Visa Click to Pay

addressId

The address identifier in the SRC system.

Conditionality: Required when provided as a response to the SRCi.

Format: Universally Unique Identifier (UUID)

name

The recipient name for the address, if known.

Condtionality: Required when known to the SRC system for this address

Format: Alphanumeric; maximum 140 characters

line1

Line 1 of the address.

Condtionality: Required if this is a shipping address in a valid format for the country.

Format: Maximum 140 characters. Alphanumeric

line2

Line 2 of the address.

Format: Maximum 140 characters. Alphanumeric

line3

Line 3 of the address.

Format: Maximum 140 characters. Alphanumeric

city

The city associated with the address.

Condtionality: Required if this is a shipping address in a valid format for the country.

Format: Alphanumeric, maximum 100 characters.

state

The state associated with the address.

Condtionality: Required if this is a shipping address in a valid format for the country.

Format: String

zip

The zip code associated with the address.

Condtionality: Required if this is a shipping address in a valid format for the country and has a postal code or zip code.

Format: Alphabetic, numeric; 3–16 characters.

countryCode

The country code associated with the address.

Format: ISO-3166-1 alpha-2 standard code

Example: AU - Australia

srcDigitalCardId

ID of the selected card.

Condtionality: Required if consumerIdentity is not present.

consumerIdentity

Primary verifiable consumer identifier within an SRC Profile; for example, an email address.

Condtionality: Required if srcDigitalCardId is not present.

verificationData

Set of verification data structures relating to distinct types of assurance.

Format: List of VerificationData structures.

eci

If present, a value indicating the result of the authenti­ cation performed or attempted during a transaction. Use this value in the e-commerce authorization message to VisaNet.

Format: Maximum 2 digits. It is one of the following values:

• 05 – Successful authentication
• 06 – Authentication attempted
• 07 – Authentication not performed

authenticationReasons

SRCi-provided authentication reasons used by the SRC System to perform authentication.

Format: They are one or more of the following enumerated values:

• TRANSACTION_AUTHENTICATION
• NOT_PREFERRED

srciDpaId

DPA identifier, which is generated by the SRC system during DPA registration.

Condtionality: Either srciDpaId or a dpaData structure must be provided when authenticationReasons is TRANSACTION_AUTHENTICATION.

Format: 64 bytes

dpaData

dpaTransactionOptions

DPA configuration data, which overrides the configu­ ration on the SRC system that was created during DPA registration.

Ignored if supplied in the init call or elsewhere in the checkout call.

acquirerMerchantId

acquirerBIN

merchantName

authenticationMethodType

SRCi to indicate for a particular transaction if Click to Pay needs to perform managed authentication or not.

Format: It is one of the following values:

• SMS_OTP
• EMAIL_OTP
• 3DS
• APP_AUTHENTICATION
• MANAGED_AUTHENTICATION (Deprecated)

authenticationSubject

Authentication subject. This should be set to CARDHOLDER.

Format: It is one of the following values:

• CARDHOLDER
• CONSUMER
• CARD

uriData

authenticationCredentialReference

methodAttributes

authenticationMethods

SRCIs may provide their preferences related to an authentication method so that SRC system can facilitate authentication. 

For e.g. SRCI preferred value for Challenge indicator may be passed here.

payloadRequested

Whether the SRCi or merchant prefers an authenticated payload.

Format: It is one of the following values:

• AUTHENTICATED
• NON_AUTHENTICATED

primaryAccountNumber

The account number of the card to be enrolled and provisioned.

Format: Numeric

panExpirationMonth

The account number expiration month.

Format: Numeric, 2 digits, MM

panExpirationYear

The account number expiration year.

Format: Numeric, 4 digits, YYYY

cardSecurityCode

The card security code (CVV2) value associated with the account number on the card, if available.

Condtionality: Required for those cards that a card security code.

Format: Numeric, 3-4 digits

cardholderFullName

The full name of the cardholder on the card.

Condtionality: Required if the billingAddress name field or the cardHolderFirstName and cardHolderLastName are not passed.

cardholderFirstName

cardholderLastName

billingAddress

paymentAccountReference

srcCorrelationId

The unique identifier generated by SRC system to track and link SRC messages. This is used as a transaction identifier assigned by the SRC system for this particular transaction.

