Overview

Mastercard's Digital Secure Remote Payments (DSRP) is a token-specific cryptographic framework designed to validate tokenized and wallet-based remote payment transactions. DSRP replaces the earlier Unscheduled Card-on-File (UCOF) cryptogram with a more secure, token-specific cryptographic field that strengthens issuer confidence in remote cardholder transactions.

When a customer pays using a digital wallet such as Apple Pay or Google Pay, or through any tokenized Primary Account Number (PAN) flow, the transaction carries a DSRP cryptogram. This cryptogram is generated upstream by the wallet provider or issuer and passed through the payment flow automatically — merchants do not generate it manually.

On Authorize.net, DSRP support is available for tokenized transactions submitted via standard transaction request methods (for example, createTransactionRequest), provided the merchant's processor supports the DSRP flow and Authorize.net enablement is in place.

Applicability: This article applies to tokenized digital payment transactions processed through Authorize.net using Mastercard Digital Secure Remote Payments (DSRP), including wallet-based and in-app payment flows such as Apple Pay and Google Pay.

This article does not apply to non-tokenized card-present transactions, standard card-not-present transactions without tokenization, or Unscheduled Card-on-File (UCOF) cryptogram flows that have been replaced by DSRP.

Benefits of DSRP

Implementing DSRP within tokenized payment flows provides the following key benefit:

• Token-specific cryptographic validation: DSRP provides issuers and processors with a cryptographic field tied directly to the token used in the transaction, improving the ability to validate remote cardholder transactions and increasing issuer confidence in approving them.

What Merchants Should Know About DSRP

Review the following key points to understand how DSRP affects your payment integration:

• DSRP applies to tokenized digital transactions. This includes wallet-based payments (such as Apple Pay and Google Pay) and in-app payment flows that use tokenized PANs.
• Merchants do not generate DSRP cryptograms. The cryptogram is created upstream by the wallet provider or issuer and is automatically passed through the payment flow to Authorize.net and the processor.
• No manual action is required from merchants to include the DSRP cryptogram in a transaction. When the flow is supported by both Authorize.net and your processor, the token cryptogram fields are included in the payment payload automatically.

If you are unsure whether your current integration supports DSRP, refer to the processor support table below or contact Authorize.net Support.

Processor Support and Enablement

DSRP support on Authorize.net depends on both processor implementation and Authorize.net platform enablement. The following processors currently support DSRP for Mastercard transactions:

Implementation Notes

The following describes how Authorize.net handles DSRP within the transaction flow:

• Tokenized transactions routed through processors that require DSRP will include token cryptogram fields as part of the payment payload when both Authorize.net and the processor support the flow.
• No additional configuration steps are required from the merchant to pass the DSRP cryptogram — the field is included automatically within the supported payment payload.
• Transactions submitted via the standard createTransactionRequest API method are supported within this flow when the processor and enablement conditions are met.

Frequently Asked Questions

• • What is DSRP and why does it matter for my transactions?
  • DSRP (Digital Secure Remote Payments) is a Mastercard cryptographic standard that replaces the earlier UCOF (Unscheduled Card-on-File) cryptogram for tokenized remote transactions. It provides token-specific validation that helps issuers confirm the legitimacy of digital wallet and in-app payments, which can improve authorization rates and reduce fraud risk.
• • Do I need to do anything to enable DSRP on my Authorize.net account?
  • In most cases, no action is required from you. When your processor supports DSRP and Authorize.net enablement is in place, the DSRP cryptogram is automatically included in the payment payload for eligible tokenized transactions. If you are unsure whether your account is configured correctly, contact Authorize.net Support.
• • Does DSRP apply to all my transactions?
  • No. DSRP applies specifically to tokenized digital transactions, such as wallet-based payments (Apple Pay, Google Pay) and in-app payments using a tokenized PAN. It does not apply to standard card-not-present transactions without tokenization or to card-present transactions.
• • Does my processor need to support DSRP for it to work?
  • Yes. DSRP support requires both Authorize.net enablement and processor-level support. Currently, First Data Nashville (FDC), TSYS, Global Payments, and Elavon support DSRP for Mastercard transactions. If your processor is not listed, contact Authorize.net Support to confirm availability.
• • Do I generate the DSRP cryptogram myself?
  • No. Merchants do not generate DSRP cryptograms. The cryptogram is created upstream by the wallet provider or card issuer and is passed through the payment flow automatically. Your integration does not need to produce or manage this value directly.
• • What replaced the UCOF cryptogram?
  • DSRP replaces the earlier UCOF (Unscheduled Card-on-File) cryptogram for tokenized remote transactions. DSRP provides a token-specific cryptographic field that offers stronger validation for wallet-based and in-app payment flows.
• • Which card brands does DSRP support on Authorize.net?
  • Based on current processor support, DSRP on Authorize.net applies to Mastercard transactions. Support may vary by processor and transaction type. Contact Authorize.net Support for the most current information on card brand availability.
• • What API method do I use to submit a DSRP-eligible transaction?
  • Tokenized transactions eligible for DSRP are submitted through the standard createTransactionRequest API method. When the processor and Authorize.net enablement conditions are met, the token cryptogram fields are included in the payment payload automatically.

Additional Resources

• Authorize.net API Reference — Access card payment APIs and tokenization guidance for implementing tokenized transaction flows.

Glossary

• DSRP (Digital Secure Remote Payments): A Mastercard cryptographic standard that provides token-specific validation for tokenized and wallet-based remote payment transactions. DSRP replaces the earlier UCOF cryptogram.
• UCOF (Unscheduled Card-on-File): A legacy Mastercard cryptogram previously used for remote transactions. UCOF has been replaced by DSRP for tokenized payment flows.
• PAN (Primary Account Number): The unique numeric identifier printed on a payment card and used to identify the cardholder account during a transaction.
• FDC (First Data Nashville): A payment processing platform operated by Fiserv, also referred to as First Data Nashville, that supports DSRP for Mastercard transactions on Authorize.net.
• TSYS: Total System Services — a payment processing company and Authorize.net processor partner that supports DSRP for Mastercard transactions.
• API (Application Programming Interface): A set of defined rules and protocols that allow software applications to communicate with each other. On Authorize.net, the API is used to submit payment transaction requests programmatically.
• createTransactionRequest: The standard Authorize.net API method used to submit payment transactions, including tokenized flows eligible for DSRP cryptogram inclusion.