From 14th September 2019, your customers will need to provide two types of authentication for some online transactions. This is because debit and credit card issuing banks will implement a regulation called Strong Customer Authentication (SCA), which comes into UK law on that date.
This will see a new standard for verification, 3D Secure 2.0 (3DS2), required for transactions made through websites and mobile apps.
Mastercard and Visa have 3DS2 security products called “Identity Check” and “Verified by Visa” respectively. These are used by issuing banks to evaluate e-commerce transactions and, where appropriate, present challenges for the cardholder to authenticate themselves that the transaction is genuine.
Transactions checked by 3DS2 see the liability shift for chargebacks from the merchant to the Issuing Bank. allpay clients already benefit from this with Internet Payments and Branded Gateway, which adhere to the current 3D Secure standard.
What is different with 3DS2?
With 3DS2, merchants must send more data with each transaction so that the Issuing Banks are better placed to evaluate the request by having access to more contextual data (such as name, address, email address etc) and only challenge the riskiest transactions.
This approach will:
How will transactions be challenged?
When transactions are challenged, Issuing Banks will ask the cardholder for :
Company Reg No: SC375676 VAT Reg No: 108 2556 26 Registered as a Scottish Property Factor No: PF000329
For authorised staff users only.