open menu
axerve docs
Fraud prevention/External TRA

External TRA

Transactions Risk Analysis

Axerve allows for transactions to be processed through external transaction risk analyses (TRA).

This occurs when a merchant integrates directly a fraud prevention engine capable of providing a PSD2 compliant risk analysis and wishes to leverage such analysis to request an exemption from applying the regular 3DS flow.

As a consequence, the merchant will be able to access a valuable tool to exempt transactions from being declined during the authentication step and thus, improve both the UX for their customers and the overall conversion rates.

Available features
attivaAPI (Rest, Soap)
non attivaPlugin

In order to process transactions with an “external TRA” request, the following requirements must be met:

  • the acquirer has reviewed and approved the request to process transactions via TRA for the merchant, after an evaluation based on, but not limited to, past fraud rates, merchant’s industry, terms and conditions, product/service features and fraud prevention measures that are implemented.

    In case fraud rates rise above the thresholds that the acquirer deems reasonable, the approval to process transactions as TRA might be revoked

  • the merchant has updated their integration in order to mark transactions with the correct exemption request parameter

When a transaction is marked as external TRA, it will be processed directly to authorization with a ‘TRA’ exemption request. Successfully exempted transactions will not be protected by security protocols, therefore in case of frauds the liability is the merchant’s.

The issuer can, in some cases, request authentication anyway. In this case the process will be the same as a 3D Secure transaction’s, so the merchant will receive a soft error 8006 (for more information on 3D Secure transactions, click here).

For any further detail and/or to request the feature to be enabled on your account, please contact your account manager.

Technical guidelines

In order to process a transaction as an external TRA, it is necessary to send Axerve authenticationLevel = "TR" in the transDetails object.

S2S integration example

full screen
1<soapenv:Envelope xmlns:soapenv="" xmlns:ecom="">
2 <soapenv:Header/>
3 <soapenv:Body>
4  <ecom:callPagamS2S>
5   <ecom:shopLogin>testrisk</ecom:shopLogin>
6   <ecom:uicCode>242</ecom:uicCode>
7   <ecom:amount>1</ecom:amount>
8   <ecom:shopTransactionId>tra_esterna</ecom:shopTransactionId>
9   <ecom:cardNumber>4012000000003010</ecom:cardNumber>
10   <ecom:expiryMonth>05</ecom:expiryMonth>
11   <ecom:expiryYear>27</ecom:expiryYear>
12    <ecom:transDetails>
13       <ecom:threeDsContainer>
14         <ecom:transTypeReq></ecom:transTypeReq>
15       </ecom:threeDsContainer>
16       <ecom:type></ecom:type>
17       <ecom:threeDSAuthResult>
18       <ecom:authenticationLevel>TR</ecom:authenticationLevel>
19       <ecom:authenticationStatus></ecom:authenticationStatus>
20       <ecom:XID></ecom:XID>
21       <ecom:AV></ecom:AV>
22       <ecom:ECI></ecom:ECI>
23       <ecom:AVAlgorithm></ecom:AVAlgorithm>
24       <ecom:threeDsVersion></ecom:threeDsVersion>
25       </ecom:threeDSAuthResult>
26     </ecom:transDetails>
27  </ecom:callPagamS2S>
28 </soapenv:Body>

REST /submit

full screen
2  "shopLogin":"testrisk",
3  "paymentTypeDetails":{ 
4    "creditcard":{
5      "number":"4775718800002026",
6      "token":"",
7      "expMonth":"05",
8      "expYear":"27",
9      "CVV":"390",
10      "requestToken":"",
11      "DCC": "FALSE"
12    }
13  },
14  "responseURLs":{ 
15    "buyerOK":"",
16    "buyerKO":"",
17    "serverNotificationURL":""
18  }

Encrypt - online pagam example

full screen
1<soapenv:Envelope xmlns:soapenv="" xmlns:ecom="">
5   <ecom:shopLogin>testrisk</ecom:shopLogin>
6   <ecom:uicCode>242</ecom:uicCode>
7   <ecom:amount>20</ecom:amount>
8   <ecom:shopTransactionId>tra_risk</ecom:shopTransactionId>
9   <ecom:buyerName/>
10   <ecom:buyerEmail/>
11   <ecom:languageId/>
12   <ecom:transDetails>
13    <ecom:threeDsContainer>
14      <ecom:transTypeReq></ecom:transTypeReq>
15    </ecom:threeDsContainer>
16    <ecom:type></ecom:type>
17    <ecom:threeDSAuthResult>
18      <ecom:authenticationLevel>TR</ecom:authenticationLevel>
19      <ecom:authenticationStatus></ecom:authenticationStatus>
20      <ecom:XID></ecom:XID>
21      <ecom:AV></ecom:AV>
22      <ecom:ECI></ecom:ECI>
23      <ecom:AVAlgorithm></ecom:AVAlgorithm>
24      <ecom:threeDsVersion></ecom:threeDsVersion>
25    </ecom:threeDSAuthResult>
26    <ecom:previousTransDetails>
27      <ecom:authData></ecom:authData>
28      <ecom:authMethod></ecom:authMethod>
29      <ecom:authTimestamp></ecom:authTimestamp>
30      <ecom:acsID></ecom:acsID>
31      <ecom:bankTransactionID></ecom:bankTransactionID>
32      <ecom:XID></ecom:XID>
33    </ecom:previousTransDetails>
34   </ecom:transDetails>

SOAP Encrypt - iFrame example

Check SOAP Encrypt - online pagam example; then proceed with js of iFrame flow integration

Axerve Pay By Link integration example

full screen
2 "shopLogin":"testrisk",
3 "amount":"1",
4 "currency":"242",
5 "languageID":"1",
6 "shopTransactionID":"test",
7  "buyerEmail",
8 "paymentChannel":{     "channelType":["EMAIL"]   },
9  "transDetails": {
10    "threeDSAuthResult": {
11      "authenticationLevel":"TR",
12      "authenticationStatus":"",
13      "XID":"",
14      "AV":"",
15      "ECI":"",
16      "AVAlgorithm":"",
17      "threeDsVersion":""
18    }
19  }

Lightbox integration example

full screen
2  "shopLogin":"testrisk",
3  "amount":"1",
4  "currency":"242",
5  "languageID":"1",
6  "shopTransactionID":"test",
7  "transDetails": {
8    "threeDSAuthResult": {
9      "authenticationLevel":"TR",
10      "authenticationStatus":"",
11      "XID":"",
12      "AV":"",
13      "ECI":"",
14      "AVAlgorithm":"",
15      "threeDsVersion":""
16    }
17  }

Then proceed with lightbox integration.

Specific errors

Description / Action

8008 - Function not available

Shop_Login configurations are incomplete or incorrect.
Contact your account manager or Axerve’s customer care.

8006 - Verify By Visa

The transaction has been soft-declined.
Authentication of the cardholder is requested.

1182 - Wrong parameter value authenticationLevel

authenticationLevel field has been filled with an unaccepted value.
It is necessary to inspect/correct the integration in order to avoid systematic/recurring errors of this type.

1147 - Amount too high

The amount of the transaction for which an exemption is requested exceeds the amount limit set by the acquirer.

prevAxerve Advice
Banca Sella Risk Based Authentication on Axerve gatewaynext