addressId

(Conditional) The address identifier in the SRC system.

Format: Universally Unique Identifier (UUID)

name

(Conditional) The recipient name for the address, if known. Required when known to the SRC system for this address

Format: Alphanumeric; maximum 140 characters

line1

(Conditional) Line 1 of the address. Required if this is a shipping address in a valid format for the country.

Format: Maximum 140 characters. Alphanumeric

line2

(Optional) Line 2 of the address.

Format: Maximum 140 characters. Alphanumeric

line3

(Optional) Line 3 of the address.

Format: Maximum 140 characters. Alphanumeric

city

(Conditional) The city associated with the address. Required if this is a shipping address in a valid format for the country.

Format: Alphanumeric, maximum 100 characters.

state

(Conditional) The state associated with the address. Required if this is a shipping address in a valid format for the country.

Format: String

zip

(Conditional) The zip code associated with the address. Required if this is a shipping address in a valid format for the country and has a postal code or zip code.

Format: Alphabetic, numeric; 3–16 characters.

countryCode

(Required) The country code associated with the address.

Format: ISO-3166-1 alpha-2 standard code

Example: AU - Australia

srcDigitalCardId

(Conditional) ID of the selected card.

Required if consumerIdentity is not present.

Format: String

consumerIdentity

(Conditional) Primary verifiable consumer identifier within an SRC Profile; for example, an email address.

Required if srcDigitalCardId is not present.

Note: Mobile phone numbers are not supported.

Format: A consumerIdentity structure

verificationData

(Required) Set of verification data structures relating to distinct types of assurance.

Format: List of VerificationData structures.

eci

(Optional) If present, a value indicating the result of the authenti­ cation performed or attempted during a transaction. Use this value in the e-commerce authorization message to VisaNet.

Format: String; maximum 2 digits. It is one of the following values:

• 05 – Successful authentication
• 06 – Authentication attempted
• 07 – Authentication not performed

authenticationReasons

(Required) SRCi-provided authentication reasons used by the SRC System to perform authentication.

Format: They are one or more of the following enumerated values:

• TRANSACTION_AUTHENTICATION
• NOT_PREFERRED

srciDpaId

(Conditional) DPA identifier, which is generated by the SRC system during DPA registration. Either srciDpaId or a dpaData structure must be provided when authenticationReasons is TRANSACTION_AUTHENTICATION.

Format: String, 64 bytes

dpaData

(Conditional) DPA registration data.

Format: A DpaData structure.

dpaTransactionOptions

(Optional) DPA configuration data, which overrides the configu­ ration on the SRC system that was created during DPA registration.

Ignored if supplied in the init call or elsewhere in the checkout

call.

Format: DpaTransactionOptions structure

acquirerMerchantId

(Required) Acquirer-assigned Merchant identifier. Value must be provided to perform transaction authentication by the SRC System.

Format: String

acquirerBIN

(Required) Acquirer identification code as assigned by the Directory Server. Value must be provided to perform transaction authenti­ cation by the SRC System.

Format: String

merchantName

(Required) Merchant name assigned by the Acquirer or Payment System. Value must be provided to perform transaction authenti­ cation by the SRC System.

Format: String

authenticationMethodType

(Required) SRCi to indicate for a particular transaction if Click to Pay needs to perform managed authentication or not.

Format: It is one of the following values:

• SMS_OTP
• EMAIL_OTP
• 3DS
• APP_AUTHENTICATION
• MANAGED_AUTHENTICATION (Deprecated)

authenticationSubject

(Optional) Authentication subject. This should be set to

CARDHOLDER.

Format: It is one of the following values:

• CARDHOLDER
• CONSUMER
• CARD

uriData

(Optional) URI associated with the authentication method, if available.

Format: A UriData structure

authenticationCredentialReference

(Optional) Authentication credential reference, which may be provided by the identity provider once an authentication is initiated to qualify the nature of the authentication method. For example, SMS_OTP may use the masked mobile number "***-***-1234", which can be displayed to the Consumer to aid method selection.

