RSA Announces the Upcoming Release of Adaptive Authentication for eCommerce 21.1

Document created by RSA Product Team Employee on Dec 17, 2020Last modified by RSA Product Team Employee on Dec 20, 2020
Version 3Show Document
  • View in full screen mode


RSA Adaptive Authentication for eCommerce is a comprehensive authentication and fraud detection solution for the eCommerce market. The solution is based on the 3DSecure protocol (Visa Secure and Mastercard Identity Check) and is powered by risk-based authentication, an intelligent system that authenticates a user by measuring a series of risk indicators. Transparent authentication provides a user-experience in which a customer is only challenged in high-risk scenarios.

What’s New in Adaptive Authentication for eCommerce 21.1

RSA Adaptive Authentication for eCommerce 21.1 includes these new features, enhancements, and changes.

EMV 3DS Certification

Adaptive Authentication for eCommerce is certified by Visa for the EMV 3DS 2.2 protocol.

RSA User Interface (RGI) Enhancements

To improve transparency of the RGI errors, we have expanded the internal error messaging system to increase the granularity of the information provided in the activity log. 

These new values are included in the Activity Log in the Customer Service application, Back Office APIs and the RDRs for customers who have enabled this feature:

  • A new Adaptive Authentication: Start 3DS 1.0 Challenge. Contact your RSA representative to enable this activity.
  • These additional errors are included in the RGI and can appear in addition to the existing errors.

    Note: These values have been added within the existing error code ranges in the system.

    3DS 1.0 Error ID

    Error Description


    Error on the issuer's side


    Invalid issuer session id


    OTP generation failed on the issuer's side


    Issuer could not send OTP to the cardholder


    OTP expired


    There was a problem initiating the OOB flow


    There was a problem with the issuer's OOB service


    Generating token value failed


    Encryption failed on the issuer's side


    Message Signing failed on the issuer's side


    Decryption failed on the issuer's side


    Signature verification failed on the issuer's side


    Unexpected http status received from the issuer


    Timeout connecting to or sending data to the issuer


    SSL connection failed


    Connection error on issuer's side


    Unsupported response received by the issuer


    Signature validation failed


    Decryption failed

Support for Visa and Mastercard Implementations of PSD2 Exemptions

Visa and Mastercard have provided technical specifications to support PSD2 EU regulatory exemptions.

Adaptive Authentication for eCommerce 21.1 supports Secure Corporate Payments Exemptions for Visa, and Acquirer Strong Consumer Authentication for Mastercard.

If you would like to enable these exemptions, contact your RSA representative to implement any necessary changes. Implement changes to your rules and policies to ensure that you allow all transactions for which you want to provide exemptions. By definition, exemptions cannot be applied to challenged or declined transactions.



For additional documentation, downloads, and more, visit the RSA Adaptive Authentication for eCommerce page on RSA Link.


EOPS Policy:

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.