Returned when cards are returned.

Format: Universally Unique Identifier (UUID)

srciTransactionId

A unique transaction ID created by the SRCi, which may be created on the merchant page. It must be passed through to all networks (SRC systems) and DCFs.

Format: Alphanumeric, maximum 100 characters

maskedCard

shippingAddressZip

shippingCountryCode

Country code of the address being shipped to. The country must have been requested in the DPA shipping preferences.

Format: Country Code2, ISO-3166-1, alpha-2 standard code

Example: AU - Australia

maskedConsumer

Masked information about the consumer for display purposes.

Format: MaskedConsumer structure.

encryptedPayload

Encrypted payload to be given to the merchant.

Conditionality: Returned only when PCI/PII data is requested by the DPA during a SRC transaction.

assuranceData

Information about any risk assessment operations performed by the SRC system.

Condtionality: Provided when the SRCi requests payment authentication.

isGuestCheckout

Whether the consumer checked out as a guest.

Format: It is One of the following values:

• true – the consumer checked out as a guest
• false – the consumer did not check out as a guest (default)

isNewUser

Whether the consumer enrolled during checkout in this transaction.

Format: It is one of the following values:

• true – the consumer enrolled during checkout in this transaction
• false – the consumer did not enroll during checkout in this transaction (default)

complianceType

Compliance type.

Format: It is one of the following values:

• TERMS_AND_CONDITIONS
• PRIVACY_POLICY
• REMEMBER_ME

uri

Uniform Resource Identifier (URI), a valid web address or URL

Format: Mmaximum 1024 characters

complianceResources

One or more compliance resources, which consists of a single compliance type and URI.

Conditionality: Required when complianceSettings is specified.

firstName

Consumer’s first name.

Format: Maximum 30 characters

lastName

Consumer’s last name.

Format: Alphanumeric; between 2–80 characters

fullName

Consumer’s full name.

Format: Alphanumeric; between 2–80 characters

Consumer's email address.

Conditionality: Required when linking a new card.

Format: Maximum 255 characters

mobileNumber

Consumer's phone number.

Conditionality: Required when linking a new card.

The country code associated with the address.

Format: ISO-3166-1 alpha-2 standard code

Example: AU - Australia

languageCode

Consumer's locale.

Format: Locale, based on ISO format for language (ISO 639-1) and alpha-2 country code (ISO 3166-1 alpha-2). The language and country should be separated using a (_).

Example: en_US

consumerIdentity

nationalIdentifier

Geographic­specific, nationally-provided identifier for the Consumer.

Format: Maximum 20 characters

identityProvider

identityValue

Value of the consumer identity, which is used to locate information within the SRC profile.

Format: String for valid email address, for mobile number must be the E.164 format max length of 15 including the country code. Remove special characters: All spaces, dashes, and parentheses should be removed, and all characters should be numeric. The mobile number must not include '+'

Example: [email protected], 61423123456

identityType

• EMAIL_ADDRESS
• MOBILE_PHONE_NUMBER

checkoutEventType

Event type associated with the update.

Format: It is one of the following values:

• 01 - Authorize
• 02 - Capture
• 03 - Refund
• 04 - Cancel
• 05 - Fraud
• 06 - Chargeback
• 07 - Other

checkoutEventStatus

Event types associated with the order.

Format: It is one of the following values:

• 01 - Created
• 02 - Confirmed
• 03 - Cancelled
• 04 - Fraud Cancelled
• 05 - Other
• 06 – 50 - EMVCo future use
• 51 - 99 - SRC

confirmationStatus

Status of the event as provided by the SRCi in the Confir­ mation message.

Format: It is one of the following values:

• 01 - Success
• 02 - Failure
• 03 - Other

confirmationReason

Description of the reason for the event associated with the order.

Format: Maximum 64 characters

confirmationTimestamp

Date and time, in coordinated Universal Time, (UTC) of the event completion corresponding to the Confirmation event by the SRCi.