Format: String

methodAttributes

(Optional) Attributes related to the authentication method; see "Method Attributes."

Format: JSON object

authenticationMethods

(Optional) SRCIs may provide their preferences related to an authentication method so that SRC system can facilitate authentication. 

For e.g. SRCI preferred value for Challenge indicator may be passed here. 

Format: List of AuthenticationMethod structures

payloadRequested

(Optional) Whether the SRCi or merchant prefers an authenticated payload.

Format: It is one of the following values:

• AUTHENTICATED
• NON_AUTHENTICATED

primaryAccountNumber

(Required) The account number of the card to be enrolled and provisioned.

Format: Numeric

panExpirationMonth

(Required) The account number expiration month.

Format: Numeric, 2 digits, MM

panExpirationYear

(Required) The account number expiration year.

Format: Numeric, 4 digits, YYYY

cardSecurityCode

(Conditional) The card security code (CVV2) value associated with the account number on the card, if available. Required for those cards that a card security code.

Format: Numeric, 3-4 digits

cardholderFullName

(Conditional) The full name of the cardholder on the card. Required if the billingAddress name field or the cardHolderFirstName and cardHolderLastName are not passed.

Format: String

cardholderFirstName

(Optional) The first name of the cardholder.

Format: String

cardholderLastName

(Optional) The last name of the cardholder.

Format: String

billingAddress

(Optional) Billing address.

Format: An address structure.

paymentAccountReference

(Conditional) The Payment Account Reference (PAR) associated with the cardholder account that uniquely identifies the account to which the payment card is associated.

Format: String

complianceResources

(Conditional) One or more compliance resources, which consists of a single compliance type and URI. Required when complianceSettings is specified.

Format: Array of complianceType and uri pairs.

complianceType

(Required) Compliance type.

Format: String. It is one of the following values:

• TERMS_AND_CONDITIONS
• PRIVACY_POLICY
• REMEMBER_ME

uri

(Required) Uniform Resource Identifier (URI), a valid web address or URL

Format: String of characters; maximum 1024 characters

firstName

(Optional) Consumer’s first name.

Format: String; maximum 30 characters

lastName

(Optional) Consumer’s last name.

Format: Alphanumeric; between 2–80 characters

fullName

(Optional) Consumer’s full name.

Format: Alphanumeric; between 2–80 characters

mobileNumber

(Optional) Consumer's phone number.

Format: PhoneNumber structure

countryCode

(Optional) The country code associated with the address.

Format: ISO-3166-1 alpha-2 standard code

Example: AU - Australia

languageCode

(Optional) Consumer's locale.

Format: Locale, based on ISO format for language (ISO 639-1) and alpha-2 country code (ISO 3166-1 alpha-2). The language and country should be separated using a (_).

Example: en_US

consumerIdentity

(Optional) Primary verifiable consumer identifier within an SRC Profile; for example, an email address.

Note: Mobile phone numbers are not supported.

Format: A consumerIdentity structure

nationalIdentifier

(Optional) Geographic­specific, nationally-provided identifier for the Consumer.

Format: String; max. 20 characters

identityProvider

(Optional) The Identity provider. The default value is SRC

Format: String

identityValue

(Required) Value of the consumer identity, which is used to locate information within the SRC profile.

Note: Only an email address is supported.

Format: String

Example: [email protected]

identityType

(Required) The type of the consumer identity. It is one of the following values:

• EMAIL_ADDRESS

Format: String

checkoutEventType

(Optional) Event type associated with the update.

Format: It is one of the following values:

• 01 - Authorize
• 02 - Capture
• 03 - Refund
• 04 - Cancel
• 05 - Fraud
• 06 - Chargeback
• 07 - Other

checkoutEventStatus

(Optional) Event types associated with the order.

