Welcome to our new developer portal! Use the "Ask" button to chat with our AI Agent.
Ctrlk
For the complete documentation index, see llms.txt. This page is also available as Markdown.

Configure rulesets for 3DS decisioning

Overview

During D1 onboarding, the Issuer defines rulesets and associates them with card products in D1.

A ruleset is an ordered list of rules. Each rule combines one or more conditions and sets the 3DS action to apply when those conditions are met.

How evaluation works

  • Rules are evaluated from top to bottom.

  • Within a single rule, conditions are combined with AND.

  • The first matching rule determines the action.

  • If no rule matches, the ruleset’s default action applies.

Examples

  • If the amount is <= 5 USD and merchantName = "Trusted Store", apply frictionless authentication.

  • If the amount is > 5 USD, apply a challenge with OOB authentication.

Generic rules

Rule
Description

Currency

ISO 4217 currency code.

Minimum amount

The minimum transaction amount required.

Maximum amount

The maximum transaction amount allowed.

Same device, same PAN

Checks recent authentications on the same device for the same PAN within a defined time window.

Device channel

app or browser.

Acquirer BIN + merchant ID

A BIN + merchant ID pair, or a comma‑separated list of pairs.

Merchant category code (MCC)

MCC value, or a comma‑separated list of MCC values.

Merchant country

A two‑letter ISO country code, or a comma‑separated list of ISO country codes.

Merchant name

Merchant name value.

Mastercard merchant fraud level

Comma‑separated Mastercard merchant fraud levels.

Mastercard secure corporate payment exemption

Indicates whether a secure corporate payment exemption applies.

3DS requestor challenge indicator

3DS requestor challenge indicator.

3DS requestor authentication indicator

3DS requestor authentication indicator.

Mastercard acquirer SCA exemption

Comma‑separated Mastercard acquirer SCA exemption values.

Cardholder IP address

IP address value or range.

Cardholder IP country

A two‑letter ISO country code.

Shipping indicator

Shipping indicator value.

Transaction type

Transaction type value.

Message category

Message category value.

Payment network

Visa or Mastercard.

Visa DAF authenticated payment credential status

Y (authenticated), N (not authenticated), U (unknown), B (blocked), I (invalid).

Visa DAF advice

Visa DAF advice indicator.

Visa secure corporate payment exemption

Visa extension – secure corporate payment.

PAN count velocity

Count of authentications over a period for a PAN.

PAN spent velocity

Cumulative amount spent over a period for a PAN.

PSD2 rules

Rule
Description

Transaction amount since last SCA

Cumulative amount since the last strong customer authentication (SCA) event.

Transaction count since last SCA

Number of transactions since the last strong customer authentication (SCA) event.

3RI rules

Rule
Description

Prior authenticated transaction exists

Checks whether the 3DS requestor prior transaction reference refers to the ACS transaction ID of a previous successfully authenticated transaction.

Check prior authenticated transaction(s) amount

Checks whether the current 3RI transaction amount exceeds the amount of the original/initial transaction.

3RI indicator

The type of 3RI request.

Is recurring transaction expired

Validates that the 3RI recurring/instalment transaction is invoked within the recurring expiry period defined on the initial transaction.

Is minimum recurring frequency days elapsed

Validates that the 3RI recurring/instalment transaction is invoked per the recurring frequency days defined on the initial transaction.

Maximum authentications permitted for instalments reached

Validates that the maximum number of payment authentications for 3RI recurring/instalment transactions defined in the initial transaction (purchaseInstalData) has been reached.

Minimum amount

The minimum transaction amount required.

Maximum amount

The maximum transaction amount allowed.

Message category

Payment or non‑payment type.

Payment network

Visa or Mastercard.

Acquirer BIN + merchant ID

A BIN + merchant ID pair, or a comma‑separated list of pairs.

Merchant category code (MCC)

MCC value, or a comma‑separated list of values.

Merchant country

A two‑letter ISO country code, or a comma‑separated list of ISO country codes.

Merchant name

Merchant name value.

Visa DAF‑ and Mastercard‑specific fields are available only when the corresponding Payment Network features are enabled in your configuration.

PreviousImplement 3DSNextImplement frictionless flow

Last updated

Was this helpful?