The Authorize.Net docs specify that you can check the cavvResultCode to determine whether a liability shift occured. They also say this:
"Note: Mastercard transactions always return a null result for this element. Consequently, transaction details for Mastercard transactions do not contain CAVV results."
I understand that Authorize.Net is a Visa company, but does that really mean there's no way to verify that a liability shift has taken place? It would seem that slightly defeats the purpose of 3D Secure at that point.
