RDX Specification

RDX 2.2.2 Changelog

Changes from RDX Version 2.2.1

Description of Changes
Creation of RDX 2.2.2 Message Version to support Embedded Out-of-Band (OOB) flow
RDXMessageVersion on all requests updated to 2.2.2
Addition of a new StepupType field name on the RDX Stepup Response
  • Value: OUTOFBAND_EMBEDDED

    Addition of a new StepupRequest field and value:
  • Field Name: EmbeddedOOBResponseUrl
  • Value for STAG: https://authenticationstag.cardinalcommerce.com/Redirect
  • Value for PROD: https://authentication.cardinalcommerce.com/Redirect

    Addition of a new Type in the Credentials Object on the Stepup Response
  • Field Name: Type
  • Value: OUTOFBANDTOKEN (only used with Embedded OOB)
  • New Field: Token

    Addition of OUTOFBANDTOKEN Credential.Type to:
  • StepupResponse
  • InitiateActionRequest
  • InitiateActionResponse
  • ValidateRequest.CredentialResponse

    Addition of RReqOverrides object to ValidateResponse:
  • authenticationMethod
  • transStatusReason
  • authenticationAttempts
  • customerCancel

    ValidateResponse.RReqOverrides (Object) length updated to “value from list.”
    Addition of RuleOutcome field to RiskRequest
    Updates to ValidateRequest.CredentialResponse (List)(Object) to reflect conditional value based on response type.
  • Updates to:
    RiskRequest.TransactionInfo (Object)
    StepupRequest.TransactionInfo (Object)
    InitiateActionRequest.TransactionInfo (Object)
  • Updated TransactionAmount and TransactionCurrency fields to reflect conditional value based on NPA Requestor Authentication Indicator.

    ValidateResponse.RReqOverrides Authentication Attempts field updated to maximum 2 characters (01-99)

    Addition of:
  • Embedded OOB Flow diagram
  • Embedded OOB Process steps
  • Updated code samples for Form POST to issuer’s Embedded OOB URL

    Text field changed from Optional to Conditional in the following objects:
  • StepupResponse.Credentials.Credential (List)(Object)
  • InitiateActionRequest.Credentials.Credential (List)(Object)
  • InitiateActionResponse.Credentials (Object)

    Addition of MerchantAppRedirectURL field to support MC 2.2
  • StepupRequest.MerchantInfo (Object)
  • InitiateActionRequest.MerchantInfo (Object)
  • Addition of TransactionType and Channel fields in the InitiateActionRequest.TransactionInfo object

    Addition of ReasonDescription field in the following objects:
  • StepupResponse.Error
  • InitiateActionResponse.Error
  • ValidateResponse.Error
  • Removal of “Will be available at future date” from the following fields (fields are currently available):
  • StepupRequest.MerchantInfo.AcquirerCountryCode
  • RiskResponse.ExemptionResponse.WhitelistStatus

    Note added to the following fields, as these fields are not currently available:
  • DecoupledRequestIndicator
  • DecoupledMaxTime
    Note: Not currently available; may be available at a later date.
  • All references to 3DS 1.0 have been removed due to global sunset of 3DS 1.0 by all payment networks.
    All API call response statuses of “ATTEMPTS” have been deleted since ATTEMPTS is only supported for EMV 1.0.x transactions.

    WhyInfo (Object) has been added to:
  • InitiateActionResponse
  • ValidateResponse

    Update to definition of MerchantAppRedirectURL:
  • StepupRequest.MerchantInfo (Object)
  • InitiateActionRequest.MerchantInfo (Object)
  • StepupRequest.CardholderSelectionInfo object updated as Conditional
    RiskRequest.TransactionInfo.BillingAddress (Object)fields have been updated as “Optional”

    WhyInfo (Object) has been removed from:
    • Risk Response
    • Initiate Action Response
    • Validate Response