Format: It is one of the following values:

• 01 - Created
• 02 - Confirmed
• 03 - Cancelled
• 04 - Fraud Cancelled
• 05 - Other
• 06 – 50 - EMVCo future use
• 51 - 99 - SRC

confirmationStatus

(Optional) Status of the event as provided by the SRCi in the Confir­ mation message.

Format: It is one of the following values:

• 01 - Success
• 02 - Failure
• 03 - Other

confirmationReason

(Optional) Description of the reason for the event associated with the order.

Format: String; maximum 64 characters

confirmationTimestamp

(Optional) Date and time, in coordinated Universal Time, (UTC) of the event completion corresponding to the Confirmation event by the SRCi.

Format: UNIX Epoch timestamp, in milliseconds

networkAuthorizationCode

(Optional) Authorization code associated with an approved transaction.

Format: String; maximum 25 characters

networkTransactionIdentifier

(Optional) Unique authorization-related tracing value assigned by a Payment Network.

Format: String; maximum 25 characters

paymentNetworkReference

(Optional) Transaction identifier as provided by a Payment Network after authorization has been completed.

Format: String; maximum 25 characters

assuranceData

Future

transactionAmount

(Optional) Amount of the transaction. Supplied if 3DS is performed by the SRC system.

Format: TransactionAmount structure

checkoutOrchestrator

(Optional) Checkout orchestrator. Must be "merchant" for Merchant Orchestrated Checkout.

Format: String

customFlowType

(Optional) Flow type indicator for SRC orchestrated flows.

Format: It is one of the following values:

• paymentsetting
• withincheckout

paymentCardTypeSelected

(Optional) Identifies the cardholder selection to process the transaction as either debit or credit at checkout. Applicable only when the card product supports both credit and debit (Combo) options.

Format: It is one of the following values:

• CREDIT
• DEBIT

status

The digital card status any given time in the SRC system.

Format: It is one of the following values:

• ACTIVE

presentationName

Presentation text created by the consumer to enable recognition of the PAN entered into the DCF. This value is unique to the DCF and defined by the consumer.

Format: String; maximum 64 characters

descriptorName

Presentation text defined by the SRC programme that describes the PAN presented as a digital card. This descriptor is the same across all DCFs.

Format: String; maximum 64 characters

artUri

URI of the Art card application. Can be provided by SRC Issuer (SRCPI) .

Format: A valid URI; maximum 100 characters

artHeight

Height of the Art card image, in pixels.

Format: Numeric value between 1 and 4096, inclusive
Example: artHeight: ...

artWidth

Width of the Art card image, in pixels.

Format: Numeric value between 1 and 4096, inclusive
Example: artWidth : ...

pendingEvents

Set of events that are pending completion such as Card Holder Verification, AVS, SCA, Device Binding, etc. Required when the value of status is set to PENDING.

Format: It is an array of one or more of the following strings:

• PENDING_CONSUMER_IDV
• PENDING_CONSUMER_DEVICE_BINDING
• PENDING_CARDHOLDER_AUTHENTICATION

authenticationMethods

Authentication method indicated by the SRCi to the SRC System.
Format: An array of one or more authentication method structures.

uri

Uniform Resource Identifier (URI), a valid web address or URL

Format: String of characters; maximum 256 characters

logoUri

Uniform Resource Identifier (URI) for your company logo. Format: String of characters; maximum 256 characters Example: http://test.com

name

The name on the digital card.

Format: Alphanumeric; maximum 256 characters

srciDpaId

(Conditional) DPA identifier, which is generated by the SRC system during DPA registration. Required if srciDpaId is not provided in the top-level structure of the request body; optional unless you want to specify a display presentation name, the website address, or the preferred 3DS behavior.

Format: String, 64 bytes

dpaPresentationName

(Conditional) Display name of the DPA. Required to facilitate transaction authentication.

Format: String,

Example: Mycompany Online

dpaUri

(Optional) The URI for the website.