Format: UNIX Epoch timestamp, in milliseconds

networkAuthorizationCode

Authorization code associated with an approved transaction.

Format: Maximum 25 characters

networkTransactionIdentifier

Unique authorization-related tracing value assigned by a Payment Network.

Format: Maximum 25 characters

paymentNetworkReference

Transaction identifier as provided by a Payment Network after authorization has been completed.

Format: Maximum 25 characters

assuranceData

Future

transactionAmount

checkoutOrchestrator

customFlowType

Flow type indicator for SRC orchestrated flows.

Format: It is one of the following values:

• paymentsetting
• withincheckout

paymentCardTypeSelected

Identifies the cardholder selection to process the transaction as either debit or credit at checkout. Applicable only when the card product supports both credit and debit (Combo) options.

Format: It is one of the following values:

• CREDIT
• DEBIT

status

The digital card status any given time in the SRC system.

Format: It is one of the following values:

• ACTIVE

presentationName

Presentation text created by the consumer to enable recognition of the PAN entered into the DCF. This value is unique to the DCF and defined by the consumer.

Format: String; maximum 64 characters

descriptorName

Presentation text defined by the SRC programme that describes the PAN presented as a digital card. This descriptor is the same across all DCFs.

Format: String; maximum 64 characters

artUri

URI of the Art card application. Can be provided by SRC Issuer (SRCPI) .

Format: A valid URI; maximum 100 characters

artHeight

Height of the Art card image, in pixels.

Format: Numeric value between 1 and 4096, inclusive
Example: artHeight: ...

artWidth

Width of the Art card image, in pixels.

Format: Numeric value between 1 and 4096, inclusive
Example: artWidth : ...

pendingEvents

Set of events that are pending completion such as Card Holder Verification, AVS, SCA, Device Binding, etc.

Conditionality: Required when the value of status is set to PENDING.

Format: It is an array of one or more of the following strings:

• PENDING_CONSUMER_IDV
• PENDING_CONSUMER_DEVICE_BINDING
• PENDING_CARDHOLDER_AUTHENTICATION

authenticationMethods

Authentication method indicated by the SRCi to the SRC System.

srcDpaId

DPA identifier, which is generated by the SRC system during DPA registration. Required if srciDpaId is not provided in the top-level structure of the request body; optional unless you want to specify a display presentation name, the website address, or the preferred 3DS behavior.

Format: String, 64 bytes

dpaPresentationName

Display name of the DPA. Required to facilitate transaction authentication.

Format: String,

Example: Mycompany Online

dpaUri

The URI for the website.

Example: http://www.Mycompanyonline.com

dpaThreeDsPreference

Deprecated

Contact your Visa representative for information about using this field to receive authentication data.

Format: It is one of the following values:

• ONBEHALF
• SELF
• NONE
• UNKNOWN (default)

dpaLocale

DPA’s preferred locale. This can be the same as the locale in the init parameters or can be different.

Format: Based on ISO format for language (ISO 639-1) and alpha-2 country code (ISO 3166-1 alpha-2). The language and country should be separated using an underscore ( _ ).

Example: en_US, fr_CA

dpaAcceptedBillingCountries

Billing countries. Payments from the listed billing countries are accepted. If this list is empty, all countries are accepted.

Format: Array of country codes in ISO 3166-1 alpha-2 format

Example: ["US", "CA", "AU"]

dpaAcceptedShippingCountries

Shipping countries; shipping region country codes that limit the selection of eligible shipping addresses. If this list is empty, all countries are accepted.

Format: Array of country codes in ISO 3166-1 alpha-2 format

authenticationPreferences

acquirerBIN

Acquirer BIN.

Condtionality: Required for the SRC system to facilitate authentication.

merchantName

Merchant name.

Condtionality: Required for the SRC system to facilitate authentication.

recurringData

The data specific to a recurring transaction.

Condtionality: Required for the SRC system to facilitate authentication when the transaction is initiated for a recurring purchase.

acquirerMerchantId

Acquirer-assigned Merchant identifier.

Condtionality: Required for the SRC system to facilitate authentication.

dpaBillingPreference

Verbosity of billing address required by the DPA.

