{"title":"Data-only flow","category":"default","creationDate":1672132140,"content":"<p>In a regular 3D Secure 2 flow, the payment has to be authenticated by the issuer before it can be authorized. In a data-only flow, you use the same 3D Secure 2 infrastructure, but only to share shopper data with Visa or Mastercard directly. The card schemes then handle the risk evaluation and the authentication with the issuer. The data-only flow is particularly useful outside <a href=\"\/pt\/online-payments\/psd2-sca-compliance-and-implementation-guide\">PSD2 SCA<\/a> regulated markets.<\/p>\n<h2 id=\"requirements\">Requirements<\/h2>\n<table>\n<thead>\n<tr>\n<th style=\"text-align: left;\">Requirement<\/th>\n<th style=\"text-align: left;\">Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td style=\"text-align: left;\"><strong>Integration type<\/strong><\/td>\n<td style=\"text-align: left;\">A <a href=\"\/pt\/online-payments\/3d-secure\/\">3D Secure 2 integration<\/a> for Web, Android or iOS. We recommend a <a href=\"\/pt\/online-payments\/3d-secure\/native-3ds2\">native 3D Secure 2 integration<\/a>.<\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\"><strong>Limitations<\/strong><\/td>\n<td style=\"text-align: left;\">The data-only flow is available for Visa and Mastercard outside <a href=\"\/pt\/online-payments\/psd2-sca-compliance-and-implementation-guide\">PSD2 SCA<\/a> regulated markets.<br><br><a href=\"#dcap\">DCAP<\/a> applies only to merchants in the United States and Canada.<\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\"><strong>Setup steps<\/strong><\/td>\n<td style=\"text-align: left;\">To use the <a href=\"#authentication-engine\">Authentication Engine<\/a> for the data-only flow, make sure that you: <ul><li>Have set up a 3D Secure 2 <a href=\"\/pt\/online-payments\/3d-secure\/native-3ds2\/\">native<\/a> (recommended) or <a href=\"\/pt\/online-payments\/3d-secure\/redirect-3ds2\/\">redirect<\/a> integration. <\/li><li>Set the default <a href=\"\/pt\/risk-management\/dynamic-3d-secure\/#default-rules\">dynamic 3D Secure rule<\/a> to <strong>Prefer not<\/strong>. <\/li><\/ul><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2 id=\"how-it-works\">How it works<\/h2>\n<p>When you send a data-only request, Adyen sends it directly to Visa or Mastercard. The card schemes then handle the authentication request with the issuer, and include their risk evaluation in the authorization message. The issuer uses the risk evaluation data to improve their decision when authorizing a payment.<\/p>\n<p>Because this flow only shares data, shoppers will <strong>not<\/strong> be presented with a 3D Secure 2 challenge. This also means that there is no liability shift for the data-only flow.<\/p>\n<h2 id=\"authentication-engine\">Use the Authentication Engine<\/h2>\n<p>We recommend using our <a href=\"https:\/\/www.adyen.com\/knowledge-hub\/psd2-simplified-with-our-new-authentication-engine\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" class=\"external-link no-image\">Authentication Engine<\/a> to make optimal use of the data-only flow, including Visa's <a href=\"#dcap\">Digital Commerce Authentication Program<\/a>. The Authentication Engine is included when you set up your native or redirect <a href=\"\/pt\/online-payments\/3d-secure\/\">3D Secure 2 integration<\/a> with Adyen. Based on issuer readiness and performance uplift, the engine can make the best decision on when to use the data-only flow.<\/p>\n<h2 id=\"submit-a-data-only-request\">Make a data-only payment request<\/h2>\n<p>When you use the native or redirect 3D Secure 2 integration for Web, iOS or Android, the <a href=\"#authentication-engine\">Authentication Engine<\/a> will decide if the data-only flow is triggered. No further action is required on your side.