API - Feb 23, 2026

Added

Authentication type response parameter for card transactions

The API now returns the AuthenticationResult.AuthenticationType property on all relevant card transactions, which has the possible values:

• CHALLENGE – The issuer requested SCA to be enforced (for example, using 3DS).
• FRICTIONLESS – The transaction was exempted from SCA because an exemption was granted by the issuer.
• DIRECT_AUTHORIZATION – The transaction was sent to the issuer for authorization without any frictionless or challenge (for example, if SCA doesn’t apply).

The property reflects both:

• The final state of the authentication request that Mangopay made to the issuer,
• The decision of the issuer regarding the type of authentication to be enforced (if applicable)

A null value typically indicates that authentication was not requested (for example, because the request failed before being sent) or a decision was not received.

The parameter is returned on the following requests:

• POST Create a Direct Card PayIn
• POST Create a Recurring Card PayIn with the CIT payload
• POST Create a Recurring Card PayIn with the MIT payload
• POST Create a Preauthorization
• POST Create a Preauthorized PayIn
• POST Create a Card Deposit Preauthorization
• POST Create a Deposit Preauthorized PayIn
• POST Create a Web Card PayIn
• POST Create a Card Validation
• POST Create a Google Pay PayIn
• POST Create an Apple Pay PayIn

It is also returned on the objects obtained via the GET endpoints:

• GET View a PayIn (for pay-in types above)
• GET View a Preauthorization
• GET View a Deposit Preauthorization
• GET View a Card Validation