Format: It is one of the following values:

• FULL (default)
• POSTAL_COUNTRY
• NONE

dpaShippingPreference

Extent to which DPA wants to have shipping address collected. Not required for Merchant Orchestrated Checkout; if passed, it will be changed to NONE.

Format: It is one of the following values:

• FULL (default)
• POSTAL_COUNTRY
• NONE

consumerNameRequested

Whether the name of the consumer has been requested.

Format: It is one of the following values:

• true (default)
• false

consumerEmailAddressRequested

Whether the email address of the consumer has been requested.

Format: It is one of the following values:

• true (default)
• false

consumerPhoneNumberRequested

Whether the Phone number of the consumer has been requested.

Format: It is one of the following values:

• true (default)
• false

consumerNationalIdentifierRequested

Whether the Consumer National identifier for the consumer is requested.

Format: It is one of the following values:

• true
• false

paymentOptions

reviewAction

Whether the payment will be processed immediately after selection or after confirmation.

Format: It is one of the following values:

• pay -- proceed after selection
• continue -- proceed after confirmation (default)

checkoutDescription

transactionType

Type of the transaction.

Format: It is one of the following values:

• PURCHASE (default)
• BILL_PAYMENT
• MONEY_TRANSFER

orderType

Deprecated

Type of orders.

Format: It is one of the following values:

• REAUTHORIZATION
• RECURRING
• INSTALLMENT

transactionInstruction

Deprecated

Transaction instruction.

Format: Enum; it is one of the following values:

• RECURRING_PAYMENTS
• SUBSCRIPTION_SERVICES
• INSTALLMENTS

numberOfPayments

Deprecated

Maximum number of authorizations for installment payments. Required when transactionInstruction is specified.

Format:

purchaseDate

Deprecated

Original purchase date. Required when transactionInstruction is specified.

Format: UNIX Epoch timestamp. The value is in milliseconds.

recurringEndDate

Deprecated

The date after which no further recurring authorizations should be performed. Required when transactionInstruction is specified.

Format: UNIX Epoch timestamp. The value is in milliseconds.

recurringFrequency

Deprecated

Minimum number of days between recurring authorizations. Required when transactionInstruction is specified.

Format: Integer

payloadTypeIndicator

The verbosity of payload requested.

Format: Enum, it is one of the following values:

• FULL - includes everything; all PCI & PII data (card/token, billing, shipping, consumer)
• SUMMARY - (default) no JWE. If FULL needed during checkout, SRCi needs to make a request for it explicitly.
• PAYMENT - same as FULL
• NON_PAYMENT - only PII (billing, shipping, consumer). It has both SUMMARY and encryptedPayload without card, token, or dynamicData.
• NONE - just srcCorrelationId (with COMPLETE dcfActionCode)

transactionAmount

Amount of the transaction.

Condtionality: Required for SRC system to facilitate authentication.

merchantOrderId

The order identifier generated by the DPA. Typically used for reconciliation process by the DPA.

Format: Universally Unique Identifier (UUID)

merchantCategoryCode

Code associated with Merchant Category

Format: 4-digit string

merchantCountryCode

The country code associated with the merchant’s billing or shipping address.

Format: ISO-3166 - 1 alpha-2 standard code

Example: US – United States

threeDsInputData

Deprecated

If 3DS is requested for the transaction, this attribute is required.

Format: ThreeDSInputData structure

dpaThreeDsPreference

Deprecated

Do not specify a value here. Set dpaThreeDsPreference in the dpaData structure instead.

authenticatedCredentialRequested

Deprecated

Do not specify a value here. Set the payloadRequested field in the authenticationPreferences structure instead.

SRCi preference to perform authentication and to receive authentication data for the transaction.

Format: It is one of the following values:

• true
• false (default)

customInputData

dynamicDataValue

The value of the dynamic data.

Condtionality: Must be provided when dynamicDataType is not NONE.

dynamicDataType

Type of dynamic data required in the payload.

Format: It is one of the following values:

• CARD_APPLICATION_CRYPTOGRAM_SHORT_FORM
• CARD_APPLICATION_CRYPTOGRAM_LONG_FORM
• CARDHOLDER_AUTHENTICATION_CRYPTOGRAM
• NONE

dynamicDataExpiration

The requested validity period for the dynamic data in Coordinated Universal Time (UTC).

