Skip to main content

SCA Authentication Event Attempt Embedded or Hybrid Response

Embedded or Hybrid Strong Customer Authentication (SCA) authentication event attempt response, including details about the authentication process and outcome.

idstringrequired

Unique identifier for the SCA event attempt.

Example: 1559404
eventIdstringrequired

A distinct identifier for the SCA authentication event.

Example: 06bdcd2c-0cce-4b36-97ec-281c8f5d743c
walletOperationIdstringrequired

A distinct identifier for the wallet operation. This identifier is used to associate the wallet operation with the SCA authentication event.

Example: a5865fd6-18c2-45a8-9953-1c00eac36c36
authenticationModeSCA Authentication Mode (string)required

Mode of the Strong Customer Authentication (SCA) authentication process.

  • OUTSOURCED - The partner is responsible for handling the entire SCA process.
  • EMBEDDED - Paysafe is responsible for handling the entire SCA process, including user authentication and compliance with regulations like PSD2.
  • HYBRID - Paysafe manages the entire SCA process, excluding the communication with the end-user.

Possible values: [OUTSOURCED, EMBEDDED, HYBRID]

Example: OUTSOURCED
verification objectrequired

Enhanced verification details associated with the SCA authentication event attempt.

methodSCA Authentication Event Attempt Verification Method (string)required

Method used for verifying the SCA authentication event attempt.

  • PASSWORD - A secret combination of characters, typically chosen by the user, used to authenticate their identity.
  • PIN - A numeric code, typically six digits, used to authenticate the user's identity.
  • PASSKEYS - A set of predefined keys or a pattern chosen by the user to authenticate their identity.
  • OTP - One-Time Password sent via SMS, email, or authenticator application to the user's registered device.
  • BIOMETRIC - Authentication based on unique physical characteristics of the user, such as fingerprint, facial recognition, or iris scan.

Possible values: [PASSWORD, PIN, PASSKEYS, OTP, BIOMETRIC]

Example: OTP
channelSCA Authentication Event Attempt Verification Channel (string)

Channel used to send the verification method to the user.

  • SMS - Verification method sent via SMS to the user's registered device.
  • EMAIL - Verification method sent via email to the user's registered address.
  • AUTHENTICATOR - Verification method generated by an authenticator application installed on the user's device.
  • PUSH_NOTIFICATION - Verification method sent via the user's mobile device prompting them to approve or deny the authentication request.
  • REDIRECT - Verification method that redirects the customer to a Url hosted by Paysafe in order to complete the operation.

Possible values: [SMS, EMAIL, AUTHENTICATOR, PUSH_NOTIFICATION, REDIRECT]

Example: SMS
action object

Contains Action required for verifying the SCA authentication event attempt (when available).

returnUrlurl

The return URL to which users must be redirected after completing the required actions in Paysafe hosted UI. The Partner is required to communicate the provided returnUrl to Paysafe in advance for the it to be whitelisted and considered valid.

Once the redirect process is finished, the customer will be redirected back to the Partner, and the returnUrl will be enhanced with extra properties that include relevant details about the SCA authentication process, such as status:

  • status - It holds the outcome of the SCA authentication event, such as success or fail.
Example: https://some-process.paysafe.com/
redirectUrlurl

Redirect URL where the user should be redirected to in order to complete some action.

Example: https://some-process.paysafe.com/
targetstring

The destination for the verification mechanism (when available), such as the phone number or email address where the verification value will be delivered.

Example: jo***@example.com
currentAttemptsintegerrequired

The number of current attempts made for the SCA authentication event.

Example: 1
allowableAttemptsintegerrequired

The maximum allowable attempts for the SCA authentication event.

Example: 5
statusSCA Authentication Event Attempt Status (string)required

Status of the SCA authentication event attempt.

  • VERIFIED - The SCA authentication process has been successfully completed, and the user's identity has been verified.
  • REJECTED - The SCA authentication process has been rejected by the user, preventing the finalization of the wallet operation.
  • FAILED - The SCA authentication process has failed, preventing the finalization of the wallet operation. Please refer to statusReason for further information.

Possible values: [VERIFIED, REJECTED, FAILED]

Example: FAILED
statusReasonstring
creationTimedate-timerequired

Represents creation RFC 3339, section 5.6 date-time.

Example: 2021-07-15T17:54:12Z
SCA Authentication Event Attempt Embedded or Hybrid Response
{
  "id": "1559404",
  "eventId": "06bdcd2c-0cce-4b36-97ec-281c8f5d743c",
  "walletOperationId": "a5865fd6-18c2-45a8-9953-1c00eac36c36",
  "authenticationMode": "OUTSOURCED",
  "verification": {
    "method": "OTP",
    "channel": "SMS",
    "action": {
      "returnUrl": "https://some-process.paysafe.com/",
      "redirectUrl": "https://some-process.paysafe.com/"
    },
    "target": "jo***@example.com"
  },
  "currentAttempts": 1,
  "allowableAttempts": 5,
  "status": "FAILED",
  "statusReason": "string",
  "creationTime": "2021-07-15T17:54:12Z"
}