Example: http://www.Mycompanyonline.com

dpaThreeDsPreference

Deprecated

(Optional) Contact your Visa representative for information about using this field to receive authentication data.

Format: It is one of the following values:

• ONBEHALF
• SELF
• NONE
• UNKNOWN (default)

dpaLocale

(Optional) DPA’s preferred locale. This can be the same as the locale in the init parameters or can be different.

Format: Based on ISO format for language (ISO 639-1) and alpha-2 country code (ISO 3166-1 alpha-2). The language and country should be separated using an underscore ( _ ).

Example: en_US, fr_CA

dpaAcceptedBillingCountries

(Optional) Billing countries. Payments from the listed billing countries are accepted. If this list is empty, all countries are accepted.

Format: Array of country codes in ISO 3166-1 alpha-2 format

Example: ["US", "CA", "AU"]

dpaAcceptedShippingCountries

(Optional) Shipping countries; shipping region country codes that limit the selection of eligible shipping addresses. If this list is empty, all countries are accepted.

Format: Array of country codes in ISO 3166-1 alpha-2 format

authenticationPreferences

(Conditional) Authentication preferences provided by the SRCi. Required for the SRC system to facilitate authentication.

Format: An authenticationPreferences structure

acquirerBIN

(Conditional) Acquirer BIN. Required for the SRC system to facilitate authentication.

Format: String

merchantName

(Conditional) Merchant name. Required for the SRC system to facilitate authentication.

Format: String

recurringData

(Conditional) The data specific to a recurring transaction. Required for the SRC system to facilitate authentication when the transaction is initiated for a recurring purchase.

Format: A recurringData structure

acquirerMerchantId

(Conditional) Acquirer-assigned Merchant identifier. Required for the SRC system to facilitate authentication.

Format: String

dpaBillingPreference

(Optional) Verbosity of billing address required by the DPA.

Format: It is one of the following values:

• FULL (default)
• POSTAL_COUNTRY
• NONE

dpaShippingPreference

(Optional) Extent to which DPA wants to have shipping address collected. Not required for Merchant Orchestrated Checkout; if passed, it will be changed to NONE.

Format: It is one of the following values:

• FULL (default)
• POSTAL_COUNTRY
• NONE

consumerNameRequested

(Optional) Whether the name of the consumer has been requested.

Format: It is one of the following values:

• true (default)
• false

consumerEmailAddressRequested

(Optional) Whether the email address of the consumer has been requested.

Format: It is one of the following values:

• true (default)
• false

consumerPhoneNumberRequested

(Optional) Whether the Phone number of the consumer has been requested.

Format: It is one of the following values:

• true (default)
• false

consumerNationalIdentifier Requested

(Optional) Whether the Consumer National identifier for the consumer is requested.

Format: It is one of the following values:

• true
• false

paymentOptions

(Optional) Payment options requested by the DPA.

Format: PaymentOptions structure

reviewAction

(Optional) Whether the payment will be processed immediately after selection or after confirmation.

Format: It is one of the following values:

• pay -- proceed after selection
• continue -- proceed after confirmation (default)

checkoutDescription

(Optional) Review message to go with action.

Format: String

transactionType

(Optional) Type of the transaction.

Format: It is one of the following values:

• PURCHASE (default)
• BILL_PAYMENT
• MONEY_TRANSFER

orderType

Deprecated

(Optional) Type of orders.

Format: It is one of the following values:

• REAUTHORIZATION
• RECURRING
• INSTALLMENT

transactionInstruction

Deprecated

(Optional) Transaction instruction.

Format: Enum; it is one of the following values:

• RECURRING_PAYMENTS
• SUBSCRIPTION_SERVICES
• INSTALLMENTS

numberOfPayments

Deprecated

(Conditional) Maximum number of authorizations for installment payments. Required when transactionInstruction is specified.

Format:

purchaseDate

Deprecated

(Conditional) Original purchase date. Required when transactionInstruction is specified.

