If you run an online shop you use a payment processor to handle credit card transactions. Companies like Stripe, Global Payments or Sage Pay are popular options but there are many more in the market. Regardless of which provider you use, you will (or should) have been receiving updates from them with regard to changes in how credit card transactions are going to be handled.
Customer Authentication, sometimes referred to as 3D Secure adds an additional
layer of security to a credit card transaction to cut down on the level of
credit card fraud. In the past this
extra authentication came in the form of additional security questions about
your credit card limit or billing details and if we are honest it caused a lot
of frustration for the end user. This
frustration and the inevitable drop in sales meant that many online retailers
chose to forgo the more secure option in exchange for a simpler shopping
experience for their customers.
to be less secure or simpler has already come to an end for some customers, but
from December 31st, 2020 it will come to an end for all
customers. Card processors will no
longer accept payments that do not use SCA.
upside the methodology for Strong Customer Authentication was upgraded back in
2018 to make it simpler for customers.
Most of us are now all too familiar with the text message from our bank
asking us to enter an additional code or confirm a transaction.
downside many payment providers have only just released their updated
documentation and APIs for those customers using built in payment pages. This has left scant time for ecommerce sites
original deadline for SCA2 compliance was September 2019 but this was pushed
back at the last minute until the end of 2020.
This gave sufficient time for processors to adapt but many have left the
push for compliance on their API processes until the last quarter of the year
which coincides with the busiest time of year for retailers and means that many will realise too late that they needed to
pushed the mandatory change back in September 2019. So, if you use Stripe, PayPal, or a Hosted
Payment Page (HPP) you are not at risk.
However, if you are using another provider via remote payment process,
then you need to make sure you are up to date.
New Year’s Day is a terrible time to discover your site will no longer
steps you can take now to avoid calamity:
1 – Identify what company processes your credit card payments (if you do not know check with your web developers)
2 – Contact them and ask if your payment process is compatible with SCA2 (if possible, get that in writing)
3 – If they advise that you need to upgrade contact your web design company and ask them to take the required steps.
incredible upsurge in demand for web development, particularly in the ecommerce
space you may find that your provider will not be able to make the upgrades in
time to meet the deadline and if that is the case you should look at having a
backup. Adding a compliant processor
like Stripe or PayPal, even as a short-term measure will give you the time and
space to get the updates done without impacting the website sales.
As always Dmac Media are on hand to help if SCA is causing you issues so just contact us here if you need to talk.