3DS 2 Intro:
On September 14th 2019, new requirements for authenticating online payments were rolled out in Europe as part of PSD2, or the second Payment Services Directive. As part of this, there is a new set of technical standards required for payment authentication known as Strong Customer Authentication (SCA), designed to help reduce fraud and increase security for end users.
What You Need To Know
One of the most important changes to come with the introduction of PSD2 is the implementation of 3D Secure 2.0, a mandatory update to the 3D Secure payment processing system from EMVCo.
As the world of finance has developed, and the need for more robust security measures has increased, static password systems have become insecure and outdated.
The new version of 3D Secure enables mobile support, biometric validation, and streamlines the checkout experience for the customer, resulting in less cart abandonment and a better conversion rate for eCommerce businesses.
To help you with the process we’ve updated our Development Centre with an Introduction to 3D Secure 2.0.
Strong Customer Authentication (SCA)
In order to accept payments under the new European SCA requirements, you need to ensure your customer can authenticate for a payment using two of the following:
Something They Know
A password, a PIN code, a security question.
Something They Have
A mobile phone or a hardware token.
Something They Are
A fingerprint or facial recognition.
3DS2 will allow you to process transactions using the above, handle exemptions from SCA transactions in different business models, and work with more complex payment use cases.
What You Need To Do
The EU regulators are implementing a phase-in approach for 3DS2 over an 18 month period. The PSD2 mandate started on the 14th of September 2019 so, to avoid an increase in declines, we ask all merchants to implement 3DS 2 as soon as possible. Starting in 1 October, card issuers will start to decline non-compliant transactions.
Make sure you plan out your 3DS 2 solution as soon as possible, ensuring that your software is updated, specifically for the financial authorities of the EU regions in your market. This means that you must update your integration to support 3DS 2 or your new merchant applications may be declined.
Active monitoring and suspension of merchants who have not yet updated to 3DS 2 will begin on December 31st 2020.
If you need more information or if you have any concerns, please get in touch with your Partner Manager, and read our post on 3DS 2 below.
- 1st October 2020- Card issuers will start to decline non-compliant transactions.
- 31st December 2020 - European Banking Authority announced SCA enforcement date as of the 31st December 2020. Countries across the EEA are generally expected to follow this new timeline.
- 3DS 2.2 mandate needs to be implemented by 31st December 2020
- Active supervision and monitoring will begin on 31st December 2020
- 14th September 2021 – “FCA expected enforcement date for the UK for SCA”
Should you have any other enquiries, check our FAQs or please contact us.
Paysafe – London
UK: 0800 294 1404