Format: UNIX Epoch timestamp. The value is in milliseconds.

recurringEndDate

Deprecated

(Conditional) The date after which no further recurring authorizations should be performed. Required when transactionInstruction is specified.

Format: UNIX Epoch timestamp. The value is in milliseconds.

recurringFrequency

Deprecated

(Conditional) Minimum number of days between recurring authorizations. Required when transactionInstruction is specified.

Format: Integer

payloadTypeIndicator

(Optional) The verbosity of payload requested.

Format: Enum, it is one of the following values:

• FULL - includes everything; all PCI & PII data (card/token, billing, shipping, consumer)
• SUMMARY - (default) no JWE. If FULL needed during checkout, SRCi needs to make a request for it explicitly.
• PAYMENT - same as FULL
• NON_PAYMENT - only PII (billing, shipping, consumer). It has both SUMMARY and encryptedPayload without card, token, or dynamicData.
• NONE - just srcCorrelationId (with COMPLETE dcfActionCode)

transactionAmount

(Conditional) Amount of the transaction.

Required for SRC system to facilitate authentication.

Format: TransactionAmount structure

merchantOrderId

(Optional) The order identifier generated by the DPA. Typically used for reconciliation process by the DPA.

Format: Universally Unique Identifier (UUID)

merchantCategoryCode

(Optional) Code associated with Merchant Category

Format: 4-digit string

merchantCountryCode

(Optional) The country code associated with the merchant’s billing or shipping address.

Format: ISO-3166 - 1 alpha-2 standard code

Example: US – United States

threeDsInputData

Deprecated

(Deprecated) If 3DS is requested for the transaction, this attribute is required.

Format: ThreeDSInputData structure

dpaThreeDsPreference

Deprecated

(Deprecated) Do not specify a value here. Set dpaThreeDsPreference in the dpaData structure instead.

authenticatedCredentialRequested

Deprecated

Do not specify a value here. Set the payloadRequested field in the authenticationPreferences structure instead.

SRCi preference to perform authentication and to receive authentication data for the transaction.

Format: It is one of the following values:

• true
• false (default)

customInputData

(Optional) Custom input data elements presented to the SRC System.

Format: CustomInputData structure; see "Custom Input Data."

dynamicDataValue

The value of the dynamic data. Must be provided when dynamicDataType is not NONE.

Format: String

dynamicDataType

Type of dynamic data required in the payload.

Format: It is one of the following values:

• CARD_APPLICATION_CRYPTOGRAM_SHORT_FORM
• CARD_APPLICATION_CRYPTOGRAM_LONG_FORM
• DYNAMIC_CARD_SECURITY_CODE
• CARDHOLDER_AUTHENTICATION_CRYPTOGRAM
• NONE

dynamicDataExpiration

The requested validity period for the dynamic data in Coordinated Universal Time (UTC).

Format: String, 25 characters

Example: Wed Jan 15 23:40:23 GMT 2020

srciTransactionId

(Required) A unique transaction ID created by the SRCi, which may be created on the merchant page. It must be passed through to all networks (SRC systems) and DCFs.

Format: Alphanumeric, maximum 100 characters

srciDpaId

(Conditional) A unique ID provided by the SRCi for the DPA, which can be used as an external client ID.

Required if srciDpaId in dpaData is not provided.

Format: String

srcInitiatorId

(Required) SRCi identifier generated by an SRC system during the onboarding process.

Format: String

dpaData

(Conditional) DPA registration data. Required if srciDpaId is not provided.

Format: DpaData structure

dpaTransactionOptions

(Required) DPA configuration data, which overrides the configu­ ration on the SRC system that was created during DPA registration.

Format: DpaTransactionOptions structure

addressId

The ID associated with the masked address in the SRC system.

Format: String

line1

Line 1 of the masked address in the SRC system. Required for shipping address.

