Professional Documents
Culture Documents
Categories Data Level Xipay Field Name Xipay Field Type: Notes
Categories Data Level Xipay Field Name Xipay Field Type: Notes
Notes:
Same Field data, logic for all card
types for Worldpay
Mastercard 3DS
MasterCard SecureCode (O) Transaction Level TR_ECOMM_3DSVERSION InfoItem
Visa 3DS
Verified by Visa (O) Transaction Level TR_ECOMM_3DSVERSION InfoItem
Amex 3DS
American Express SafeKey (O) Transaction Level TR_ECOMM_3DSVERSION InfoItem
Discover
Discover Protect Buy (O) Transaction Level TR_ECOMM_3DSVERSION InfoItem
JCB
JCB J/Secure (O) Transaction Level TR_ECOMM_3DSVERSION InfoItem
This field is used the identify the 3D secure protocol version used for 10
authentication, example: '1.0.2', '2.1.0'.
The raw ECI data from payer authentication, if you received any for the 255
transaction.
Payer authentication response status received in response to the consumer's 3D 255
secure authentication attempt.
Cardholder authentication verification value (CAVV). 255
Defines the Verified by Visa Transaction Id. 255
Directory Server Transaction ID 36
Generated by the Directory Server during authentication and passed back to the
merchant with the authentication results.
This field is used the identify the 3D secure protocol version used for 10
authentication, example: '1.0.2', '2.1.0'.
The raw ECI data from payer authentication, if you received any for the 255
transaction.
Payer authentication response status received in response to the consumer's 3D 255
secure authentication attempt.
Cardholder authentication verification value (CAVV). 255
Defines the Verified by Visa Transaction Id. 255
Directory Server Transaction ID 36
Generated by the Directory Server during authentication and passed back to the
merchant with the authentication results.
This field is used the identify the 3D secure protocol version used for 10
authentication, example: '1.0.2', '2.1.0'.
The raw ECI data from payer authentication, if you received any for the 255
transaction.
Payer authentication response status received in response to the consumer's 3D 255
secure authentication attempt.
Cardholder authentication verification value (CAVV). 255
Defines the Verified by Visa Transaction Id. 255
Directory Server Transaction ID 36
Generated by the Directory Server during authentication and passed back to the
merchant with the authentication results.
This field is used the identify the 3D secure protocol version used for 10
authentication, example: '1.0.2', '2.1.0'.
The raw ECI data from payer authentication, if you received any for the 255
transaction.
Payer authentication response status received in response to the consumer's 3D 255
secure authentication attempt.
Cardholder authentication verification value (CAVV). 255
Defines the Verified by Visa Transaction Id. 255
Directory Server Transaction ID 36
Generated by the Directory Server during authentication and passed back to the
merchant with the authentication results.
This field is used the identify the 3D secure protocol version used for 10
authentication, example: '1.0.2', '2.1.0'.
The raw ECI data from payer authentication, if you received any for the 255
transaction.
Payer authentication response status received in response to the consumer's 3D 255
secure authentication attempt.
Cardholder authentication verification value (CAVV). 255
Defines the Verified by Visa Transaction Id. 255
Directory Server Transaction ID 36
Generated by the Directory Server during authentication and passed back to the
merchant with the authentication results.
Data Type Merchant(ROC) Integrator Notes
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Processor Record Name
XiPay
Categories Processor Field Name Data Level XiPay Field Name
Field Type
Notes:
For Visa 3DS2, duplicate Cavv value in TR_ECOMM_VBVXID field, if TR_ECOMM_3DSECUREIND='vbv' (success)
For Mastercard 3DS2, TR_ECOMM_MCSCUCAFIND is not returned, populate numeric value of eciFlag - 1 or 2
TR_ECOMM_3DSVERSION listed below for MC only, but recommended on all card types
Amex 3DS
American Express SafeKey (O) ccAuthService_cavv Transaction TR_ECOMM_VBVCAVV InfoItem
Level
JCB 3DS
Mastercard 3DS
Visa
Verified by Visa (O) ccAuthService_cavv Transaction TR_ECOMM_VBVCAVV InfoItem
Level
Verified by Visa (O) ccAuthService_cavvAlgorithm Transaction TR_ECOMM_ALGORITHM InfoItem
Level
Verified by Visa (O) ccAuthService_eciRaw Transaction TR_ECOMM_IND InfoItem
Level
Cavv Do not send 3DS Yes Yes Cardholder authentication verification value
fields (CAVV).
