Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Payer Authentication is the process to officially confirm the Payer is owner of the chosen payment instrument. 

It is only linked to a card transaction and the standard is defined by the card schemes and referred to as 3D-Secure.

It starts with sending authentication request and results with a response returned to the Seller.

Definition

Seller

This concept allows the Seller to authenticate the payer for a card transaction by sending an authentication request to the card issuer authentication server, resulting with a response which it forwards to the airline for triggering an authorization request. 

Airline

This allows an Airline to receive authentication result for future use(s) in the subsequent authorization requestof verifying a payer’s identity during a payment transaction to ensure that the transaction is valid.

At present, the Payer Authentication concept as defined here is strictly in terms card payment instruments and explicitly references 3D-Secure. Until a new version is released, 3DSv2.x versions are the only accepted version to perform authentication.

The need to authenticate a payer can be determined in one of two ways:

  1. Seller determines that authentication is required prior to payment commitment and sends authentication payload with payment details

  2. Airline determines that authentication is required while processing payment

1. Seller determines that authentication is required

If the Seller determines that authentication is required then:

  1. The Seller triggers the authentication process.

  2. The Seller sends the authentication result to the airline along with the Payer’s card information at time of payment commitment.

  3. The Airline uses the authentication result in their authorization request.

2. Airline determines that authentication is required

If the Seller has not sent an authentication payload then an airline may decide to request an authentication:

  1. The Seller sends the Payer’s card information to the airline at time of payment commitment.

  2. The Airline determines that the Payer must authenticate and sends an error in response to the payment commitment.

  3. The seller triggers the authentication process.

  4. Seller sends this authentication result to the airline along with the Payer’s card information to the airline.

  5. The Airline uses the authentication results in their authorization request.

Example

Example of transfer of details for payment card transaction, including payer authentication result

Code Block
languagexml
...
<PaymentFunctions>
	<OrderAssociation>
		<OrderItemRefID>ORDITM-01</OrderItemRefID>
		<OrderRefID>XB952A1B2C3D4</OrderRefID>
	</OrderAssociation>
	<PaymentProcessingDetails>
		<Amount CurCode="EUR">1000.00</Amount>
		<PaymentMethod>
			<PaymentCard>
				<CardBrandCode>VI</CardBrandCode>
				<CardHolderName>Mary Smith</CardHolderName>
				<CardNumber>4111111111111111</CardNumber>
				<CardSecurityCode>111</CardSecurityCode>
				<ExpirationDate>0125</ExpirationDate>
				<SecurePaymentVersion2>
					<AuthenticationMerchantName>SellerMerchantName</AuthenticationMerchantName>
					<AuthenticationTokenValue>12345a6c789d225648e</AuthenticationTokenValue>
					<AuthenticationValue>CAVV</AuthenticationValue>
					<CardNumberCollectionCode>S</CardNumberCollectionCode>
					<DirectoryServerTrxID>a28b-4473-a130-3fa5e1c2eef0</DirectoryServerTrxID>
					<ElectronicCommerceInd>05</ElectronicCommerceInd>
					<PaymentTrxChannelCode>EC</PaymentTrxChannelCode>
					<ProgramProtocolText>2.2.0</ProgramProtocolText>
					<TrxStatusText>A</TrxStatusText>
				</SecurePaymentVersion2>
			</PaymentCard>
		</PaymentMethod>
	</PaymentProcessingDetails>
</PaymentFunctions>
...