Format: Alphanumeric, Maximum 140 characters. For country specific information, see Visa Checkout Address Formats by Country.

Example: 1** M*** St

line2

Line 2 of the masked address in the SRC system. Required for shipping address.

Format: Alphanumeric, Maximum 140 characters.

line3

Line 3 of the masked address in the SRC system. Required for shipping address.

Format: Alphanumeric, Maximum 140 characters.

city

City name associated with the masked address in the SRC system. The address must have the city name in the valid address format for the country.

Format: Alphanumeric, UTF-8 white space; maximum 100 characters

state

State code associated with the masked address in the SRC system. The address must have the state name in the valid address format for the country.

Must be a valid 2-characters code for US and CA and a valid 3- characters code for AU.

Format: String

Example: VA

zip

The zip code associated with the masked address.

Format: Alphanumeric, maximum 3–16 characters.

countryCode

Country code associated with the masked address in the SRC system.

Format: ISO-3166-1 alpha-2 standard code

Example: US

createTime

Date and time the masked address was created.

Format: String; 25 characters

lastUsedTime

Date and time the masked address was last used.

Format: UNIX Epoch timestamp. The value is in milliseconds.

srcDigitalCardId

A unique ID associated with the digital card. Represent the PAN or payment token.

Format: Universally Unique Identifier (UUID), maximum 36 characters

panBin

The bank ID number associated with the card, the first significant digits of the PAN included in an unmasked form.

Format: Numeric maximum length = PAN length - 10

tokenBinRange

Token's BIN range or subset of the BIN range that has been designated only for the purpose of issuing payment tokens included in an unmasked form.

Format: Numeric; maximum length = payment token length - 10

paymentAccountReference

The Payment Account Reference (PAR) associated with the cardholder account that uniquely identifies the account to which the payment card is associated.

Format: String

panLastFour

Last 4 digits of the PAN included in an unmasked form.

Format: Numeric; maximum 4 digits

tokenLastFour

Last 4 digits of the Payment Token.included in an unmasked form.

Format: Numeric; maximum 4 digits

panExpirationMonth

The month when the account number is set to expire.

Format: Numeric; 2 digits

panExpirationYear

The year when the account number is set to expire.

Format: Numeric; 4 digits

digitalCardData

The metadata about the card, which contains digital card information used in the acceptance environment and in the user interface. This data provides a reference to the actual PAN or Payment token without actually disclosing either.

Digital card data is grouped together based on the following categories:

• Digital card information: data used in request and response messages
• UI/UX presentation data: the data in user interfaces to provide the consumer with a recognizable descriptor
• Digital card art: image that accompanies digital card information for user interface purposes.

Format: DigitalCardData structure

dateOfCardCreated

Timestamp that identifies when this card was enrolled into the SRC system.

Format: UNIX Epoch timestamp. The value is in milliseconds.

maskedBillingAddress

Billing address associated with the card, masked for display purposes.

Format: MaskedAddress structure

dateOfCardLastUsed

Timestamp that identifies when this card was last used for an SRC transaction.

Format: UNIX Epoch timestamp. The value is in milliseconds.

dcf

The Digital card facilitator (DCF) system associated with the card. It is present only when the MaskedCard data structure is used in the checkout or payload response.

Format: DCF structure

paymentCardDescriptor

The card brand, defined within an SRC program.

Format: string, maximum 32 characters

paymentCardType

Indicates whether the card supports both credit and debit options.

Format: It is a list of one or more of the following values:

• COMBO

digitalCardFeatures

Set of Digital Card attributes related to digital card features that should be displayed to the consumer.

Format: DigitalCardFeatures structure

countryCode

Country code of issuance associated with the card issuer’s BIN license.

Format: ISO 3166-1 alpha 2 country code

srcConsumerId

SRC consumer Reference identifier generated by the SRC system.

Format: Universally Unique Identifier (UUID)

countryCode

Country code associated with the masked address of consumer country in the SRC system.

