On This Page
Simple Order API | Visa Platform Connect

Authorizations with Strong Customer Authentication Exemption

This section shows you how to process an authorization with a strong customer authentication (SCA) exemption.
Merchants can choose which exemption can be applied to a transaction, but the card-issuing bank actually grants an SCA exemption during card authentication.
An SCA exemption enables you to remain in compliance with the European Union's second Payment Services Directive. Depending on your processor, use one of these exemption fields:
If you send more than one SCA exemption field with a single authentication, the transaction is denied.
  • Authentication Outage
    : Payer authentication is not available for this transaction due to a system outage.
  • B2B Corporate Card
    : Payment cards specifically for business-to-business transactions are exempt.
  • Delegated Authentication
    : Payer authentication was performed outside of the authorization workflow.
  • Follow-On Installment Payment
    : Installment payments of a fixed amount are exempt after the first transaction.
  • Follow-On Recurring Payment
    : Recurring payments of a fixed amount are exempt after the first transaction.
  • Low Risk
    : The average fraud levels associated with this transaction are considered low.
  • Low Value
    : The transaction value does not warrant SCA.
  • Merchant Initiated Transactions
    : As follow-on transactions, merchant-initiated transactions are exempt.
  • Stored Credential Transaction
    : Credentials are authenticated before storing, so stored credential transactions are exempt.
  • Trusted Merchant
    : Merchants registered as trusted beneficiaries.

Exemption Fields Specific to the Strong Customer Authentication Use Case

Use one of these fields to request an SCA exemption:
Types of SCA Exemptions
Exemption Type
Field
Value
Authentication Outage
ccAuthService_ authenticationOutageExemptionIndicator
1
B2B Corporate Card Transaction
ccAuthService_ secureCorporatePaymentIndicator
1
Delegated Authentication
ccAuthService_ delegatedAuthenticationExemptionIndicator
1
Low-Risk Transaction
ccAuthService_ riskAnalysisExemptionIndicator
1
Low-Value Transaction
ccAuthService_ lowValueExemptionIndicator
1
Stored Credential Transaction
subsequentAuthStoredCredential
1
Trusted Merchant Transaction
ccAuthService_ trustedMerchantExemptionIndicator
1

Country-Specific Requirements

These fields are specific to certain countries and regions.
Argentina
billTo_merchantTaxID
Required for Mastercard transactions.
transactionLocalDateTime
Required when the time zone is not included in your account. Otherwise, this field is optional.
Brazil
billTo_personalID
Required for combo card transactions.
ccAuthService_overridePaymentDetails
Required for combo card line-of-credit and prepaid-card transactions.
Chile
billTo_merchantTaxID
Required for Mastercard transactions.
Paraguay
billTo_merchantTaxID
Required for Mastercard transactions.
Saudi Arabia
transactionMode
Taiwan
card_hashedAccountNumber

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.