Friday, November 11, 2022

[FIXED] How do CAVV and XID look like?

      , , ,      No comments   

Issue

CAVV and XID are tokens to prove a 3D Secure transaction was authenticated. But how do they look like? If I receive one, how can I validate it really is a CAVV or XID? Can it be any 28-character long string? Or are there some rules (like the Luhn formula for credit card numbers)?


Solution

CAVV/AVV/UCAF/AEVV values can be encoded according to the merchants configuration in either Base64 encoding or Hex encoding.

  • A Base64 encoding merchant configuration will produce values of 28 or 32 characters.
  • A Hex encoding merchant configuration will produce values of 40 or 48 characters.
  • The value when decoded will either be 20 bytes for CAVV or 20 or 24 bytes if the value is AAV (MasterCard UCAF).

Similarly XID will be encoded according to the merchants configuration in either Base64 encoding or Hex encoding as well.

  • A Base64 encoding merchant configuration will produce values of 28 characters.
  • A Hex encoding merchant configuration will produce values of 40 characters.


Answered By - Kunal Patel
Answer Checked By - Senaida (PHPFixing Volunteer)

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...