EMVCo is the organization that is responsible for creating, maintaining and disseminating PCI DSS standards. In particular, they provide specifications around 3D Secure Protocols and Core Functions so that these terms are understood across the industry.

📘
The latest specification document can be found at: EMVCo 3D Secure Protocol and Core Functions Specification.

3D Secure object field mapping

Our 3D Secure solution uses parameter names that correspond to those that EMVCo uses in its specifications. They apply to all of our 3D Secure integrations (Secure Fields, API or Mobile SDK).

Refer to the latest 3DS specification from EMVCo for more information.

PCI Proxy	EMVCo	Description
`eci`	ECI	Electronic Commerce Indicator
`xid`	dsTransId for 3D Secure 2. xid for 3D Secure 1.	Transaction ID returned by the directory server.
`cavvAlgorithm`	Only required for 3D Secure 1. Deprecated for 3D Secure 2 and beyond.	3D Algorithm
`cavv`	authenticationValue	Card Holder Authentication Verification Value
`threeDSVersion`	messageVersion	The 3D specification version
`directoryResponse`	transStatus (after `ARes`)	Transaction status after ARes.
`authenticationResponse`	transStatus (after `RReq`)	Transaction status after RReq.
`threeDSTransactionId`	threeDSServerTransID	Universally unique transaction identifier
`cardHolderInfo`	cardholderInfo	Optional message provided by the ACS/Issuer to the Cardholder
`transStatusReason`	transStatusReason	Provides additional information on the failed 3D Authentication

Directory response

We return the directory response for any transaction where a 3D Secure verification can take place. This is the status after ARes.

`directoryResponse` value	3D Secure 2 meaning	Description
`Y`	Authenticated	The card or account was authenticated seamlessly with 3D Secure. No challenge flow will take place.
`N`	Authentication failed	Not authenticated.
`U`	Not available	The authentication or account verification could not be performed. This is usually due to technical problems.
`C`	Challenge needed	Further cardholder interaction is required to complete the authentication.
`R`	Rejected	Not authenticated because the issuer has rejected the authentication.
`A`	Authentication attempt	A proof of authentication attempt was generated. One or more 3D Secure authentication attempts were performed but no authentication or account verification was completed successfully. This may also be returned if a cardholder skips 3D Secure registration.

Authentication response

For authentications proceeding to RReq, or Challenge flow, we return the response as follows.

`authenticationResponse` value	3D Secure 2 meaning	Description
`Y`	Authenticated	The authentication was successful.
`N`	Authentication failed	The authentication or account could not be verified.
`U`	Not available	The authentication or account verification could not be performed. This is usually due to technical problems. No liability shift; consider whether to proceed with the transaction.
`A`	Authentication attempt	A proof of authentication attempt was generated. One or more 3D Secure authentication attempts were performed but no authentication or account verification was completed successfully. This may also be returned if a cardholder skips 3D Secure registration.
`C`	Process incomplete	Further cardholder interaction is required to complete the authentication.