merchant integration without being in production or using a real card.
Format
version
Path: instructionResult.protocol.version
Version of the protocol used by the cardholder authentication services.
Currently supported versions
| Value | Description |
|---|---|
| 1.0.2 | Version 1.0.2 |
| 2.1.0 | Version 2.1.0 |
Format
operationSessionId
Unique identifier of the authentication, in UUID format.
It is not defined upon the first call.
The operationSessionId is returned as a result of a payment request that requires authentication of the bearer. It must be passed on to subsequent calls.
Format
companyType
Path: subMerchantDetails.companyType
Company type of the sub-merchant.Transmitted by the payment facilitator.
Format
legalNumber
Path: subMerchantDetails.legalNumber
Legal identifier of the sub-merchant.Transmitted by the payment facilitator.
Format
name
Path: subMerchantDetails.name
Business name of the sub-merchant.Transmitted by the payment facilitator.
Format
url
Path: subMerchantDetails.url
URL of the sub-merchant.Transmitted by the payment facilitator.
Format
phoneNumber
Path: subMerchantDetails.phoneNumber
Telephone number of the sub-merchant.Transmitted by the payment facilitator.
Format
address1
Path: subMerchantDetails.address1
Address of the sub-merchant.Transmitted by the payment facilitator.
Format
address2
Path: subMerchantDetails.address2
Addition of the sub-merchant's address. Transmitted by the payment facilitator.
Format
zip
Path: subMerchantDetails.zip
Zip code of the sub-merchant.Transmitted by the payment facilitator.
Format
city
Path: subMerchantDetails.city
City of the sub-merchant.Transmitted by the payment facilitator.
Format
country
Path: subMerchantDetails.country
Country code of the sub-merchant address (ISO 3166 alpha-2 standard). Transmitted by the payment facilitator.
Format
mcc
Path: subMerchantDetails.mcc
MCC code of the sub-merchant.Transmitted by the payment facilitator.
Format
mid
Path: subMerchantDetails.mid
Contract number (MID) of the sub-merchant.Transmitted by the payment facilitator.
Format
softDescriptor
Path: subMerchantDetails.softDescriptor
Label (Soft-descriptor) of the sub-merchant that appears on the buyer's bank statement. Transmitted by the payment facilitator.
Format
Response reference
Several responses are possible, depending on the context:
| Response | Context |
|---|---|
| Payment | Object containing the generated transaction. This object is directly returned during a single payment by token. |
| AuthenticationResponseData | Object returned if 3DS authentication is required. |
See response references for more information.