<\/p>\n<p>To optimize the engine and to help the card schemes and the issuers make better risk assessments, collect and submit as many of the following recommended fields as possible in your payment request:<\/p>\n<ul>\n<li>\n <a href=\"https:\/\/docs.adyen.com\/api-explorer\/Checkout\/latest\/post\/payments#request-shopperIP\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">shopperIP<\/a>\n<\/li>\n<li>\n <a href=\"https:\/\/docs.adyen.com\/api-explorer\/Checkout\/latest\/post\/payments#request-paymentMethod-CardDetails-holderName\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">paymentMethod.holderName<\/a>\n<\/li>\n<li>\n <a href=\"https:\/\/docs.adyen.com\/api-explorer\/Checkout\/latest\/post\/payments#request-shopperEmail\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">shopperEmail<\/a>\n<\/li>\n<li>\n <a href=\"https:\/\/docs.adyen.com\/api-explorer\/Checkout\/latest\/post\/payments#request-billingAddress\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">billingAddress<\/a>\n<\/li>\n<li> <a href=\"https:\/\/docs.adyen.com\/api-explorer\/Checkout\/latest\/post\/payments#request-deliveryAddress\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">deliveryAddress<\/a> (if available)<\/li>\n<li><code>threeDS2requestData.homePhone<\/code>, <code>threeDS2requestData.mobilePhone<\/code> or <code>threeDS2requestData.workPhone<\/code><\/li>\n<\/ul>\n<p>The <a href=\"\/pt\/online-payments\/3d-secure\/api-reference\/#3d-secure-2-additional-data-objects\">3D Secure 2 API reference<\/a> has more information about these fields.<\/p>\n<p>If you are processing Visa transactions in the United States or Canada, make sure that you review the <a href=\"#dcap\">DCAP<\/a> section below.<\/p>\n<p>If you want to force the data-only flow, or if you have built an <a href=\"\/pt\/online-payments\/3d-secure\/native-3ds2#api-only\">API-only integration<\/a> that uses our 3D Secure 2 component, make a POST  <a href=\"https:\/\/docs.adyen.com\/api-explorer\/Checkout\/latest\/post\/payments\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">\/payments<\/a> request containing the 3D Secure 2 fields and the following:<\/p>\n<ul>\n<li><code>additionalData.threeDS2DataOnly<\/code>: <strong>true<\/strong>. This forces the 3D Secure 2 data-only flow for all transactions where this flow is possible.<\/li>\n<li>For a better shopper experience, we recommend using specific 3D Secure 2 values. Depending on your integration:\n<ul>\n<li>Checkout API v68 or earlier: include <code>allow3DS2<\/code>: <strong>true<\/strong>.<\/li>\n<li>Checkout API v69 or later: include <code>nativeThreeDS<\/code>: <strong>preferred<\/strong>.<\/li>\n<\/ul><\/li>\n<\/ul>\n<div data-component-wrapper=\"code-sample\">\n    <code-sample :title=\"'Example data-only payment request'\" :id=\"''\" :code-data=\"[{&quot;language&quot;:&quot;curl&quot;,&quot;tabTitle&quot;:&quot;&quot;,&quot;content&quot;:&quot;curl https:\\\/\\\/checkout-test.adyen.com\\\/v72\\\/payments \\\\\\n-H 'X-API-key: ADYEN_API_KEY' \\\\\\n-H 'content-type: application\\\/json' \\\\\\n-d '{\\n        \\&quot;amount\\&quot;:{\\n            \\&quot;currency\\&quot;:\\&quot;EUR\\&quot;,\\n            \\&quot;value\\&quot;:1000\\n        },\\n        \\&quot;reference\\&quot;:\\&quot;YOUR_ORDER_NUMBER\\&quot;,\\n        \\&quot;paymentMethod\\&quot;:{\\n            \\&quot;type\\&quot;:\\&quot;scheme\\&quot;,\\n            \\&quot;number\\&quot;: \\&quot;5201281822783116\\&quot;,\\n            \\&quot;expiryMonth\\&quot;: \\&quot;03\\&quot;,\\n            \\&quot;expiryYear\\&quot;: \\&quot;2030\\&quot;,\\n            \\&quot;cvc\\&quot;: \\&quot;737\\&quot;,\\n            \\&quot;holderName\\&quot;: \\&quot;S. Hopper\\&quot;\\n        },\\n        \\&quot;authenticationData\\&quot;: {\\n            \\&quot;threeDSRequestData\\&quot;: {\\n   \\t              \\&quot;nativeThreeDS\\&quot;: \\&quot;preferred\\&quot;\\n            }\\n        },\\n        \\&quot;additionalData\\&quot; : {\\n            \\&quot;threeDS2DataOnly\\&quot;: true\\n        },\\n        \\&quot;browserInfo\\&quot;:{\\n            \\&quot;userAgent\\&quot;:\\&quot;Mozilla\\\\\\\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\\\\\\\/537.36 (KHTML, like Gecko) Chrome\\\\\\\/70.0.3538.110 