Authentication Result
Authentication in the context of 3D-Secure has several possible outcomes, depending on the authentication protocol used and the
card issuer requirements. Here are some of the key results of an authentication:
- Authentication Passed: Transaction authentication is successful
either automatically (frictionless) or by flag, using a similar process
to ‘stand-in’, known as attempt. - Authentication Denied: Authentication fails, and is denied. This may occur if the cardholder
entering incorrect information if additional authentication is not completed correctly
or if there is a problem connecting to the authentication server. In this case,
Anti fraud settings can be made to complement the analyzes and
allow other ways of validating these challenges. - Challenged Authentication: In some cases, authentication may be
challenged, which means you need to provide additional information or go through
an additional authentication step to confirm the legitimacy of the transaction. This may involve
the use of passwords, PINs, security codes sent via SMS or other authentication methods. - Authentication rejected by the Issuer: In this case, the issuer, by having specific rules for
validate authentication, you can reject the authentication for reasons ranging from card status or
specific validations per client. Each issuer may have specific rules for these validations.
It is important to note that the results of an authentication may vary depending on the rules and
policies established by the card issuer, as well as the specific implementation of 3D-Secure by the merchant and the card brand.
Remembering that after the authentication process, we still have every step related to authorization of the transaction,
which would be the approval, or not, of the transaction, according to the rules of each issuer.
ECI Table
The ECI (Electronic Commerce Indicator) is a code returned by card networks and indicates the result of the cardholder's 3DS authentication with the issuer or card network. Check the following table for the corresponding ECIs for each card network and the authentication result.
Mastercard | Visa | Elo | Amex | Authentication Result | Was the transaction authenticated? |
---|---|---|---|---|---|
02 | 05 | 05 | 05 | Authenticated by the issuer - chargeback risk becomes the responsibility of the issuer. | Yes |
01 | 06 | 06 | 06 | Authenticated by the card network - chargeback risk becomes the responsibility of the issuer. | Yes |
Diferente de 01, 02, 04 | Diferente de 05 e 06 | Diferente de 05 e 06 | Diferente de 05 e 06 | Not authenticated - chargeback risk remains with the merchant. | No |
04 | - | - | - | Not authenticated, transaction characterized as Data Only - chargeback risk remains with the merchant. | No |
Updated about 2 months ago