Cavv Do not send 3DS Yes Yes Cardholder authentication verification value
fields (CAVV).
CavvAlgorithm Do not send 3DS No No Algorithm used to generate the CAVV for
fields Verified by Visa or the UCAF authentication
data for MasterCard SecureCode.
EciFlag Do not send 3DS Yes Yes The raw ECI data from payer authentication, if
fields you received any for the transaction. Your
processor might require this information to
guarantee chargeback protection. Contact
your processor for information about their
requirements. If you are using the
CyberSource Payer Authentication Services,
use the value that you received from the payer
authentication validation in the
payerAuthValidateReply_eciRaw reply field.
PAResStatus Do not send 3DS Yes Yes Payer authentication response status.
fields
--For Atos: Required for a successful Verified
by Visa transaction
--For the Asia, Middle East, and Africa
Gateway:
Required unless all of the following are true:
-You are requesting the payer
authentication and the authorization in
separate requests.
-This is a successful or attempted Verified
by Visa transaction
-The card is not enrolled, which is indicated
when the VERes enrolled status is not Y.
For JCB, Do not send 3DS Yes Yes This field can contain one of the following
js - if eciFlag '05' fields values:
success • spa: MasterCard SecureCode transaction. If
js_attempted - if selected, then ucaf_collectionIndicator is
eciFlag '06' required. If authentication is successful,
attempt ucaf_authenticationData is also required, and
AuthService_xid is optional.
• spa_failure: MasterCard SecureCode
authentication failed. Currently available for
use only with the Streamline processor.
• vbv: Successful Verified by Visa transaction.
If selected, then ccAuthService_cavv and
ccAuthService_xid are required.
• vbv_attempted: Verified by Visa transaction
was attempted but not authenticated. If
selected, then ccAuthService_cavv is required
and ccAuthService_xid is optional.
• vbv_failure: Verified by Visa authentication
failed. Currently available for use only with the
Streamline processor.
• js: Successful JCB J/Secure transaction.
• js_attempted: JCB J/Secure transaction was
attempted but not authenticated.
• aesk: Successful AESK transaction
• aesk_attempted: AESK transaction was
attempted but not authenticated.
ThreeDSVersion Do not send 3DS Yes Yes Version of 3D Secure that was used to process
fields the Mastercard Identity Check transaction.
- Always required.
- Examples: 1.0.2 or 2.0.0
Cavv Do not send 3DS Yes Yes UCAF Authentication Data—Authentication data
fields for the universal cardholder authentication
field.
DsTransctionID Do not send 3DS No (N/A not Yes Transaction ID generated by the Mastercard
fields returned for directory server during authentication.
3DS1) - Required for Mastercard Identity Check 2.0
transactions.
CavvAlgorithm Do not send 3DS Yes No (N/A for 3DS2) Algorithm used to generate the CAVV for
fields Verified by Visa or the UCAF authentication
data for MasterCard SecureCode.
EciFlag Do not send 3DS Yes Yes The raw ECI data from payer authentication, if
fields you received any for the transaction. Your
processor might require this information to
guarantee chargeback protection. Contact
your processor for information about their
requirements. If you are using the
CyberSource Payer Authentication Services,
use the value that you received from the payer
authentication validation in the
payerAuthValidateReply_eciRaw reply field.
PAResStatus Do not send 3DS Yes Yes Payer authentication response status.
fields
--For Atos: Required for a successful Verified
by Visa transaction
--For the Asia, Middle East, and Africa
Gateway:
Required unless all of the following are true:
-You are requesting the payer
authentication and the authorization in
separate requests.
-This is a successful or attempted Verified
by Visa transaction
-The card is not enrolled, which is indicated
when the VERes enrolled status is not Y.
Xid Do not send 3DS Yes No (N/A for 3DS2) XID—Transaction identifier. Must be 28-
fields character
base64 or 40-character hex binary.
For 3DS1, Do not send 3DS Yes Yes (not returned UCAF Collection Indicator—Collection indicator
UCAFIndicator fields from Cardinal for for
For 3DS2, 3DS2, but expected for the universal cardholder authentication
use numeric in payload to field.
value of eciFlag - CyberSource. Use
1 or 2 numeric value of This field can contain one of the following
eciFlag. '01' - 1 values:
'02 - 2 • 0: UCAF collection is not supported at your
Web site.