Safari\\\\\\\/537.36\\&quot;,\\n            \\&quot;acceptHeader\\&quot;:\\&quot;text\\\\\\\/html,application\\\\\\\/xhtml+xml,application\\\\\\\/xml;q=0.9,image\\\\\\\/webp,image\\\\\\\/apng,*\\\\\\\/*;q=0.8\\&quot;,\\n            \\&quot;language\\&quot;:\\&quot;nl-NL\\&quot;,\\n            \\&quot;colorDepth\\&quot;:24,\\n            \\&quot;screenHeight\\&quot;:723,\\n            \\&quot;screenWidth\\&quot;:1536,\\n            \\&quot;timeZoneOffset\\&quot;:0,\\n            \\&quot;javaEnabled\\&quot;: true\\n        },\\n        \\&quot;channel\\&quot;: \\&quot;web\\&quot;,\\n        \\&quot;origin\\&quot; : \\&quot;https:\\\/\\\/your-company.example.com\\\/\\&quot;,\\n        \\&quot;returnUrl\\&quot; : \\&quot;https:\\\/\\\/your-company.example.com\\\/checkout\\\/\\&quot;,\\n        \\&quot;merchantAccount\\&quot;:\\&quot;YOUR_MERCHANT_ACCOUNT\\&quot;\\n    }'&quot;}]\" :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>\n<p>Check the <code>resultCode<\/code> included in the  <a href=\"https:\/\/docs.adyen.com\/api-explorer\/Checkout\/latest\/post\/payments\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">\/payments<\/a> response. If the <code>resultCode<\/code> is <strong>Authorised<\/strong>, inform the shopper that the payment was successful.<\/p>\n<div data-component-wrapper=\"code-sample\">\n    <code-sample :title=\"'Example data-only payment response'\" :id=\"''\" :code-data='[{\"language\":\"json\",\"tabTitle\":\"\",\"content\":\"{\\n\\\"pspReference\\\": \\\"V4HZ4RBFJGXXGN82\\\",\\n\\\"resultCode\\\": \\\"Authorised\\\"\\n}\"}]' :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>\n<h2 id=\"dcap\">Visa's Digital Commerce Authentication Program (DCAP)<\/h2>\n<div class=\"additional-info-block output-inline\">\n<div class=\"additional-info-block__body\"><p><strong>Eligibility<\/strong><br \/>\nDCAP currently only applies to merchants in the United States. The program expands to Canadian merchants in October 2026.<\/p><p>DCAP applies to customer-initiated, Card Not Present transactions. Cost-saving incentives do not apply to <a href=\"\/pt\/get-started-with-adyen\/adyen-glossary#contauth-continuous-authorization\">merchant-initiated transactions<\/a> or <a href=\"\/pt\/get-started-with-adyen\/adyen-glossary#point-of-sale\">in-person payments<\/a> transactions.<\/p><\/div><\/div>\n\n<p>DCAP is a Visa program that aims to enhance the security and authorization rates of <a href=\"\/pt\/get-started-with-adyen\/adyen-glossary#card-not-present-cnp\">Card Not Present<\/a> transactions by using the 3D Secure data-only flow to share more data with issuers. Visa offers interchange fee discounts for this data.<\/p>\n<p>We recommend that you use Adyen's <a href=\"https:\/\/www.adyen.com\/knowledge-hub\/psd2-simplified-with-our-new-authentication-engine\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" class=\"external-link no-image\">Authentication Engine<\/a> to optimize your interchange discounts with DCAP. We do not recommend that you apply the data-only flow for all transactions, as this can lower your authorization rates with some issuers.<\/p>\n<p>Visa requires you send <strong>all<\/strong> the following fields to qualify for DCAP interchange discounts:<\/p>\n<ul>\n<li>\n <a href=\"https:\/\/docs.adyen.com\/api-explorer\/Checkout\/latest\/post\/payments#request-shopperIP\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">shopperIP<\/a>\n<\/li>\n<li>\n <a href=\"https:\/\/docs.adyen.com\/api-explorer\/Checkout\/latest\/post\/payments#request-shopperEmail\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">shopperEmail<\/a>\n<\/li>\n<li> <a href=\"https:\/\/docs.adyen.com\/api-explorer\/Checkout\/latest\/post\/payments#request-billingAddress\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">billingAddress<\/a>: Include all billing address fields.<\/li>\n<li> <a href=\"https:\/\/docs.adyen.com\/api-explorer\/Checkout\/latest\/post\/payments#request-deviceFingerprint\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">deviceFingerprint<\/a>: Send a device fingerprint to identify the shopper's device.