Why has my payment been returned a 71000 Soft decline response?

  Last updated: 

 

  Visa and Mastercard require that merchants in PSD2-mandated countries must re-attempt authentication using the forced challenge (mandate) indicator (scaexemptionindicator=14 or challenge indicator=04 if Using your own MPI) when a soft decline response is received.

 

If your system is returned a 71000 Soft decline response following processing an Authorisation (AUTH) Request to Trust Payments, this has occurred because card issuer declined the request due to absence of Strong Customer Authentication (SCA).

The Revised Directive on Payment Services (PSD2) mandates that a form of SCA is performed on all transactions initiated by the customer through their browser or mobile device. To comply with this mandate, you will need to utilise EMV 3-D Secure.

There are exceptions to this rule that are permitted by the card issuer and do not need to be declared, examples of which include Mail Order Telephone Order (MOTO) payments and Merchant Initiated Transactions (MIT) against a customer’s stored card (that was originally authenticated with SCA). However, there are additional exemptions that do require flagging to the card issuer, by including the field scaexemptionindicator (click here for the field specification).

Failure to declare exemptions correctly or to meet conditions specified by the card issuer may lead to the 71000 Soft decline error.

  Authorisation of a payment by the issuing bank is not by itself evidential of meeting the requirements for an exemption to be granted. It is your responsibility to ensure your solution only applies exemptions when the criteria for doing so have been met. We recommend contacting your acquiring bank for assistance if you need guidance.

 

Actions to take in the event of Soft decline

If you are returned a 71000 Soft decline in the authorisation response, you must re-submit the authorisation request but this time ensuring it is authenticated using EMV 3-D Secure and without SCA exemption applied. Please refer to the relevant section below for information on how to handle this.

Payment Pages

Please contact our Support Team and ensure your account has been configured to automatically retry payments with 3-D Secure authentication when a soft decline response is returned.

JavaScript Library

 The instructions below assume your system is using JavaScript Library version 3.
Versions prior to v3 were retired on 1st December 2021.

Merchant developers are expected to update the request JWT payload in the transaction re-submission following a soft decline:

Android SDK

Merchant developers are expected to update the request JWT payload in the transaction re-submission following a soft decline:

iOS SDK

Merchant developers are expected to update the request JWT payload in the transaction re-submission following a soft decline:

Webservices API

For merchants who have the following integrations with the TRU Connect gateway:

  • Webservices API to process authorisation, using merchants' own 3DS MPI provider for customer authentication.
  • Webservices API to process authorisation, following 3DS authentication using JavaScript Library.
  • Webservices API to process authorisation, following 3DS authentication using one of our Mobile SDKs (Android SDK / iOS SDK).

The merchant developer will be expected to:

  • Re-process the 3-D Secure authentication (either using your own 3DS MPI provider or by using our JavaScript Library / Mobile SDK solutions) and then process a new authorisation request using the Webservices API.
  • Include parenttransactionreference to the original authorisation that was soft declined (reference the AUTH, not the THREEDQUERY).
  • Include scaexemptionindicator = 14. This is mandated to force the re-submission to trigger step-up (challenge) authentication.

 

Testing for Soft decline

Was this article helpful?
0 out of 0 found this helpful