• 1: UCAF collection is supported at your web
site and UCAF might have been populated
• 2: UCAF collection is supported, and UCAF
was populated. Successful MasterCard
SecureCode transaction.
For MC, Do not send 3DS Yes Yes This field can contain one of the following
spa- if eciFlag fields values:
'02' success • spa: MasterCard SecureCode transaction. If
selected, then ucaf_collectionIndicator is
spa_attempted - required. If authentication is successful,
if eciFlag '01' ucaf_authenticationData is also required, and
attempt AuthService_xid is optional.
• spa_failure: MasterCard SecureCode
authentication failed. Currently available for
use only with the Streamline processor.
• vbv: Successful Verified by Visa transaction.
If selected, then ccAuthService_cavv and
ccAuthService_xid are required.
• vbv_attempted: Verified by Visa transaction
was attempted but not authenticated. If
selected, then ccAuthService_cavv is required
and ccAuthService_xid is optional.
• vbv_failure: Verified by Visa authentication
failed. Currently available for use only with the
Streamline processor.
• js: Successful JCB J/Secure transaction.
• js_attempted: JCB J/Secure transaction was
attempted but not authenticated.
• aesk: Successful AESK transaction
• aesk_attempted: AESK transaction was
attempted but not authenticated.
Cavv Do not send 3DS Yes Yes Cardholder authentication verification value
fields (CAVV).
CavvAlgorithm Do not send 3DS No No Algorithm used to generate the CAVV for
fields Verified by Visa or the UCAF authentication
data for MasterCard SecureCode.
EciFlag Do not send 3DS Yes Yes The raw ECI data from payer authentication, if
fields you received any for the transaction. Your
processor might require this information to
guarantee chargeback protection. Contact
your processor for information about their
requirements. If you are using the
CyberSource Payer Authentication Services,
use the value that you received from the payer
authentication validation in the
payerAuthValidateReply_eciRaw reply field.
PAResStatus Do not send 3DS Yes Yes Payer authentication response status.
fields
--For Atos: Required for a successful Verified
by Visa transaction
--For the Asia, Middle East, and Africa
Gateway:
Required unless all of the following are true:
-You are requesting the payer
authentication and the authorization in
separate requests.
-This is a successful or attempted Verified
by Visa transaction
-The card is not enrolled, which is indicated
when the VERes enrolled status is not Y.
For Visa, Do not send 3DS Yes Yes This field can contain one of the following
vbv- if eciFlag fields values:
'05' success • spa: MasterCard SecureCode transaction. If
selected, then ucaf_collectionIndicator is
vbv_attempted - required. If authentication is successful,
if eciFlag '06' ucaf_authenticationData is also required, and
attempt AuthService_xid is optional.
• spa_failure: MasterCard SecureCode
authentication failed. Currently available for
use only with the Streamline processor.
• vbv: Successful Verified by Visa transaction.
If selected, then ccAuthService_cavv and
ccAuthService_xid are required.
• vbv_attempted: Verified by Visa transaction
was attempted but not authenticated. If
selected, then ccAuthService_cavv is required
and ccAuthService_xid is optional.
• vbv_failure: Verified by Visa authentication
failed. Currently available for use only with the
Streamline processor.
• js: Successful JCB J/Secure transaction.
• js_attempted: JCB J/Secure transaction was
attempted but not authenticated.
• aesk: Successful AESK transaction
• aesk_attempted: AESK transaction was
attempted but not authenticated.
Processor
Field Merchant(
Default Data Type Integrator Notes Record
Length ROC)
Name
40 Alphanumeri Conditional
c
40 Alphanumeri Conditional
c
13 Alphanumeri Conditional Required for :
c - Verified by Visa
- JCB J/Secure
- MasterCard
SecureCode
- American Express
Safekey
40 Alphanumeri Conditional
c
1 Alphanumeri Conditional --Used only for Atos.
c --Required when you
include the CAVV in
your
request.
--You must not include
the CAVV algorithm
value in
your request if the
CAVV is not included in
your
request or if you are
not using Atos.
--Possible values:
0: HMAC (hash-based
message
authentication code)
1: CVV
2: CVV with ATN
3: MasterCard SPA
(secure payment
algorithm)
2 Alphanumeri Conditional
c
5 Alphanumeri Conditional
c
32 Alphanumeri Conditional
c
36 Alphanumeri Conditional
c
1 Alphanumeri Conditional --Used only for Atos.
c --Required when you
include the CAVV in
your
request.
