3D-Secure v2: Increase security; increase conversion
Update: Transition periods for SCA implementation
The deadline for PSD2 implementation was on the 14th of September 2019. However, the European Banking Authority (EBA) has granted National Banking Authorities (NBA) to decide on individual transition periods to the SCA’s implementation.
|Transition Status of eCommerce||EEA Countries|
|18 months duration (confirmed in writing)||France | United Kingdom|
|Discussion 18 months duration||Luxembourg | The Netherlands | Spain|
|In favor of 18 months duration||Romania|
|Expected to follow EBA guidance on 15-month duration||Belgium | Croatia | Cyprus | Czech Republic | Estonia | Greece | Ireland | Italy | Latvia | Lithuania | Malta | Norway | Poland | Portugal | Slovakia | Slovenia | Sweden|
|15-month duration aligned with EBA (confirmed in writing)||Austria | Finland | Denmark | Germany|
|In favor of a 12-month migration plan||Hungary|
|No opinion||Bulgaria | Iceland | Lichtenstein|
Ingenico has decided to continue rolling out its implementation plan. Considering the amount of work that still needs to be done to be fully compliant, we strongly advise you to do the same. Please check our dedicated FAQ on PSD2/3DSv2 to learn more about your responsibilities as a merchant for implementing this ruleset.
Payments are changing. We’ve got you covered, but here’s what you need to know.
The EU’s Second Payment Services Directive (2015/2366 PSD2) entered into force in January 2018, aiming to ensure consumer protection across all payment types, promoting an even more open, competitive payments landscape. Acting as a payment service provider, Worldline prides itself on being confirmed PSD2 compliant since 29 May 2018.
One of the key requirements of PSD2 relates to Strong Customer Authentication (SCA) that will be required on all electronic transactions in the EU from September 2019. SCA will require your customers to authenticate themselves with at least TWO out of the following three methods:
- Something they know (PIN, password, …)
- Something they possess (card reader, mobile. …)
- Something they are (voice recognition, fingerprint, …)
A simple transition to greater security
Anyone shopping online in the last decade will likely have experienced 3D Secure, which was designed to add a layer of security and move liability from merchants and on to banks. However, the redirect pages confused customers, causing them to abandon transactions.
A new version, 3D Secure v2 is now here to make authentication more convenient, helping you meet the required SCA standards by using data in a smarter way.
3DS v2 will send important data, such as the shipping address, the customer’s device ID and previous transaction history, over to the cardholder’s bank. The bank can then assess the risk level and if it trusts the transaction, the payment is made quickly and seamlessly (the customer will never even see 3D Secure v2 being applied). Alternatively, the bank can seek further input from the customer to authenticate the payment.
Find out more about how these two new payment flows work here.
More sales, better experiences
Sharing more data and only conducting additional checks when necessary, means faster checkout times, extra security, improved sales and a better customer experience – and you can meet new SCA standards effortlessly.
If you are using our own payment page, moving onto v2 will be seamless for you, we will manage it on your behalf. If the payment page is embedded into your website, our customer support will be happy to advise you on your next steps at firstname.lastname@example.org