MasterCard 3DSecure update for 2022

Posted On: Wednesday, January 19th, 2022

MasterCard 3DSecure update for 2022

MasterCard news

Welcome to the first newsletter for 2022. This year will be an eventful year for 3DSecure which will mark the final year for 3DSecure version 1.

Sunset for 3DSecure Version 1

MasterCard will fully decommission 3DS1 on October 18, 2022. MasterCard will also stop accepting new merchant enrolments from March 31st 2022.

India On Soil Requirement

India is requiring that domestic transactions will be routed to a local endpoint rather than the global MasterCard directory endpoint.

This follows from the directive issued by RBI in April 2018 (‘Storage of Payment System Data’, DPSS.CO.OD. No 2785/06.08.005/2017-18) which requires that all payment system providers to store Indian payments data on-soil in India.

MasterCard is deploying multiple systems in India to enable the on-soil processing of India domestic transactions. To support this, customers must make a few changes to how they connect with MasterCard. MasterCard is requiring that all customers in India complete these changes in Production by 15 February 2022.

To support this, MasterCard will:

  • Create new public URLs, IP addresses, and ports for file transfer and authentication
  • Build a new secure delivery push setup for data centers in India
  • Provide new MasterCard Data Exchange—India MTF and Mastercard Data Exchange—India applications on Masterard Connect

MasterCard has now re-enabled KX AAVs for Identity Check Insights transaction functionality

Effective 21 July 2021, MasterCard implemented AAVs for Identity Check Insights transactions. The leading indicator for these AAVs associated with Identity Check Insights (Security Level Indicator [SLI]) of 214 is kX.

MasterCard disabled the generation of the kX AAV for Identity Check Insights due to no On Behalf Service (OBS) 05 results posting Data Element (DE) 48.71 for authortizations with SLI 214 (Data Element [DE] 48.42) and AAV kX (Data Element [DE] 48.43), effective 18 August 2021.

During time of disablement with the 21Q4 Core Release in mid-October 2021, MasterCard implemented a fix for the OBS 05 service to process AAV verification for authorizations with SLI 214 (DE 48.42) and AAV kX (DE 48.43).

Effective 15 September 2021, MasterCard implemented AAVs for Identity Check non-payment challenge authentications. The leading indicator for these AAVs will be yB and not usable within authorization. At this time, MasterCard will not generate AAVs for non-payment frictionless authentications.

Effective 2 November 2021, MasterCard re-enabled kX AAVs for Identity Check Insights transactions functionality.

3DS Version 2.2 must be supported for MasterCard, effective  date 14 October 2022

Mastercard is announcing revised Standards for EMV 3D-Secure (3DS) version 2.2 specifications implementation for all card-not-present (CNP) transactions on Mastercard and Maestro account ranges. The revised Standards will require issuers and acquirers in the Europe region to support cardholder authentication using EMV 3DS version 2.2, effective 14 October 2022.

EMV 3DS 2.2 brings a number of key benefits over the EMV 3DS 2.1 and older industry standards:

  • Streamlines authentication through promotion of frictionless authentication by offering message enhancements for fewer step-up authentications
  • Improves user experience for out-of-band (OOB) transactions by requiring issuers and acquirers (for their merchants) to support merchant app re-direction, eliminating the need for additional cardholder interaction to complete the challenge process
  • Enables issuers to fully meet the requirements of the Payment Service Directive 2 (PSD2) Strong Customer Authentication (SCA) Regulatory Technical Standards (RTS) by offering fully compliant authentication methods
  • Enables a fully functional trusted merchant listing (TML)2 for merchants and issuers, thus creating a user-friendly and frictionless experience for cardholders
  • Enables 3DS requestor challenge indicators for acquirer exemptions identification, thus helping merchants influence decisioning
  • Enables 3DS requestor-initiated (3RI) payment authentication flow

In addition to the EMV 3DS 2.2 standard and some EMV 3DS 2.2 announced features, issuers and acquirers must also adopt features that are intended to improve authentication performance:

  • Authentication app re-direction, eliminating the need for additional cardholder interaction to complete the OOB app transactions
  • Additional insights on the challenge flow performance to facilitate monitoring and problem resolution


Full support for major card brands and banks

Making eCommerce Safe

Be in the know

Industry news, events and major releases.

See you at Seamless Middle East 2024, Dubai World Trade Centre
Posted on: Thursday 9th May, 2024

Endeavour 3DSecure - Authentication done right!

Meet us at MRC in Barcelona
Posted on: Wednesday 17th April, 2024

Endeavour 3DSecure and Tokenization, your trusted companion in payments.

Endeavour will participate at Singapore Fintech Festival
Posted on: Friday 10th November, 2023

Let's talk Authentication and Tokenization in Singapore.

Here to help

Questions? We've got answers.

Kindly note that we do not support cardholders wanting to activate 3D Secure on their card. Please contact your bank directly using the phone number provided on the back of your card.