<\/li>\n<\/ul>\n<div class=\"notices yellow\">\n<p>Do not send empty or placeholder data with any of the above fields. If you fail to submit all fields, you will lose your interchange discount. If you repeatedly send incomplete data, Visa could remove you from DCAP.<\/p>\n<\/div>\n<h2 id=\"testing-3d-secure-2\">Test the data-only flow<\/h2>\n<p>Use the test card below to try the 3D Secure 2 data-only flow. Testing is only available for Mastercard.<\/p>\n<table>\n<thead>\n<tr>\n<th style=\"text-align: left;\">Card Type<\/th>\n<th style=\"text-align: left;\">Card Number<\/th>\n<th style=\"text-align: left;\">Expiry Date<\/th>\n<th style=\"text-align: left;\">CVC\/CVV<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td style=\"text-align: left;\">Mastercard<\/td>\n<td style=\"text-align: left;\">5201 2818 2278 3116<\/td>\n<td style=\"text-align: left;\">03\/2030<\/td>\n<td style=\"text-align: left;\">737<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>See also<\/h2>\n<div class=\"see-also-links output-inline\" id=\"see-also\">\n<ul><li><a href=\"\/online-payments\/3d-secure\/\"\n                        target=\"_self\"\n                        >\n                    3D Secure 2 authentication integration guide\n                <\/a><\/li><li><a href=\"\/online-payments\/psd2-sca-compliance-and-implementation-guide\/\"\n                        target=\"_self\"\n                        >\n                    PSD2 SCA compliance guide\n                <\/a><\/li><li><a href=\"\/risk-management\/dynamic-3d-secure\/\"\n                        target=\"_self\"\n                        >\n                    Dynamic 3D Secure\n                <\/a><\/li><\/ul><\/div>\n","url":"https:\/\/docs.adyen.com\/pt\/online-payments\/3d-secure\/data-only","articleFields":{"description":"Implement 3D Secure 2 to only share data with Visa or Mastercard instead of sending an authentication request.","id":"47486111","type":"page","_expandable":{"operations":""},"status":"current","feedback_component":true,"last_edit_on":"13-02-2023 00:12","page_id":"4df3cfd8-bc33-4779-992c-416b04dc7720","filters_component":false,"decision_tree":"[]"},"algolia":{"url":"https:\/\/docs.adyen.com\/pt\/online-payments\/3d-secure\/data-only","title":"Data-only flow","content":"In a regular 3D Secure 2 flow, the payment has to be authenticated by the issuer before it can be authorized. In a data-only flow, you use the same 3D Secure 2 infrastructure, but only to share shopper data with Visa or Mastercard directly. The card schemes then handle the risk evaluation and the authentication with the issuer. The data-only flow is particularly useful outside PSD2 SCA regulated markets.\nRequirements\n\n\n\nRequirement\nDescription\n\n\n\n\nIntegration type\nA 3D Secure 2 integration for Web, Android or iOS. We recommend a native 3D Secure 2 integration.\n\n\nLimitations\nThe data-only flow is available for Visa and Mastercard outside PSD2 SCA regulated markets.DCAP applies only to merchants in the United States and Canada.\n\n\nSetup steps\nTo use the Authentication Engine for the data-only flow, make sure that you: Have set up a 3D Secure 2 native (recommended) or redirect integration. Set the default dynamic 3D Secure rule to Prefer not. \n\n\n\nHow it works\nWhen you send a data-only request, Adyen sends it directly to Visa or Mastercard. The card schemes then handle the authentication request with the issuer, and include their risk evaluation in the authorization message. The issuer uses the risk evaluation data to improve their decision when authorizing a payment.\nBecause this flow only shares data, shoppers will not be presented with a 3D Secure 2 challenge. This also means that there is no liability shift for the data-only flow.\nUse the Authentication Engine\nWe recommend using our Authentication Engine to make optimal use of the data-only flow, including Visa's Digital Commerce Authentication Program. The Authentication Engine is included when you set up your native or redirect 3D Secure 2 integration with Adyen. Based on issuer readiness and performance uplift, the engine can make the best decision on when to use the data-only flow.