Handle Request for Token Assurance
sd Handle Request for Token Assurance
:Financial Gateway
:Servicing Order
Determine ID and V Method
Perform Risk Based Non Interactive Authentication
Determine Need for Additional Factor Authentication
Determine Challenge or Response Method
Process Assurance Request
:Issued Device
Administration
Retrieve Card Status and Card Account
:Credit Card
Retrieve Product Identification and Customer Identification
:Transaction
Authorization
Get Transaction Authorization
:Customer Access
Entitlement
Retrieve Customer Preferences
Check for Asserted Authentication
If Method Is Asserted Authentication
:Channel Activity
Analysis
Retrieve Information Binding Customer to Requesting Device
If Method Is Risk Based Non Interactive Authentication
:Session Dialogue
Get User ID and Password or Biometric
:Party Authentication
Verify User ID and Password or Biometric
Retrieve Password or Biometric
Create Verification Code or OTP
:Advanced Voice
Services Operations
Send Verification Code or OTP to Known Device
Get Challenge Response
Check Challenge Response
If Method Is Interactive Authentication
Card Number is associated with (Card Account,
Type) in Issued Device Administration
Card Account is associated with Product
ID and Customer ID in Credit Card
This is to get the customer preferences for the
ID&V method (mobile text, app, voice call,...)
Check if the customer has already the
request for mobile or SRC enrollment
Perform risk-based authentication based on known
device and additional customer details (e.g. shipping
address) received with the assurance request.
Cutomer contact is required for single or multi-factor authentication if
asserted or risk-based authentication cannot be done.
Request user ID and password or biometric through the requesting
channel (TSP and mobile payment application or SRC system)
Request for challenge rsponse through the requesting channel
(TSP and mobile payment application or SRC system)
Through alternate direct known
channel to the customer