threeDSPolicy

Key

Format

CND

Description

skipThreeDS

string

O

Indicates whether and under which conditions authentication should be skipped or performed as data share only (dataOnly). By default, all transactions and SCA exemptions will be requested through EMV 3DS if not specified otherwise.

Values accepted:

• thisTransaction

• outOfScope

• dataOnly

threeDSExemption

object

O

Object detailing requested SCA exemptions

challengePreference

string

C

Indicates the merchant's challenge preference for this transaction during 3DS authentication. Mandatory only after a Soft Decline to re-trigger the transaction with 3DS and challenge mandated. Default value noPreference.

Values accepted:

• noPreference

• noChallenge

• requestChallenge

• mandateChallenge

Note: This parameter is ignored when SCA Exemption requested (threeDSExemption parameter is present).

Key

Format

CND

Description

exemptionReason

string

M

Designates the type of SCA exemption (e.g. Acquirer TRA or MIT) to be applied.

Values accepted:

• transactionRiskAnalysis

• delegatedAuthority

• lowValue

• trustedBeneficiary

• secureCorporatePayment

Note: Acquirer exemptions and other exemptions may be also requested through an authorization without authentication (i.e. EMV 3DS or EMV 3DS Data Only) depending on scheme specific rules.

Note: The exemption trustedBeneficiary is only valid for VISA.

merchantFraudRate

integer

O

Merchant fraud rate in bps taking into account all Merchant sites and card volumes, calculated as per PSD2 RTS Article 19.

The merchant fraud rate is optional and has to be calculated by the Acquirer.

The submission of this data point might be beneficial to increase the level of confidence of the ACS/issuer into the ongoing transaction. Also, Issuers may use it to decide if a merchant should be eligible for the white listing exemption.