\nMake a data-only payment request\nWhen you use the native or redirect 3D Secure 2 integration for Web, iOS or Android, the Authentication Engine will decide if the data-only flow is triggered. No further action is required on your side.\nTo optimize the engine and to help the card schemes and the issuers make better risk assessments, collect and submit as many of the following recommended fields as possible in your payment request:\n\n\n shopperIP\n\n\n paymentMethod.holderName\n\n\n shopperEmail\n\n\n billingAddress\n\n deliveryAddress (if available)\nthreeDS2requestData.homePhone, threeDS2requestData.mobilePhone or threeDS2requestData.workPhone\n\nThe 3D Secure 2 API reference has more information about these fields.\nIf you are processing Visa transactions in the United States or Canada, make sure that you review the DCAP section below.\nIf you want to force the data-only flow, or if you have built an API-only integration that uses our 3D Secure 2 component, make a POST  \/payments request containing the 3D Secure 2 fields and the following:\n\nadditionalData.threeDS2DataOnly: true. This forces the 3D Secure 2 data-only flow for all transactions where this flow is possible.\nFor a better shopper experience, we recommend using specific 3D Secure 2 values. Depending on your integration:\n\nCheckout API v68 or earlier: include allow3DS2: true.\nCheckout API v69 or later: include nativeThreeDS: preferred.\n\n\n\n    \n\nCheck the resultCode included in the  \/payments response. If the resultCode is Authorised, inform the shopper that the payment was successful.\n\n    \n\nVisa's Digital Commerce Authentication Program (DCAP)\n\nEligibility\nDCAP currently only applies to merchants in the United States. The program expands to Canadian merchants in October 2026.DCAP applies to customer-initiated, Card Not Present transactions. Cost-saving incentives do not apply to merchant-initiated transactions or in-person payments transactions.\n\nDCAP is a Visa program that aims to enhance the security and authorization rates of Card Not Present transactions by using the 3D Secure data-only flow to share more data with issuers. Visa offers interchange fee discounts for this data.\nWe recommend that you use Adyen's Authentication Engine to optimize your interchange discounts with DCAP. We do not recommend that you apply the data-only flow for all transactions, as this can lower your authorization rates with some issuers.\nVisa requires you send all the following fields to qualify for DCAP interchange discounts:\n\n\n shopperIP\n\n\n shopperEmail\n\n billingAddress: Include all billing address fields.\n deviceFingerprint: Send a device fingerprint to identify the shopper's device.\n\n\nDo not send empty or placeholder data with any of the above fields. If you fail to submit all fields, you will lose your interchange discount. If you repeatedly send incomplete data, Visa could remove you from DCAP.\n\nTest the data-only flow\nUse the test card below to try the 3D Secure 2 data-only flow. Testing is only available for Mastercard.\n\n\n\nCard Type\nCard Number\nExpiry Date\nCVC\/CVV\n\n\n\n\nMastercard\n5201 2818 2278 3116\n03\/2030\n737\n\n\n\nSee also\n\n\n                    3D Secure 2 authentication integration guide\n                \n                    PSD2 SCA compliance guide\n                \n                    Dynamic 3D Secure\n                \n","type":"page","locale":"pt","boost":17,"hierarchy":{"lvl0":"Home","lvl1":"Online payments","lvl2":"3D Secure 2 authentication","lvl3":"Data-only flow"},"hierarchy_url":{"lvl0":"https:\/\/docs.adyen.com\/pt","lvl1":"https:\/\/docs.adyen.com\/pt\/online-payments","lvl2":"https:\/\/docs.adyen.com\/pt\/online-payments\/3d-secure","lvl3":"\/pt\/online-payments\/3d-secure\/data-only"},"levels":4,"category":"Online Payments","category_color":"green","tags":["Data-only"]}}