I received this from Global Payments ( formally Realex Payments)
I wonder if anyone else had and if Sellerdeck have any comments regarding if this will affect our integrations.
--------------------------------------------------------------------------------------------------------------------------------------------------
Introduction
On 14th September 2019, a new regulation is being introduced that will change the way payments are made online within the European Economic Area (EEA). This email will give you some background information on why the changes are being made and explain what we'll be doing to meet the new regulation.
Firstly, here's a high level summary of what you need to know:
• When the new regulation is introduced in September 2019, most ecommerce payments will have to undergo Strong Customer Authentication (SCA) to validate that the payer is who they say they are.
• For ecommerce card payments, a new authentication protocol is being introduced by the Card Schemes (Mastercard, Visa, American Express etc.) called 3D Secure v2 (3DS v2) that will comply with the new regulation.
• Global Payments will be supporting the 3DS v2 protocol by introducing options that will make it easy for you to comply with the SCA requirement. Over the coming months, we'll be upgrading our authentication solution and providing further detail of what you have to do.
Background
The Second Payment Services Directive (PSD2) was officially published by the European Commission in December 2015 to help promote the development of a more efficient, secure and open payments landscape that encourages innovation while enhancing consumer rights and protection.
One of the major implications of PSD2 is the focus on improving security in the payments space by emphasising SCA. The regulation to enforce the use of SCA will come into effect on 14th September 2019. This will mean that as a European merchant processing ecommerce payments, you must be able to apply SCA to your transactions where the card issuer and the merchant's payment processor (acquirer) are both in the EEA.
For card payments, the industry standard solution designed to comply with the SCA requirement is the latest version of 3D Secure protocol - commonly referred as 3DS v2 or EMV 3DS.
As your payments partner, we're committed to making it easy for you to comply with the SCA requirement with minimum disruption to your business. In 2019 we'll be upgrading our authentication solution to cater for the new regulation.
For more information on PSD2 and the regulation on SCA, including details of exemption criteria and scope, please refer to the following blog: PSD2: Strong Customer Authentication for eCommerce
Please note that remote Mail Order/Telephone Order (MOTO) transactions, anonymous prepaid cards and lodged corporate card transactions are out of scope of SCA.
What Is 3D Secure?
3D Secure or 3DS is the umbrella name for each of the Card Schemes' branded online payment authentication solutions: Verified by Visa, Mastercard SecureCode, American Express Safekey, J/Secure for JCB and ProtectBuy for Discover and Diners International.
3DS is an authentication protocol that aims to reduce fraud, increase customer security and reduce merchant liability to chargebacks. It introduced a step in the transaction process where the customer is shown a screen hosted by or on behalf of their card issuer. On this screen, the customer is prompted to authenticate themselves, often via a password or similar information only known to the customer.
How Is 3DS v2 Different?
The original version of 3DS was designed for a 'browser only' ecommerce checkout experience and failed to consider the experience delivered via mobile browser and in-app payments that make up a significant proportion of ecommerce traffic today.
3DS v2 is designed with the mobile checkout experience in mind by introducing new checkout flows that better suit customers paying on a mobile with new authentication methods, such as biometrics. It also provides the possibility of a fully frictionless flow by using a more comprehensive data set provided by the merchant to authenticate the customer without the need for their intervention.
What's Changing for Your Customers?
• If you're currently using the existing version of 3DS: The user journey for your customers will remain similar to the experience they have now. However, the frequency that they're challenged to authenticate themselves may increase. The method of completing these authentication challenges will also likely change slightly to comply with the regulation.
• If you're not currently using the existing version of 3DS: After submitting their card details, your customer may be challenged by their card issuer to authenticate themselves. This authentication challenge takes place as part of the payment flow and the steps required for the customer to complete the authentication are determined by their issuer.
After authentication is complete, the transaction process continues and the authorisation result is determined. Customers who authenticate themselves successfully may still have the transaction declined for other reasons, for example, if they have insufficient funds.
Benefits of 3DS v2
The new regulation aims to deliver safer and more secure payments for consumers but there are many benefits for merchants also:
• Increased fraud protection with a solution better fitted to modern ecommerce
• Liability shift from merchants to card issuers on transactions where a customer is successfully authenticated, meaning that the card issuer, rather than the merchant, is liable in the case of fraud.
• Better user experience over the current 3DS protocol with a greater range of authentication methods including a completely frictionless flow.
• Increased payment approvals from the card issuers.
What do I need to do?
It's important to be aware that changes to your integration with the Global Payments E-Commerce Platform (formerly known as Realex Payments) may be required in preparation for September 2019.
We'll be delivering a complete customer authentication solution in 2019 that will automatically support 3DS v2 as card issuers adopt the new protocol. We'll be in touch again early next year with details of what you need to do to be SCA compliant and the best practices you can implement to ensure the best experience for your customers.
We'd recommend that you forward this communication to your web developer and/or shopping cart provider to ensure that they're aware of these upcoming changes.
In the interim, if you have any questions relating to 3DS v2 and what may be required of you, please don't hesitate to drop us a note by emailing ecomsupport@globalpay.com.
