Security Checks Guidance

CV2, AVS and 3DS Security Checks

This article is designed to provide guidance on configuring your Security Check Preferences within the Gateway. This section will provide guidance on the different states, what they mean and how to configure the checks in certain scenarios.

AVS and CV2 States
Partially Matched This is when the data supplied by the customer only partially matches to what the issuing bank as on record for the customer.
Not Matched This is when the data supplied by the customer doesn’t match to what the issuing bank has on record for the customer.
Not Checked This is when the data supplied by the customer hasn’t been checked due to previous data being wrong. Not Checked also occurs if the security check isn’t supported by the issuing bank.  
Not Known This is when the customer hasn’t supplied any data to be checked.

Strongest Level – All on

Weakest Level – All off

 CV2 on, AVS off

 CV2 off, AVS on

 CV2 on, Address Line off, Postcode on

 CV2 off, Address Line off, Postcode on

 CV2 on, Address Line on, Postcode off

 CV2 off, Address Line on, Postcode off

 CV2 on, Address Line on, Postcode off

 Accept Partially Matched AVS/CVS

 Accept Transactions where data hasn’t been supplied

3D Secure States
Attempted Authentication This is when the customer fails to complete the registration process for 3D Secure. If the customer is yet to register for 3D Secure, and is presented with an opportunity to register.
Not Authenticated This is when the customer has failed to successfully authenticate themselves on the 3D Secure transaction, or has cancelled the process.
Not Checked This is when the 3D Secure authentication could not be checked due to the customer card not being enrolled or valid for the 3D Authentication scheme. This also occurs if 3D Secure checking is disabled.
Not Known This is when the 3D Secure Authentication could not be performed due to an error.

Strongest Level – All on

 Weakest Level – All off

Recommended Level

Please note: If the Merchant is using 3D Secure it is important that the Gateway has the Merchant's website URL logged, alternatively they should be including it within the transaction request using the merchantWebsite parameter.To check if the website URL is logged, please check on the Dashboard of the MMS, under ‘Main Contact’. If it is missing, please contact Support and in the e-mail include the website URL to be added.

  • 15
  • 09-Jul-2018
  • 178 Views