Please note that some data elements in EMV 3DS that are marked as conditional required are further specified as:

Required unless market or regional mandate restricts sending this information.

This applies for instance to data elements such email, phone number or billing address.

Considering the legal landscape and depending on the issuer (or more precisely on the vendor of the issuer Access Control Server (ACS)) this specification might be interpreted as strictly required within the European Economic Area (EEA).

Contrary to the EMV 3DS protocol specification:

A.1 Missing Required Fields

. . .

Unless explicitly noted, if a required field is missing, the receiving component returns an Error Message . . . This applies whether the field is always Required or Conditionally required.

the card schemes mandated that issuers must not decline EMV 3DS messages when one or more of conditional fields are absent. But the card schemes also stipulate that merchants must send conditional fields in EMV 3DS messages in accordance with the applicable data protection law.

The following elements are considered key and it is strongly advised to provide these data points:

  • Cardholder Information

    • Name

    • Email address

    • Home phone number

    • Mobile phone number

    • Billing address

    • Shipping address

  • Browser Information (depending on the integration type)

    • IP address

As a general rule it is strongly recommended to always send conditional required data elements to avoid unnecessary friction and declines.