CV2, AVS and 3DS Security Checks

This article is designed to provide guidance on configuring your Security Check Preferences within the Gateway. It will provide guidance on the different states, what they mean and how to configure the checks in certain scenarios.

AVS and CV2 States
Partially MatchedThis is when the data supplied by the customer only partially matches to what the issuing bank has on record for the customer.
Not MatchedThis is when the data supplied by the customer doesn’t match to what the issuing bank has on record for the customer.
Not CheckedThis is when the data supplied by the customer hasn’t been checked due to previous data being wrong. Not Checked also occurs if the security check isn’t supported by the issuing bank.  
Not KnownThis is when the customer hasn’t supplied any data to be checked.


Strongest Level – All on



Weakest Level – All off



 CV2 on, AVS off



CV2 off, AVS on



 CV2 on, Address Line off, Postcode onblobid24.png


 CV2 off, Address Line off, Postcode onblobid19.png


 CV2 on, Address Line on, Postcode offblobid18.png


 CV2 off, Address Line on, Postcode offblobid23.png


 CV2 on, Address Line on, Postcode off



Accept Partially Matched AVS/CVS



Accept Transactions where data hasn’t been supplied



3D Secure States
Attempted AuthenticationThis is when the customer fails to complete the registration process for 3D Secure. If the customer is yet to register for 3D Secure, and is presented with an opportunity to register.
Not AuthenticatedThis is when the customer has failed to successfully authenticate themselves on the 3D Secure transaction, or has cancelled the process.
Not CheckedThis is when the 3D Secure authentication could not be checked due to the customer card not being enrolled or valid for the 3D Authentication scheme. This also occurs if 3D Secure checking is disabled.
Not KnownThis is when the 3D Secure Authentication could not be performed due to an error.


Strongest Level – All on



Weakest Level – All off



Recommended Level



 Please note: If the Merchant is using 3D Secure it is important that the Gateway has the Merchant’s website URL logged, alternatively they should be including it within the transaction request using the merchantWebsite parameter.To check if the website URL is logged, please check on the Dashboard of the MMS, under ‘Main Contact’. If it is missing, please contact Support and in the e-mail include the website URL to be added.