Kind regards,
Global Payments E-Commerce Support
I wonder if anyone else had and if Sellerdeck have any comments regarding if this will affect our integrations.
--------------------------------------------------------------------------------------------------------------------------------------------------
Introduction
On 14th September 2019, a new regulation is being introduced that will change the way payments are made online within the European Economic Area (EEA). This email will give you some background information on why the changes are being made and explain what we'll be doing to meet the new regulation.
Firstly, here's a high level summary of what you need to know:
• When the new regulation is introduced in September 2019, most ecommerce payments will have to undergo Strong Customer Authentication (SCA) to validate that the payer is who they say they are.
• For ecommerce card payments, a new authentication protocol is being introduced by the Card Schemes (Mastercard, Visa, American Express etc.) called 3D Secure v2 (3DS v2) that will comply with the new regulation.
• Global Payments will be supporting the 3DS v2 protocol by introducing options that will make it easy for you to comply with the SCA requirement. Over the coming months, we'll be upgrading our authentication solution and providing further detail of what you have to do.
Background
The Second Payment Services Directive (PSD2) was officially published by the European Commission in December 2015 to help promote the development of a more efficient, secure and open payments landscape that encourages innovation while enhancing consumer rights and protection.
One of the major implications of PSD2 is the focus on improving security in the payments space by emphasising SCA. The regulation to enforce the use of SCA will come into effect on 14th September 2019. This will mean that as a European merchant processing ecommerce payments, you must be able to apply SCA to your transactions where the card issuer and the merchant's payment processor (acquirer) are both in the EEA.
For card payments, the industry standard solution designed to comply with the SCA requirement is the latest version of 3D Secure protocol - commonly referred as 3DS v2 or EMV 3DS.
As your payments partner, we're committed to making it easy for you to comply with the SCA requirement with minimum disruption to your business. In 2019 we'll be upgrading our authentication solution to cater for the new regulation.
For more information on PSD2 and the regulation on SCA, including details of exemption criteria and scope, please refer to the following blog: PSD2: Strong Customer Authentication for eCommerce
Please note that remote Mail Order/Telephone Order (MOTO) transactions, anonymous prepaid cards and lodged corporate card transactions are out of scope of SCA.
What Is 3D Secure?
3D Secure or 3DS is the umbrella name for each of the Card Schemes' branded online payment authentication solutions: Verified by Visa, Mastercard SecureCode, American Express Safekey, J/Secure for JCB and ProtectBuy for Discover and Diners International.
3DS is an authentication protocol that aims to reduce fraud, increase customer security and reduce merchant liability to chargebacks. It introduced a step in the transaction process where the customer is shown a screen hosted by or on behalf of their card issuer. On this screen, the customer is prompted to authenticate themselves, often via a password or similar information only known to the customer.
How Is 3DS v2 Different?
The original version of 3DS was designed for a 'browser only' ecommerce checkout experience and failed to consider the experience delivered via mobile browser and in-app payments that make up a significant proportion of ecommerce traffic today.
3DS v2 is designed with the mobile checkout experience in mind by introducing new checkout flows that better suit customers paying on a mobile with new authentication methods, such as biometrics. It also provides the possibility of a fully frictionless flow by using a more comprehensive data set provided by the merchant to authenticate the customer without the need for their intervention.
What's Changing for Your Customers?
• If you're currently using the existing version of 3DS: The user journey for your customers will remain similar to the experience they have now. However, the frequency that they're challenged to authenticate themselves may increase. The method of completing these authentication challenges will also likely change slightly to comply with the regulation.
• If you're not currently using the existing version of 3DS: After submitting their card details, your customer may be challenged by their card issuer to authenticate themselves. This authentication challenge takes place as part of the payment flow and the steps required for the customer to complete the authentication are determined by their issuer.
After authentication is complete, the transaction process continues and the authorisation result is determined. Customers who authenticate themselves successfully may still have the transaction declined for other reasons, for example, if they have insufficient funds.
Benefits of 3DS v2
The new regulation aims to deliver safer and more secure payments for consumers but there are many benefits for merchants also:
• Increased fraud protection with a solution better fitted to modern ecommerce
• Liability shift from merchants to card issuers on transactions where a customer is successfully authenticated, meaning that the card issuer, rather than the merchant, is liable in the case of fraud.
• Better user experience over the current 3DS protocol with a greater range of authentication methods including a completely frictionless flow.
• Increased payment approvals from the card issuers.
What do I need to do?
It's important to be aware that changes to your integration with the Global Payments E-Commerce Platform (formerly known as Realex Payments) may be required in preparation for September 2019.
We'll be delivering a complete customer authentication solution in 2019 that will automatically support 3DS v2 as card issuers adopt the new protocol. We'll be in touch again early next year with details of what you need to do to be SCA compliant and the best practices you can implement to ensure the best experience for your customers.
We'd recommend that you forward this communication to your web developer and/or shopping cart provider to ensure that they're aware of these upcoming changes.
In the interim, if you have any questions relating to 3DS v2 and what may be required of you, please don't hesitate to drop us a note by emailing ecomsupport@globalpay.com.
Kind regards,
Global Payments E-Commerce Support
Comment