Verified by Visa and MasterCard SecureCode Request Fields
This chapter describes the fields that can be included in Verified by Visa (VbV) or Mastercard SecureCode transaction requests for an additional layer of payment security.
CAVV_RESP
The CAVV_RESP field contains the response returned by the authentication agent. Refer to the table below for additional information about possible values for this field.
- Variable Type: Numeric
- Max Length: 1
Example:
CAVV_RESP Values
CAVV_RESP Values
| CAVV_ RESP | Request Card Type | Condition |
|---|---|---|
| 0 | MasterCard | Used when UCAF data collection is not supported by the merchant. |
| 1 | MasterCard | Used when UCAF data collection is supported by the merchant, but was not populated. |
| 2 | MasterCard | Used when UCAF data collection is supported by the merchant and the CAVV_UCAF field is populated. |
| 5 | Visa | Used when submitting a secure ecommerce transaction. |
| 6 | Visa | Used when submitting a non-authenticated security transaction at a 3-D Secure-capable merchant, and sthe merchant attempted to authenticate the cardholder data using 3-D Secure. |
| 7 | Visa | Used when submitting a non-authenticated security transaction. |
| 8 | Visa | Used when submitting a non-secure transaction. |
| 9 | Visa | For optional regional use only. |
CAVV_UCAF
The CAVV_UCAF field contains the UCAF string returned by the authentication agent and can contain up to 81 characters.
When sending a MasterCard request, if the values of 0 or 1 are submitted in the CAVV_RESP field, the CAVV_UCAF field is not required; however if the value of CAVV_RESP is 2, the UCAF data string is required in Base64 format.
When sending a Visa request, if the string length is 28 it will be considered to be in Base64 format; if the string length is 40 it will be considered to be in HEX format; if its length is not equal to 28 or 40 it will not be included in the authorization request.
The optional XID can be in BASE64 or HEX (40) representation. If present, place a “|” (vertical bar) after the CAVV_UCAF and then append the XID value.
- Variable Type: Alphanumeric
- Max Length: 81
Example (HEX):
Example (Base64):
DIRECTORY_SERVER_TRAN_ID
The DIRECTORY_SERVER_TRAN_ID field contains the MasterCard Directory Server Transaction ID and can contain up to 36 characters. This is required for MasterCard 3DS version 2 transctions.
The Directory Server Transaction ID is a Universally Unique Transaction ID which can be provided by the processors/acquirers as part of the authentication transaction and is required to be sent with the transaction if the authentication agent provides it in the response.
- Variable Type: Alphanumeric
- Max Length: 36
Example:
TDS_VER
The TDS_VER field contains the 3DS version of the authentication agent. This field is required for the use of 3DS version 2. The table below contains the possible values for this field.
- Variable Type: Numeric
- Max Length: 2
Example:
TDS_VER Values
| TDS_VER | Condition |
|---|---|
| 2 | 3DS Version 2 |
TOKEN_TRAN_IDENT
The TOKEN_TRAN_IDENT is the Token Transaction Identifier and is required to be sent with the transaction if returned by the authentication agent or token provider.
A 44-byte base64 value will be sent for MasterCard BIN ranges.
A 64-byte base64 value will be sent for Visa BIN ranges, Hex is 128
- Variable Type: Alphanumeric
- Max Length: 128
Example (Base64):