The ECI value is provided by the issuer ACS. It indicates the level of authentication that was performed on the transaction. The ECI value received from authentication is forwarded in the authorization request and also determines whether a transaction recieves liability protection. Visa, American Express, Discover/Diners/Discover, JCB, Cartes Bancaires (VISA), UPIECI | Description | 3DS Version(s) | Merchant Liability Shift |
---|
05 | Cardholder authentication successful (this includes successful authentication using risk-based authentication and/or a dynamic password) | 3DS 1.0 EMV 3DS (2.0) | Yes | 06 | Merchant attempted to authenticate the cardholder - For 3DS 1.0.2, the ECI 06 value may be utilized as an authentication response from the Issuer ACS, at the issuer’s discretion. For example, issuers that use risk-based authentication may provide an ECI = 06 for a transaction that does not require step-up, also known as frictionless authentication. These issuers may reserve an ECI = 05 for transactions that were successfully stepped-up.
- For 3DS 2.0, the ECI 06 value can only be used to indicate that a “Merchant attempted to authenticate the cardholder”.
| 3DS 1.0 EMV 3DS (2.0) | Yes | 07 | Non-authenticated e-commerce transaction - technical errors
- improper configuration
- card and Issuing Bank are not secured by 3DS
| 3DS 1.0 EMV 3DS (2.0) | No |
MasterCard, Cartes Bancaires (Mastercard)ECI | Description | 3DS Version(s) | Merchant Liability Shift |
---|
00 | Non-authenticated e-commerce transaction - technical errors
- improper configuration
- card and Issuing Bank are not secured by 3DS
| 3DS 1.0 EMV 3DS (2.0) | No | 01 | Merchant attempted to authenticate the cardholder and received authentication value (Accountholder Authentication Value (AVV)) | 3DS 1.0 EMV 3DS (2.0) | Yes | 02 | Cardholder authentication successful (this includes successful authentication using risk-based authentication and/or a dynamic password) | 3DS 1.0 EMV 3DS (2.0) | Yes | 04 | Data share only: non-authenticated e-commerce transaction but merchants have chosen to share data via the 3DS flow with the issuer to improve authorization approval rates | EMV 3DS (2.0) | No | 06 | Acquirer exemption | EMV 3DS (2.0) | No | 07 | Recurring payments might be applicable for initial or subsequent transaction) - If this value is received on initial recurring paqyments merchant will have liability shift
- Subsequent transactions are considered as MIT and liability remains with the merchant
| EMV 3DS (2.0) | Yes |
|