User's Guide
Table Of Contents
- Payflow Pro Fraud Protection Services User’s Guide
- Preface
- Overview
- How Fraud Protection Services Protect You
- Configuring the Fraud Protection Services Filters
- Assessing Transactions that Triggered Filters
- Activating and Configuring the Buyer Authentication Service
- Performing Buyer Authentication Transactions Using the SDK
- Testing the Buyer Authentication Service
- Buyer Authentication Transaction Overview
- Buyer Authentication Terminology
- Buyer Authentication Server URLs
- Detailed Buyer Authentication Transaction Flow
- Call 1: Verify that the cardholder is enrolled in the 3-D Secure program
- Call 2: POST the authentication request to and redirect the customer’s browser to the ACS URL
- Call 3: Validate the PARES authentication data returned by the ACS server
- Call 4: Submit the intended transaction request to the Payflow server
- Example Buyer Authentication Transactions
- Buyer Authentication Transaction Parameters and Return Values
- ECI Values
- Logging Transaction Information
- Screening Transactions Using the Payflow SDK
- Downloading the Payflow SDK (Including APIs and API Documentation)
- Transaction Data Required by Filters
- Transaction Parameters Unique to the Filters
- Existing Payflow Parameters Used by the Filters
- Response Strings for Transactions that Trigger Filters
- Accepting or Rejecting Transactions That Trigger Filters
- Logging Transaction Information
- Responses to Credit Card Transaction Requests
- Fraud Filter Reference
- Testing the Transaction Security Filters
- Good and Bad Lists
- AVS Failure Filter
- BIN Risk List Match Filter
- Country Risk List Match Filter
- Email Service Provider Risk List Match Filter
- Freight Forwarder Risk List Match Filter
- Geo-location Failure Filter
- International IP Address Filter
- International Shipping/Billing Address Filter
- IP Address Match Filter
- Shipping/Billing Mismatch Filter
- Total Item Ceiling Filter
- Total Purchase Price Ceiling Filter
- Total Purchase Price Floor Filter
- USPS Address Validation Failure Filter
- ZIP Risk List Match Filter
- Testing Buyer Authentication Transactions Using the Payflow SDK
- Deactivating Fraud Protection Services
- Index
Fraud Protection Services User’s Guide 111
Testing Buyer Authentication Transactions Using the Payflow SDK
Buyer Authentication Testing Procedures
C
Verify Enrollment Transaction Test Cases
Example Return Values
NOTE: AUTHENTICATION_ID, AUTHENTICATION_STATUS, and ECI should be
returned in all cases. For buyer authentication transaction types, the
AUTHENTICATION_ID value performs the same function as the PNREF value that is
returned to standard Payflow transactions.
z Account is enrolled in the 3-D Secure program
If the cardholder is enrolled (test cases 1, 2, 3, 6, 7, and 8), then the
AUTHENTICATION_STATUS should be E, and PAREQ and ACSURL should return
non-null values.
RESULT[1]=0&RESPMSG[2]=OK&AUTHENTICATION_ID[20]=f43669e4921cf8b504c4&AUT
HENTICATION_STATUS[1]=E&PAREQ[428]=eJxVku1ugjAUhm+FeAH0A3Bozpr48WP+2GK23
UA9HJVECpYy9e7XCkzXkPS8fcvD6Vvg+2iJ1l+EnSUF79S2+kBRWbxO9mkync4onUmB+3yX8
RTTiYLt4pPOCn7ItmVtlIh5LIGN0hMsHrVxCjSel5sPJcMANiioyG7WSgwDWK/B6IrUkloXr
fTpVJqDn20Rreqq0eYG7O4D1p1x9qbylAMbBXT2pI7ONXPGLpdLvPMU7CHoGTHWFbCwB9iju
W0XqtYzr2Whpi+5FEWOlGOWU06U7f0HggOFdqQk5wmXIokEn3M5T1Jg93XQVWhCiVksM3/GX
kET4IvRCs7zCvioLRkcjzEqoGtTG/I7fFx/NRTUom99mB59r95CxOh8epngzw8Pad+NgLSKJ
6InWg8Ir7HhDtlw3b769xv8AhQarWM=&ACSURL[66]=http://pilot-buyerauth-
post.verisign.com/DDDSecure/Acs3DSecureSim/start
z All other cases
If the cardholder is not enrolled or other conditions (test cases 4 and 5), then the following
is returned:
RESULT[1]=0&RESPMSG[2]=OK&AUTHENTICATION_ID[20]=48c92770755039d6bb3d&AUT
HENTICATION_STATUS[1]=O&ECI[1]=1
PAREQ and ACSURL should not be returned, but AUTHENTICATION_ID and ECI must
be returned. (for example, test case 4 with a test MasterCard account):
Step 1 POST the PAREQ to the ACS URL
PAREQ and ACSURL values are returned for test cases 1, 2, 3, 6, 7, and 8. For other cases,
skip to “Submit the Payflow Sale or Authorization transaction with buyer authentication data”
on page 115.
TABLE C.3 Verify Enrollment test cases
AUTH_STATUS of
Verify Enrollment Transaction Test Case
E (Card Eligible for authentication) 1, 2, 3, 6, 7, 8
O (Attempt not available) 4
X (Unable to fulfill request) 5