Passcode Validation

This API is used for passcode-based (knowledge factor) 3DS authentication for e-commerce transactions in Strong Customer Authentication (SCA) requirement.

Clients are expected to implement this API. Nium platform will invoke this API to perform passcode validation during e-commerce transaction's authentication step.

POST https://<EComAuthCodeValidationBaseURL>/passcode



EComAuthCodeValidationBaseURL is the URL provided by the client during setup which will be used further by NIUM as a base URL.



Example Request

curl -X POST \
  'https://<EComAuthCodeValidationBaseURL>/passcode' \
    -H 'content-type: application/json' \
  -H 'x-request-id: 123e4567-e89b-12d3-a456-426655440000' \
  -H 'x-client-name: Cards-Customer-Service' \

  -d '{
        "merchantName":"Test Merchant"

Request Body

passcodeThe cardholder’s 6-digit passcode.StringRequired
maskedCardNumberThe 16-digit masked card number in format 1234-56xx-xxxx-3456.StringRequired
clientHashIdUnique client identifier generated and shared before API handshake.UUIDRequired
customerHashIdUnique customer identifier generated on customer creation.UUIDRequired
walletHashIdUnique wallet identifier generated with customer creation.UUIDRequired
cardHashIdUnique card identifier generated while new/add-on card issuance.UUIDRequired
transactionAmountThis field accepts the transaction amount.StringRequired
transactionCurrencyThis field accepts the 3-letter ISO-4217 transaction currency code.StringRequired
merchantNameThis field accepts the name of a merchant.StringRequired

Example Response

Successful Verification

    "message": "Request processed successfully",
    "referenceNumber": "481b18ad-1146-439b-a227-f42fda6ae306",
    "responseCode": "SSS000"

Failed Verification - 1

    "message": "Passcode not setup by user",
    "referenceNumber": "5faee1b2-97b0-4355-b2ad-774f1bfcb6c5",
    "responseCode": "VCU602"

Failed Verification - 2

    "message": "Passcode Mismatch",
    "referenceNumber": "9cac7923-42bf-4c9e-97d3-23ef41ba86b1",
    "responseCode": "VCU601"

Response Body

messageReturns a success or error message.String
referenceNumberContains the unique reference number.UUID
responseCodeContains the response code of the possible values:
SSS000 - The given passcode matches the customer's profile.
VCU601 - The given passcode does not match the customer's profile.
VCU602 - The customer does not have a passcode set up yet.