Format: ISO-3166-1 alpha-2 standard code

languageCode

Consumer's locale.

Format: Locale, based on ISO format for language (ISO 639-1) and alpha-2 country code (ISO 3166-1 alpha-2). The language and country should be separated using a (_).

status

Signifies the state of the consumer at any given time at the SRC system.

Format: It is one of the following values:

• ACTIVE
• SUSPENDED
• LOCKED

dateConsumerAdded

Timestamp that identifies when the consumer was added to the SRC system .

Format: UNIX Epoch timestamp. The value is in milliseconds.

maskedConsumerIdentity

Masked value of the primary verifiable consumer Identifier within an SRC profile. For example, an email address or a mobile phone number.

Format: maskedConsumerIdentity structure

maskedEmailAddress

The email address of the consumer.

Note: This field supports internationalization using UTF-8 characters.

Format: A valid email address; maximum 255 characters

maskedFirstName

The first name of the consumer.

Note: getSrcProfile response will not return maskedFirstName.

Format: Alphanumeric; maximum 30 characters

maskedLastName

The last name of the consumer.

Note: getSrcProfile response will not return maskedLastName.

Format: Alphanumeric; maximum 30 characters

maskedFullName

The full name of the consumer.

Note: getSrcProfile response will not return maskedFullName.

Format: Alphanumeric; maximum 60 characters

maskedMobileNumber

The mobile number of the consumer

Note: getSrcProfile response will not return maskedMobileNumber.

Format: PhoneNumber structure

maskedNationalIdentifier

Masked consumer national Identifier

Format: Alphanumeric; maximum 20 characters

complianceSettings

Consumer compliance settings

Format: ComplianceSettings structure

dateConsumerLastUsed

Timestamp that identifies when the consumer last transacted to the SRC system.

Format: UNIX Epoch timestamp. The value is in milliseconds.

identityType

The type of primary consumer Identifier to an SRC Profile.

Format: It is one of the following values:

• EMAIL_ADDRESS
• MOBILE_PHONE_NUMBER

Example: "identityType": "EMAIL_ADDRESS"

maskedIdentityValue

Masked consumer’s email address or mobile phone number.

Example: "maskedIdentityValuee": "xyz**@visa.com"

challengeIndicator

(Optional) A challenge indicator value related to 3DS authentication.

Format: It is one of the following values:

• 01 - No preference
• 02 - No challenge requested
• 03 - Challenge requested (3DS Requestor Preference)
• 04 - Challenge requested (Mandate)
• 05 - No challenge requested (transactional risk analysis is already performed)
• 06 - No challenge requested (Data share only)
• 07 - No challenge requested (strong consumer authentication is already performed)
• 08 - No challenge requested (utilize trust list exemption if no challenge required)
• 09 - Challenge requested (trust list prompt requested if challenge required)

otpValue

(Conditional) One time password; required when authenticationMethodType in the authenticationMethod structure is SMS_OTP or EMAIL_OTP.

Format: String; max. 16 characters

stepUpIdentifier

(Conditional) Step-up identification; required when authenticationMethodType in the authenticationMethod structure is SMS_OTP, EMAIL_OTP, or APP_AUTHENTICATION.

transStatus

Whether a transaction qualifies as an authenticated transaction (for 3DS authentication).

Format: It is one of the following string values:

• "Y"
• "R"
• "C"
• "N"
• "U"
• "A"
• "D"
• "I"

dsTransId

ID assigned by the DS to identify the transaction (for 3DS authenti­ cation).

Format: String; UUID

acsTransId

ID assigned by the ACS to identify the transaction (for 3DS authenti­ cation).

Format: String; UUID

dpaDynamicDataTtlMinutes

(Optional) The minimum requested validity period for the transaction credentials, such as a cryptogram, returned by the SRC system, in minutes.

If this is not provided, the values are determined by the SRCs.

Format: integer

Example: 2

dynamicDataType

(Optional) The dynamic data type.

