Payer Authentication
Overview
Payer Authentication is the process of verifying a payer’s identity during a payment transaction to ensure that the transaction is valid.
At present, the Payer Authentication concept as defined here is strictly in terms card payment instruments and explicitly references 3D-Secure. Until a new version is released, 3DSv2.x versions are the only accepted version to perform authentication.
The need to authenticate a payer can be determined in one of two ways:
Seller determines that authentication is required prior to payment commitment and sends authentication payload with payment details
Airline determines that authentication is required while processing payment
1. Seller determines that authentication is required
If the Seller determines that authentication is required then:
The Seller triggers the authentication process.
The Seller sends the authentication result to the airline along with the Payer’s card information at time of payment commitment.
The Airline uses the authentication result in their authorization request.
2. Airline determines that authentication is required
If the Seller has not sent an authentication payload then an airline may decide to request an authentication:
The Seller sends the Payer’s card information to the airline at time of payment commitment.
The Airline determines that the Payer must authenticate and sends an error in response to the payment commitment.
The seller triggers the authentication process.
Seller sends this authentication result to the airline along with the Payer’s card information to the airline.
The Airline uses the authentication results in their authorization request.
Example
Example of transfer of details for payment card transaction, including payer authentication result
...
<PaymentFunctions>
<OrderAssociation>
<OrderItemRefID>ORDITM-01</OrderItemRefID>
<OrderRefID>XB952A1B2C3D4</OrderRefID>
</OrderAssociation>
<PaymentProcessingDetails>
<Amount CurCode="EUR">1000.00</Amount>
<PaymentMethod>
<PaymentCard>
<CardBrandCode>VI</CardBrandCode>
<CardHolderName>Mary Smith</CardHolderName>
<CardNumber>4111111111111111</CardNumber>
<CardSecurityCode>111</CardSecurityCode>
<ExpirationDate>0125</ExpirationDate>
<SecurePaymentVersion2>
<AuthenticationMerchantName>SellerMerchantName</AuthenticationMerchantName>
<AuthenticationTokenValue>12345a6c789d225648e</AuthenticationTokenValue>
<AuthenticationValue>CAVV</AuthenticationValue>
<CardNumberCollectionCode>S</CardNumberCollectionCode>
<DirectoryServerTrxID>a28b-4473-a130-3fa5e1c2eef0</DirectoryServerTrxID>
<ElectronicCommerceInd>05</ElectronicCommerceInd>
<PaymentTrxChannelCode>EC</PaymentTrxChannelCode>
<ProgramProtocolText>2.2.0</ProgramProtocolText>
<TrxStatusText>A</TrxStatusText>
</SecurePaymentVersion2>
</PaymentCard>
</PaymentMethod>
</PaymentProcessingDetails>
</PaymentFunctions>
...
Â