When cryptogram type of CAVV - Cardholder Authentication Verification Value is present in Bancorp's API, the CAVV Results Code returned in the response indicates whether the downstream issuing systems were able to successfully verify this cryptogram value.

📘

When is CAVV Cryptogram Present

During a Create Transaction API, CAVV Cryptograms are forwarded to Card Networks in the Authorization message.

  • CAVV is present for 3DS-enabled transactions as well as with Apple Pay and Google Pay token payloads.

When the instruction to authorize reaches the issuer, the issuing systems will verify the CAVV Value to ensure that the issuer authenticated the cardholder for the transaction and that its contents have not been altered.

When available from the card networks in the Authorization Response, Bancorp will relay the CAVV Results Code in our API response.

⚠️

CAVV Results Code is a vital input to your Risk Decision

The CAVV Results Code enhances your risk management transaction data. Clients are encouraged to develop a risk strategy that utilizes a layered risk management approach.

CAVV Results Code is suggested to be used in combination with other risk-related data such as verifying addresses, geolocation data, device data, and historical transaction data.

Visa - CAVV Results Codes

CAVV Results CodeDescriptionWhat does this mean
BlankCAVV not present in authorization
message OR CAVV not verified,
issuer has not selected CAVV verification option
No liability shift; merchant not protected from chargebacks
0CAVV could not be
verified OR CAVV data was not
provided when expected
No liability shift; merchant not protected from chargebacks
1CAVV failed verification –
cardholder authentication
(Usually an indication of potential bad or fraudulent CAVV data in the authorization message; CAVV was created by the Issuer’s ACS)

Liability for this transaction should remain with the Issuer for fraud chargebacks.
2CAVV passed verification –
cardholder authentication
Fully authenticated transaction. Liability shift applied and the merchant is protected from applicable chargebacks.
3CAVV passed verification –
attempted authentication
Attempted authentication; Liability shift applied, and merchant is protected from applicable chargebacks.
4CAVV failed verification –
attempted authentication
Attempted authentication; Liability shift applied, and merchant is protected from applicable chargebacks.
5ReservedNot used/not applicable
6CAVV not verified, issuer not
participating in CAVV verification
Attempted authentication; Liability shift applied, and merchant is protected from applicable chargebacks.
7CAVV failed verification –
attempted authentication
Attempted authentication; Liability shift applied, and merchant is protected from applicable chargebacks.
8CAVV passed verification –
attempted authentication
Attempted authentication; Liability shift applied, and merchant is protected from applicable chargebacks.
9CAVV failed verification –
attempted authentication
Attempted authentication; Liability shift applied, and merchant is protected from applicable chargebacks.
ACAVV passed verification –
attempted authentication
Attempted authentication; Liability shift applied, and merchant is protected from applicable chargebacks.
BCAVV passed verification – no
liability shift
No liability shift; merchant not protected from fraud chargebacks.
CCAVV was not verified (Attempted
Authentication)
Liability shift applied, and merchant is protected from applicable chargebacks.
DCAVV was not verified (Cardholder
Authentication)
Liability shift applied, and merchant is protected from applicable chargebacks.

MasterCard - CAVV Results Code

CAVV Results CodeDescriptionWhat does this mean
0Authentication failedNo liability shift; merchant not protected from chargebacks.
1Authentication attemptedAttempted authentication; Liability shift applied, and merchant is protected from applicable chargebacks.

Not all card types are supported.
2Authentication successfulFully authenticated transaction.Liability shift applied and the merchant is protected from all chargebacks.

Scenarios when CAVV Verification Fails

CAVV verification can fail for one of the following reasons

ScenarioDetails
Transaction May Be FraudulentA fraud perpetrator may be trying to submit an authorization transaction with a “made up” CAVV in an attempt to obtain an authorization. Due to the
potential for fraud, issuers are most likely to decline the transaction when CAVV verification fails. This results data, therefore, enhances our client's risk decisioning process.
Processing Error (Rare)When CAVV data is corrupted
Issuer system issuesUnexpected issues at the issuer that prevents them from reading the CAVV cryptogram