Format: It is one of the following values:

• CARD_APPLICATION_CRYPTOGRAM_LONG_FORM – Transaction Authentication Verification Value
• DYNAMIC_CARD_SECURITY_CODE – Dynamic Token Verification Value
• TAVV Deprecated – Transaction Authentication Verification Value
• DTVV Deprecated – Dynamic Token Verification Value

dpaPanRequested

(Optional) Whether PAN data is requested.

Format: It is one of the following values:

• true
• false (default)

paymentToken

The tokenized payment instrument.

Format: String; ISO/IEC 7812 format

tokenExpirationMonth

Tokenized payment instrument expiration month.

Format: Numeric, 2 digits; MM

tokenExpirationYear

Tokenized payment instrument expiration year.

Format: Numeric, 4 digits; YYYY

paymentAccountReference

A non-financial reference assigned to each unique PAN and used to link a Payment Account represented by that PAN to affiliated Payment Tokens.

Format: Alphanumeric, maximum 29 characters

countryCode

The country code associated with the consumer phone number.

Format: The E.164 format includes the country code, the local area code, and the local phone number. No spaces: When adding the number as a contact, there should be no spaces. Remove special characters: All spaces, dashes, and parentheses should be removed, and all characters should be numeric. The country code must not include +.

• Min Length = 1
• Max Length = 3

Example: 1

phoneNumber

Phone number without country code.

Format: The E.164 format. No spaces: When adding the number as a contact, there should be no spaces. Remove special characters: All spaces, dashes, and parentheses should be removed, and all characters should be numeric. For some countries e.g. Australia, leading ‘0’ of the local number needs to be removed while converting to E164 e.g. ‘0423 123 456’ becomes ‘61423123456’

• Min Length = 4
• Max Length = 14 with the condition of max length including country code must not exceed 15 digits

recurringAmount

(Conditional) Recurring amount. Required when recurringData is specified in DPA Transaction Options.

Format: Minor units of currency with all punctuation removed.

Example: 12345 for $123.45 in USD.

idToken

A unique identifier associated with the masked token. The ID token is returned only for the consumer recognized by this SRC system.

Format: IdToken in JWT format

maskedCards

Card list of recognized/authenticated consumer.

Format: List of MaskedCard structures

maskedConsumer

Recognized consumer.

Format: MaskedConsumer structure

transactionAmount

(Required) Amount associated with transaction.

Format: Numeric string; maximum 9 digits before an optional decimal point and 4 decimal digits after

transactionCurrencyCode

(Required) Currency code used for the transaction amount.

Format: ISO 4217 alpha-3 currency code

uri

(Required) Specifies the URI for the given authentication method.

Format: String; maximum 2048 characters

uriType

(Required) URI type.

Format: It is one of the following values:

• APP_URI
• WEB_URI

verificationType

(Required) Type of verification data.

Format: It is one of the following values:

• CARDHOLDER

verificationEntity

(Required) Entity performing the verification.

Format: It is one of the following values:

• 01 - SRC Initiator
• 03 – SRCPI

verificationEvents

(Optional) Event causing the verification to occur.

Format: Array that can contain the following values:

• 01 – Payment transaction
• 02 – Add card/Card enrollment
• 03 – SRC Profile access
• 04 – Account verification

verificationMethod

(Required) Method of verification.

Format: It is one of the following values:

• 02 – App-based authentication
• 04 – One-time passcode
• 21 – Visa Token Service step–up: Device binding
• 22 – Visa Token Service step–up: Cardholder verification

verificationResults

(Required) Result of the verification. Format: It is one of the following values:

• 01 – Verified
• 02 – Not Verified
• 03 – Not performed
• 04 – Not required
• 21 – Not allowed

verificationTimestamp

(Required) Date and time in UTC that the verification was conducted.

Format: UNIX Epoch timestamp.

methodResults

(Optional) Method results.

Format: JSON object