RDX Specification

RDX 2.2.2 Changelog

Changes from RDX Version 2.2.1

Suggest Edits
Description of Changes
Creation of RDX 2.2.2 Message Version to support Embedded Out-of-Band (OOB) flow
RDXMessageVersion on all requests updated to 2.2.2
Addition of a new StepupType field name on the RDX Stepup Response

  • Value: OUTOFBAND_EMBEDDED


    • Addition of a new StepupRequest field and value:

  • Field Name: EmbeddedOOBResponseUrl

  • Value for STAG: https://authenticationstag.cardinalcommerce.com/Redirect

  • Value for PROD: https://authentication.cardinalcommerce.com/Redirect


    • Addition of a new Type in the Credentials Object on the Stepup Response:
  • Field Name: Type

  • Value: OUTOFBANDTOKEN (only used with Embedded OOB)

  • New Field: Token


    • Addition of OUTOFBANDTOKEN Credential.Type to:
  • StepupResponse

  • InitiateActionRequest

  • InitiateActionResponse

  • ValidateRequest.CredentialResponse
    • Addition of RReqOverrides object to ValidateResponse:

  • authenticationMethod

  • transStatusReason

  • authenticationAttempts

  • customerCancel


    • ValidateResponse.RReqOverrides (Object) length updated to “value from list.”
    Addition of RuleOutcome field to RiskRequest
    Updates to ValidateRequest.CredentialResponse (List)(Object) to reflect conditional value based on response type.
    Updates to:
    RiskRequest.TransactionInfo (Object)
    StepupRequest.TransactionInfo (Object)
    InitiateActionRequest.TransactionInfo (Object)

  • Updated TransactionAmount and TransactionCurrency fields to reflect conditional value based on NPA Requestor Authentication Indicator.ValidateResponse.RReqOverrides Authentication Attempts field updated to maximum 2 characters (01-99)Addition of:
  • Embedded OOB Flow diagram

  • Embedded OOB Process steps

  • Updated code samples for Form POST to issuer’s Embedded OOB URL
    • Text field changed from Optional to Conditional in the following objects:

  • StepupResponse.Credentials.Credential (List)(Object)

  • InitiateActionRequest.Credentials.Credential (List)(Object)

  • InitiateActionResponse.Credentials (Object)
    • Addition of MerchantAppRedirectURL field to support MC 2.2
  • StepupRequest.MerchantInfo (Object)
  • InitiateActionRequest.MerchantInfo (Object)
    • Addition of TransactionType and Channel fields in the InitiateActionRequest.TransactionInfo object
    Addition of ReasonDescription field in the following objects:

  • StepupResponse.Error

  • InitiateActionResponse.Error

  • ValidateResponse.Error
    • Removal of “Will be available at future date” from the following fields (fields are currently available):

  • StepupRequest.MerchantInfo.AcquirerCountryCode

  • RiskResponse.ExemptionResponse.WhitelistStatus
    • Note added to the following fields, as these fields are not currently available:

  • DecoupledRequestIndicator

  • DecoupledMaxTime

    • Note: Not currently available; may be available at a later date.
    All references to 3DS 1.0 have been removed due to global sunset of 3DS 1.0 by all payment networks.
    All API call response statuses of “ATTEMPTS” have been deleted since ATTEMPTS is only supported for EMV 1.0.x transactions.
    Update to definition of MerchantAppRedirectURL:

  • StepupRequest.MerchantInfo (Object)

  • InitiateActionRequest.MerchantInfo (Object)
    • StepupRequest.CardholderSelectionInfo object updated as Conditional
    RiskRequest.TransactionInfo.BillingAddress (Object)fields have been updated as “Optional”
    WhyInfo (Object) has been removed from:

  • Risk Response
  • Initiate Action Response
  • Validate Response**

    • Updated 5 months ago