Condtionality: Must be provided when dynamicDataType is not NONE.

Example: Wed Jan 15 23:40:23 GMT 2020

addressId

line1

Line 1 of the masked address in the SRC system. Required for shipping address.

Format: Alphanumeric, Maximum 140 characters.

Example: 1** M*** St

line2

Line 2 of the masked address in the SRC system. Required for shipping address.

Format: Alphanumeric, Maximum 140 characters.

line3

Line 3 of the masked address in the SRC system. Required for shipping address.

Format: Alphanumeric, Maximum 140 characters.

city

City name associated with the masked address in the SRC system. The address must have the city name in the valid address format for the country.

Format: Alphanumeric, UTF-8 white space; maximum 100 characters

state

State code associated with the masked address in the SRC system. The address must have the state name in the valid address format for the country.

Must be a valid 2-characters code for US and CA and a valid 3- characters code for AU.

Example: VA

zip

The zip code associated with the masked address.

Format: Alphanumeric, maximum 3–16 characters.

countryCode

Country code associated with the masked address in the SRC system.

Format: ISO-3166-1 alpha-2 standard code

Example: US

createTime

Date and time the masked address was created.

Format: String; 25 characters

lastUsedTime

Date and time the masked address was last used.

Format: UNIX Epoch timestamp. The value is in milliseconds.

srcDigitalCardId

A unique ID associated with the digital card. Represent the PAN or payment token.

Format: Universally Unique Identifier (UUID), maximum 36 characters

panBin

The bank ID number associated with the card, the first significant digits of the PAN included in an unmasked form.

Format: Numeric maximum length = PAN length - 10

panLastFour

Last 4 digits of the PAN included in an unmasked form.

Format: Numeric; maximum 4 digits

Token's BIN range.

Conditionality: Required when CheckoutResponse contains a tokenized payload.

paymentAccountReference

Last 4 digits of the token.

Conditionality: Required when CheckoutResponse contains a tokenized payload.

Format: Numeric; maximum 4 digits

panExpirationMonth

The month when the account number is set to expire.

Format: Numeric; 2 digits

panExpirationYear

The year when the account number is set to expire.

Format: Numeric; 4 digits

digitalCardData

The metadata about the card, which contains digital card information used in the acceptance environment and in the user interface. This data provides a reference to the actual PAN or Payment token without actually disclosing either.

Digital card data is grouped together based on the following categories:

• Digital card information: data used in request and response messages
• UI/UX presentation data: the data in user interfaces to provide the consumer with a recognizable descriptor
• Digital card art: image that accompanies digital card information for user interface purposes.

dateOfCardCreated

Timestamp that identifies when this card was enrolled into the SRC system.

Format: UNIX Epoch timestamp. The value is in milliseconds.

dateOfCardLastUsed

Timestamp that identifies when this card was last used for an SRC transaction.

Conditionality: Required when the card has been used during a previous transaction.

Format: UNIX Epoch timestamp. The value is in milliseconds.

maskedBillingAddress

Billing address associated with the card, masked for display purposes.

Conditionality: Required when dpaBillingPreference is set to either POSTAL_COUNTRY or FULL and the SRC system posesses a billing address for the selected srcDigitalCardId.

paymentCardType

Indicates whether the card supports both credit and debit options.

Format: It is a list of one or more of the following values:

• CREDIT
• DEBIT
• COMBO

Reference identifier to the Token that enables the SRC System to communicate with the Token Service Provider without transmitting the actual PAN/Token; Present when PAN is eligible for tokenization. The reference identifier is associated with the SRC Profile to which the Payment Card belongs and is unique within an SRC System.

Conditionality: Required when CheckoutResponse contains a tokenized payload.

Format: Alphabetic, numeric [A-Z][a-z][0-9,-], and hyphens ( - ), e.g., spaces are not allowed; maximum 36.

srcConsumerId

SRC consumer Reference identifier generated by the SRC system.

