StepupResponse
Response to the Stepup Request.
StepupRequest API Reference: Interactive request/response specification
StepupRequest Code Recipe: Pseudocode resource with code snippets
| Name | Description | Type | Length | Required |
|---|---|---|---|---|
| ProcessorId | Echoed from Request. | String | Up to 24 characters | Required |
| IssuerId | Echoed from Request. | String | Up to 24 characters | Required |
| IsBbConsentRequired | Indicates if legal consent is required for the behavioral biometrics flow. | Boolean | NA | Optional |
| TransactionId | Echoed from Request. | String | Up to 36 characters | Required |
| StepupRequestId | Echoed from Request. | String | Up to 36 characters | Required |
| StepupType | Used to identify the type of Stepup. If StepupType is included in the response, the StepupResponse.Credential must also be returned. Stepup Type Values | String | Enum | Optional |
| Language | Language to display the instructions and prompt to the cardholder. This value will decide which template is loaded, provided the language template is available. If not provided, the language is selected based on the issuer configuration and browser preference. Examples: | String | Up to 8 characters | Optional |
| Status | Status of Stepup Request. Possible values: | String | Enum | Required |
| TransStatusReason | Provides information on why the Transaction Status field has the specified value. Transaction Status Reason Values | String | 2 characcters | Optiona |
| RiskIndicator | If returned, this value will be used in the creation of certain Authentication Values (AV) for EMV 3DS. The value passed must conform to the current AV value the issuer is using. This may also depend on the card brand of the transaction. For example, CAVV and IAV accept different values. On Challenge responses (Stepup, InitiateAction, Validate) this value is currently ignored for CAVV usages in favor of mapping to the “Credential Type”. For Enhanced IAV SPA2 usage, if passed, this value will override the mapping to the “Credential Type”. Note: This value will be converted to the hexadecimal equivalent. Please see the “VCAS Enhanced AV Support Guide” for more details on current AVs available and the corresponding values. | String | Up to 3 characters | Optional |
| oobAppURL * | URL provided for OOB app-based authentication flow. The URL will redirect the user to the appropriate location within the authentication app. Not applicable for browser-based authentication. * Required for European issuers only, on Mastercard application-based transactions per Mastercard Bridging Extension Requirements for 2.2 transactions. | Strings | 2048 characters max. | Conditional |
| Credentials | A list of Credential objects that will be used to challenge the user. This must contain at least one credential object. If multiple objects are returned, VCAS can configure your setup to show the user a “choice screen”. StepupResponse.Credentials.Credential | List.Object | Minimum one character | Required |
| Reason | An object that can be used for sending a status code and description. StepupResponse.Reason | Object | NA | Optional |
| Error | An object that can be used to convey an error message on the response. StepupResponse.Error | Object | NA | Optional |
| WhyInfo | Object defining dynamic text values that can be shown to the consumer during the challenge flow. These fields will be mapped directly to both browser templates and SDK info fields. Note: this field is also configurable for SDK screens via VCAS template configurations. If this value is passed on RDX it will override the current configurable value. StepupResponse.WhyInfo (Object) | Object | NA | Optional |
Updated 2 months ago