The ECI value is provided by the issuer ACS. It indicates the level of authentication that was performed on the transaction. The ECI value received from authentication is forwarded in the authorization request and also determines whether a transaction recieves liability protection.
Visa, CB (Co-badged with VISA), American Express, UPI*, Discover/Diners*, JCB*
| ECI | Description | 3DS Version(s) | Merchant Liability Shift |
|---|---|---|---|
| 05 | Cardholder authentication successful (this includes successful authentication using risk-based authentication and/or a dynamic password) | 3DS 1.0 EMV 3DS (2.0) | Yes |
| 06 | Merchant attempted to authenticate the cardholder
| 3DS 1.0 EMV 3DS (2.0) | Yes |
| 07 | Non-authenticated e-commerce transaction
| 3DS 1.0 EMV 3DS (2.0) | No |
*Currently not available.
MasterCard, CB (Co-badged with MasterCard)
| ECI | Description | 3DS Version(s) | Merchant Liability Shift |
|---|---|---|---|
| 00 | Non-authenticated e-commerce transaction
| 3DS 1.0 EMV 3DS (2.0) | No |
| 01 | Merchant attempted to authenticate the cardholder and received authentication value (Accountholder Authentication Value (AVV)) | 3DS 1.0 EMV 3DS (2.0) | Yes |
| 02 | Cardholder authentication successful (this includes successful authentication using risk-based authentication and/or a dynamic password) | 3DS 1.0 EMV 3DS (2.0) | Yes |
| 04 | Data share only: non-authenticated e-commerce transaction but merchants have chosen to share data via the 3DS flow with the issuer to improve authorization approval rates | EMV 3DS (2.0) | No |
| 06 | Acquirer exemption | EMV 3DS (2.0) | No |
| 07 | Recurring payments might be applicable for initial or subsequent transaction)
| EMV 3DS (2.0) | Yes |