Format: Universally Unique Identifier (UUID)

countryCode

Country code associated with the masked address of consumer country in the SRC system.

Format: ISO-3166-1 alpha-2 standard code

languageCode

Consumer's locale.

Format: Locale, based on ISO format for language (ISO 639-1) and alpha-2 country code (ISO 3166-1 alpha-2). The language and country should be separated using a (_).

status

Signifies the state of the consumer at any given time at the SRC system.

Format: It is one of the following values:

• ACTIVE
• SUSPENDED
• LOCKED

dateConsumerAdded

Timestamp that identifies when the consumer was added to the SRC system .

Format: UNIX Epoch timestamp. The value is in milliseconds.

maskedConsumerIdentity

maskedEmailAddress

The email address of the consumer.

Note: This field supports internationalization using UTF-8 characters.

Format: A valid email address; maximum 255 characters

maskedFirstName

The first name of the consumer.

Note: getSrcProfile response will not return maskedFirstName.

Format: Alphanumeric; maximum 30 characters

maskedLastName

The last name of the consumer.

Note: getSrcProfile response will not return maskedLastName.

Format: Alphanumeric; maximum 30 characters

maskedFullName

The full name of the consumer.

Format: Alphanumeric; maximum 60 characters

maskedMobileNumber

maskedNationalIdentifier

Masked consumer national Identifier

Format: Alphanumeric; maximum 20 characters

complianceSettings

dateConsumerLastUsed

Timestamp that identifies when the consumer last transacted to the SRC system.

Format: UNIX Epoch timestamp. The value is in milliseconds.

identityType

The type of primary consumer Identifier to an SRC Profile.

Format: It is one of the following values:

• EMAIL_ADDRESS
• MOBILE_PHONE_NUMBER

Example: "identityType": "EMAIL_ADDRESS"

maskedIdentityValue

Masked consumer’s email address or mobile phone number. The masked identity value for mobile number will be 12 characters, 8 asterisks followed by last 4 digits. 

Example: "maskedIdentityValue":  "xyz**@visa.com, ********9904" 

countryCode

The country code associated with the consumer's phone number.

Format: Numeric string; only digits allowed, leading zeroes ( 0 ), plus signs ( + ), spaces and other alphabetic or alphanumeric characters are not allowed; minimum size 1 digit, maximum size 4 digits.

Example: "1" for the United States or Canada.

phoneNumber

Masked phone number of the consumer.

Format: String; 12 characters total with 8 asterisks followed by the last 4 digits of the phone number.

Example: "********9904"

challengeIndicator

A challenge indicator value related to 3DS authentication.

Format: It is one of the following values:

• 01 - No preference
• 02 - No challenge requested
• 03 - Challenge requested (3DS Requestor Preference)
• 04 - Challenge requested (Mandate)
• 05 - No challenge requested (transactional risk analysis is already performed)
• 06 - No challenge requested (Data share only)
• 07 - No challenge requested (strong consumer authentication is already performed)
• 08 - No challenge requested (utilize trust list exemption if no challenge required)
• 09 - Challenge requested (trust list prompt requested if challenge required)

otpValue

One time password;

Condtionality: Required when authenticationMethodType in the authenticationMethod structure is SMS_OTP or EMAIL_OTP.

Format: Maximum 16 characters.

stepUpIdentifier

Step-up identification;

Condtionality: Required when authenticationMethodType in the authenticationMethod structure is SMS_OTP, EMAIL_OTP, or APP_AUTHENTICATION.

transStatus

Whether a transaction qualifies as an authenticated transaction (for 3DS authentication).

Format: It is one of the following string values:

• "Y"
• "R"
• "C"
• "N"
• "U"
• "A"
• "D"
• "I"

dsTransId

ID assigned by the DS to identify the transaction (for 3DS authenti­cation).

Format: String; UUID

acsTransId

ID assigned by the ACS to identify the transaction (for 3DS authenti­cation).

Format: String; UUID

Transaction if it was challenged or frictionless.

Format: It is one of the following string values:

• 0 - Frictionless
• 1 - Challenged

Status of Authentication eligibility.

