Request Data Sharing authentication

Last updated: June 19, 2024

Data Sharing guarantees a frictionless authentication experience for your customers by enabling you to share data using the authentication flow, without requesting full Strong Customer Authentication (SCA).

The additional authentication data provides extra points for issuers to consider when performing their risk analysis, which can help to improve your approval rates.

Information

Issuers may have their own level of support or approach to data sharing authentication, which can impact authorization performance.

Visa supports the standard data sharing flow on 3DS 2.2.

Mastercard supports data sharing through their proprietary Mastercard Identity Check Insights solution on 3DS 2.1 & 2.2.

If you're using our integrated authentication, include the following fields in your payment request:

3ds.exemption set to data_share
3ds.enabled set to true

If your data share request fails because the issuer does not support it, the payment will automatically fall back and be processed as a non-3DS payment during authorization.


1{
2  "source":{
3    "type": "card",
4    "number": "4242424242424242",
5    "expiry_month": 1,
6    "expiry_year": 2030
7  },
8  "amount": 100,
9  "currency": "GBP",
10  "3ds":{
11    "enabled": "true",
12    "exemption": "data_share"
13  }
14}


1{
2  "source": {
3    "type": "card",
4    "number": "4242424242424242",
5    "expiry_month": 1,
6    "expiry_year": 2030
7  },
8  "amount": 100,
9  "currency": "GBP",
10  "3ds": {
11    "downgraded": false,
12    "enrolled": "Y",
13    "authentication_response": "I",
14    "xid": "6a4a9429-bb6c-4d82-ac7e-8c7ee4eba29d",
15    "version": "2.2.0",
16    "challenged": false
17  }
18}

If you're using our standalone authentication, include the following in your payment request: challenge_indicator set to data_share.


1{
2  "source": {
3    "type": "card",
4    "number": "5454545454545454",
5    "expiry_month": 1,
6    "expiry_year": 2030
7  },
8  "amount": 100,
9  "currency": "GBP",
10  "challenge_indicator": "data_share",
11  "completion": {
12    "type": "non_hosted"
13   }
14}

Information

The standard data sharing flow and the Mastercard Identity Check Insights flow return different responses. You must add support for both response types in your integration.


1{
2  "id": "sid_xk63cmgruntupdvadqvcte3dsy",
3  "transaction_id": "30b1bdba-a3d1-4767-8ea0-1c2a29936396",
4  "amount": 10,
5  "currency": "GBP",
6  "authentication_type": "regular",
7  "authentication_category": "payment",
8  "status": "approved",
9  "status_reason": "ares_status",
10  "approved": true,
11  "protocol_version": "2.2.0",
12  "next_actions": [],
13  "ds": {
14    "reference_number": "3DS_LOA_DIS_VISA_020200_00563",
15    "transaction_id": "18ab5763-d77e-440d-95df-d144a0944f82"
16  },
17  "acs": {
18    "reference_number": "3DS_LOA_DIS_VISA_020200_00563",
19    "transaction_id": "18ab5763-d77e-440d-95df-d144a0944f82",
20    "challenge_mandated": false
21  },
22  "response_code": "I",
23  "challenged": false,
24  "cryptogram": "AgAAAAAAAIR8CQrXcIhbQAAAAAA=",
25  "transaction_type": "goods_service",
26  "eci": "07",
27  "scheme": "visa",
28  "exemption": {
29    "requested": "none",
30    "applied": "none"
31  },
32  "authentication_date": "2024-05-21T13:36:20.4023446Z",
33  "xid": "18ab5763-d77e-440d-95df-d144a0944f82",
34  "flow_type": "frictionless_delegated",
35  "challenge_indicator": "data_share"
36}


1{
2  "id": "sid_xk63cmgruntupdvadqvcte3dsy",
3  "transaction_id": "30b1bdba-a3d1-4767-8ea0-1c2a29936396",
4  "amount": 10,
5  "currency": "GBP",
6  "authentication_type": "regular",
7  "authentication_category": "payment",
8  "status": "approved",
9  "status_reason": "ares_status",
10  "approved": true,
11  "protocol_version": "2.2.0",
12  "next_actions": [],
13  "ds": {
14    "reference_number": "3DS_LOA_DIS_MAST_020200_00563",
15    "transaction_id": "18ab5763-d77e-440d-95df-d144a0944f82"
16  },
17  "acs": {
18    "reference_number": "3DS_LOA_DIS_MAST_020200_00563",
19    "transaction_id": "18ab5763-d77e-440d-95df-d144a0944f82",
20    "challenge_mandated": false
21  },
22  "response_code": "I",
23  "response_status_reason": "80",
24  "challenged": false,
25  "cryptogram": "AgAAAAAAAIR8CQrXcIhbQAAAAAA=",
26  "transaction_type": "goods_service",
27  "eci": "04",
28  "scheme": "mastercard",
29  "exemption": {
30    "requested": "none",
31    "applied": "none"
32  },
33  "authentication_date": "2024-05-21T13:36:20.4023446Z",
34  "xid": "18ab5763-d77e-440d-95df-d144a0944f82",
35  "flow_type": "frictionless_delegated",
36  "challenge_indicator": "data_share"
37}

If your request was successful and approved, you'll receive the following fields in the response:

status set to approved
response_code set to I
cryptogram set to your cryptogram value
eci set to 07 for Visa or 06 for Mastercard in a standard data sharing flow, or 04 in a Mastercard Identity Check Insights flow

You can continue to payment authorization.

If status is set to unavailable or declined in your response, the data sharing exemption request failed or was declined. For example, if the issuer does not support the data sharing flow.

You can handle this scenario in the same way that you would handle a failed or declined authentication, or proceed to authorization and process the payment as a non-3DS transaction.

Request Data Sharing authentication

Information

Data sharing authentication support

Request data sharing for integrated authentication

Request example

Response example

Request data sharing for standalone authentication

Request example

Response example

Information