A Digital Terminal can create multiple checkout initialization experiences for their DPAs. Sample user journeys are shown in the below pages. These user journeys are provided for illustrative purposes only. Digital Terminal should independently evaluate all content and recommendations in light of their specific business needs, operations, and policies, as well as any applicable laws and regulations.
Assumptions:
Journey:
Assumptions:
Journey:
Assumptions:
Journey:
Assumptions:
Journey:
Visa Secure with EMV 3-D Secure is embedded within Click to Pay to get authenticated payload without having to integrate with an external 3DS provider for Click to Pay transactions. This may not be available depending on regulatory requirements for certain countries or regions (e.g., Strong Consumer Authentication in Europe). DPA can provide a specific authentication preference during the transaction for Visa Click to Pay to facilitate 3DS authentication.
In the checkout request, the Digital Terminal can pass an authentication preference specifying 3DS as a method and pass respective configuration settings, including challenge indicator, to request 3DS authentication to be performed by Visa Click to Pay on behalf of its DPA. Visa Click to Pay will perform 3DS and return payment credentials in the checkout response, including ECI value and dynamic data.
Note: The Digital Terminal must be configured for 3DS authentication with Visa to take advantage of 3DS within Click to Pay.
Assumptions:
Journey:
FIDO (Fast Identity Online) is a set of standards-based authentication protocols designed to enable biometric authentication online. To ensure cardholders get an improved and more seamless e-Commerce checkout experience, Visa is introducing Click to Pay with authentication through passkeys built on FIDO alliance standards.
Assumptions:
Journey:
Assumptions:
Journey:
Visa Click to Pay system supports issuer Cardholder Verification Methods via Online Banking for token to device binding and cardholder verification for risk based assessments or for DPA/Digital Terminal requesting authentication. This authentication is based on Cloud Token Framework rails and issuer needs to enroll for the same. In the Checkout request, Digital Terminal can pass authentication preference or Visa Click to Pay system may authenticate the consumer following risk based assessment.
Visa Click to Pay system will direct the user to web URL provided by the issuer. Issuer will either direct the consumer to the bank app if on the same device or provide a push notification to the consumer on the device with the bank app. Issuer will redirect the consumer the Visa Click to Pay URL. Visa Click to Pay will poll for authentication results and provide the payload and payment credentials to the Digital Terminal.
Assumptions:
Journey:
In the Checkout request, Digital Terminal can pass authentication preference or Visa Click to Pay system may authenticate the consumer following risk based assessment. Visa Click to Pay system will return a response with pending authentication with a list of authentication methods and Digital Terminal will invoke the authentication method. Visa Click to Pay system will direct the user to web URL provided by the issuer. Issuer will either direct the consumer to the bank app if on the same device or provide a push notification to the consumer on the device with the bank app. Issuer will redirect the consumer the Visa Click to Pay URL. Digital Terminal will poll for the authentication results and Visa Click to Pay system will provide the payload and payment credentials to the Digital Terminal.
Assumptions:
Journey:
Visa Click to Pay system supports issuer Cardholder Verification Methods via email and SMS one time passcode for token to device binding and cardholder verification for risk based assessments or when DPA/Digital Terminal has requested for authentication. For DPAs/Digital Terminal requesting authenticated payload, token to device binding will be used as an authentication factor. DPA/Digital Terminal can provide a specific authentication preference during the transaction for Visa Click to Pay to facilitate authentication.
Visa Click to Pay system supports DPA/Digital Terminal initiating the authentication for issuer one time passcode. In the Checkout request, DPA/Digital Terminal can pass an authentication preference or the Visa Click to Pay system can authenticate the consumer following a risk-based assessment. In SRC initiating, the Digital Terminal passes the OTP value and assurance data in the checkout request. The Visa Click to Pay system validates the OTP and provides the payload and payment credentials to the Digital Terminal.
In the Digital Terminal initiation, Digital Terminal passes the OTP value to the Visa Click to Pay system via authenticate API and receives assurance data from the Visa Click to Pay system. Digital Terminal passes the assurance data in the checkout request and Visa Click to Pay system provides the payload and payload credentials to the Digital Terminal.
Assumptions:
Journey:
Assumptions:
Journey:
Certain Visa card products support both credit and debit accounts (such as combo cards in Brazil) and allow cardholders to choose whether the transaction will be processed as credit or debit at checkout. When the Visa Click to Pay system returns card details, an additional combo card indicator is included the image above. The Digital Terminal can use this indicator to enable the user experience based on merchant market preferences.