Format: It is one of the following string values:

• Y - Yes, Bank is participating in 3-D Secure protocol and will return the ACSUrl
• N - No, Bank is not participating in 3-D Secure protocol
• U - Unavailable, The DS or ACS is not available for authentication at the time of the request
• B - Bypass, Merchant authentication rule is triggered to bypass authentication in this use case
  Note: If the Enrolled value is NOT Y, then the Consumer is NOT eligible for Authentication

This field contains the 3DS version that was used to process the transaction.

Format: It is one of the following string values:

• 2.2.0

dpaDynamicDataTtlMinutes

The minimum requested validity period for the transaction credentials, such as a cryptogram, returned by the SRC system, in minutes.

If this is not provided, the values are determined by the SRCs.

Format: integer

Example: 2

dynamicDataType

The dynamic data type.

Format: It is one of the following values:

• CARD_APPLICATION_CRYPTOGRAM_LONG_FORM – Transaction Authentication Verification Value
• CARD_APPLICATION_CRYPTOGRAM_SHORT_FORM - Dynamic Token Verification Value
• CARDHOLDER_AUTHENTION_CRYPTOGRAM - Cardholder Authentication Verification Value

• TAVV Deprecated – Transaction Authentication Verification Value
• DTVV Deprecated – Dynamic Token Verification Value

dpaPanRequested

Whether PAN data is requested.

Format: It is one of the following values:

• true
• false (default)

paymentToken

The tokenized payment instrument.

Format: String; ISO/IEC 7812 format

tokenExpirationMonth

Tokenized payment instrument expiration month.

Format: Numeric, 2 digits; MM

tokenExpirationYear

Tokenized payment instrument expiration year.

Format: Numeric, 4 digits; YYYY

paymentAccountReference

A non-financial reference assigned to each unique PAN and used to link a Payment Account represented by that PAN to affiliated Payment Tokens.

Format: Alphanumeric, maximum 29 characters

countryCode

The country code associated with the consumer phone number.

Format: The E.164 format includes the country code, the local area code, and the local phone number. No spaces: When adding the number as a contact, there should be no spaces. Remove special characters: All spaces, dashes, and parentheses should be removed, and all characters should be numeric. The country code must not include +.

• Min Length = 1
• Max Length = 3

Example: 1

phoneNumber

Phone number without country code.

Format: The E.164 format. No spaces: When adding the number as a contact, there should be no spaces. Remove special characters: All spaces, dashes, and parentheses should be removed, and all characters should be numeric. For some countries e.g. Australia, leading ‘0’ of the local number needs to be removed while converting to E164 e.g. ‘0423 123 456’ becomes ‘61423123456’

• Min Length = 4
• Max Length = 14 with the condition of max length including country code must not exceed 15 digits

recurringAmount

Recurring amount. Required when recurringData is specified in DPA Transaction Options.

Format: Minor units of currency with all punctuation removed.

Example: 12345 for $123.45 in USD.

idToken

maskedCards

maskedConsumer

transactionAmount

Amount associated with transaction.

Format: Numeric string; maximum 9 digits before an optional decimal point and 4 decimal digits after

transactionCurrencyCode

Currency code used for the transaction amount.

Format: ISO 4217 alpha-3 currency code

uri

Specifies the URI for the given authentication method.

Format: String; maximum 2048 characters

uriType

URI type.

Format: It is one of the following values:

• APP_URI
• WEB_URI

verificationType

Type of verification data.

Format: It is one of the following values:

• CARDHOLDER

verificationEntity

Entity performing the verification.

Format: It is one of the following values:

• 02 - SRC Initiator
• 03 – SRCPI

Example: "02" or "03"

verificationEvents

Event causing the verification to occur.

Format: Array that can contain the following values:

• 01 – Payment transaction

verificationMethod

Method of verification.

Format: It is one of the following values:

• 02 – App-based authentication
• 04 – One-time passcode
• 07 – FIDO

Example: "02", "04", or "07"

verificationResults

Result of the verification.

Format: It is one of the following values:

• 01 – Verified

Example: "01"

verificationTimestamp

Date and time in UTC that the verification was conducted.

Format: UNIX Epoch timestamp.

methodResults

Method results.

Format: JSON object