--You must not include
the CAVV algorithm
value in
your request if the
CAVV is not included in
your
request or if you are
not using Atos.
--Possible values:
0: HMAC (hash-based
message
authentication code)
1: CVV
2: CVV with ATN
3: MasterCard SPA
(secure payment
algorithm)
2 Alphanumeri Conditional
c
40 Alphanumeri Conditional
c
1 Alphanumeri Conditional
c
13 Alphanumeri Conditional Required for :
c - Verified by Visa
- JCB J/Secure
- MasterCard
SecureCode
- American Express
Safekey
40 Alphanumeri Conditional
c
1 Alphanumeri Conditional --Used only for Atos.
c --Required when you
include the CAVV in
your
request.
--You must not include
the CAVV algorithm
value in
your request if the
CAVV is not included in
your
request or if you are
not using Atos.
--Possible values:
0: HMAC (hash-based
message
authentication code)
1: CVV
2: CVV with ATN
3: MasterCard SPA
(secure payment
algorithm)
2 Alphanumeri Conditional
c
Notes:
TR_TRANS_TYPE (ecom override, needs to be updated if success or attempt for 3DS, otherwise 7).
TR_ECOMM_3DSVERSION listed below for MC only, but recommended on all card types
Mastercard 3DS
MasterCard SecureCode (R) Program Protocol Transaction Level TR_ECOMM_3DSVERSION
Visa 3DS
Verified by Visa (R) Cardholder Authentication Transaction Level TR_ECOMM_VBVCAVV
Verification Value (CAVV)
Config TR_TRANS_TYPE (override for Yes (7, if not 3DS Yes (5 or 6 based Yes (5 or 6 based
ECOM transactions) success/attempted, eci on EciFlag, 02 or on EciFlag, 02 or
flag=00, 07 or not present) 05=5 and 01 or 05=5 and 01 or
06=6) 06=6)
InfoItem ThreeDSVersion ( 1 or 2, not full Do not send 3DS fields Yes Yes
version)
InfoItem EciFlag (numeric value, 1 char. Do not send 3DS fields Yes Yes
only, i.e 1, 2, etc.)
InfoItem Xid Do not send 3DS fields Yes No, (N/A for
3DS2)
Merchant(
Overrides Description Default Field Length Data Type
ROC)
Allowed values:
R - Retail indicator -
designates a transaction
where the cardholder was
present at a merchant
location.
1 - MOTO indicator - Single
transaction mail/telephone
order. Designates a
transactions where the
cardholder is not present
at a merchant location and
consummates the sale via
the phone or through the
mail.
5 - ECI indicator - Secure
Electronic Commerce
Transaction: designates a
transaction consummated
via the Internet at a 3-D
Secure capable and the
cardholder is fully
authenticated (e.g. 3-D
Secure includes Verified by
Visa and MasterCard
SecureCode)
6- ECI Indicator - Non-
Authenticated Electronic
Commerce Transaction:
designates a transaction
consummated via the
Internet at a 3-D Secure
capable merchant that
attempted to authenticate
the cardholder using 3-D
Secure. (e.g. 3-D Secure
includes Verified by Visa
and MasterCard
SecureCode) Attempts
occur with Verified by Visa
and MasterCard
Version of 3D Secure that was used This field is used the 1
to process the Mastercard Identity identify the 3D secure
Check transaction. protocol version used for
- Always required. authentication.
- Examples: 1.0.2 or 2.0.0
'1' = 3DS 1.0
'2' = 3DS 2.0
UCAF Authentication Data— Indicates merchant 1
Authentication data for the support of the Universal
universal cardholder authentication Cardholder Authentication
field. Field (UCAF).
Valid Values:
0 – Merchant does not
support or opted not to
send UCAF
1 – Attempted
authentication data
present
2 – Full authentication data
present 3 – Static
authentication data
present 4 – Not
authenticated, Data Only
call.
5 – Issuer Risk Based
Decisioning
6 – Merchant Risk Based
Decisioning or Merchant
MDES token
7 – Partial Shipment or
Recurring Payment
Alphanumeric Optional
Alphanumeric Conditional
Numeric Conditional
Alphanumeric Conditional
Alphanumeric Conditional
Visa
Authenticati
on Format
Indicator