Nov 2010
1 / 10
Nov 2010
May 2019
henry
Nov '10

Recently I had a chargeback initiated by a customer. PayPal strongly recommends the use of 3D secure to minimise fraud. They recommend using Cardinal Commerce as a solution. I looked it up and it seems that this is a solution that should be implemented by the shopping cart software. Other ecommerce solutions have implemented this feature in their solutions (such as bluepark) and I was wondering if e-junkies is planning to implement this.



PayPal has made 3d Secure a requirement for Maestro payments with PayPal Payment pro and from what I hear from the PayPal people they are strongly planning to push for 3D secure. After all they are losing money in chargebacks and they want to minimise it. I would not be surprised if they make this a requirement in the future. So I guess, this feature needs to be implemented one way or another.



The following is what they sent as an intro to 3D secure.



Please Advise

Regards

Henry



--



3-D Secure is the authentication protocol used by Verified by Visa and

MasterCard SecureCode.



The goal of 3-D-Secure is to authenticate the consumer by the entry and

verification of a designated password or PIN prior to the completion of

an internet purchase. The 3-D Secure step slots into the payment process

before the merchant sends the normal financial authorization request to

their acquirer. The 3-D Secure protocol uses dedicated messages that

flow over the internet between the merchant, card scheme, and issuer,

outside of the network used for the financial authorization and clearing

messages.



In summary, the authentication process is carried out in the following

way:



1. The cardholder enrolls for the Verified by Visa or MasterCard

SecureCode service at their issuing bank and chooses their Personal

Assurance Message and authentication password or PIN. The cardholder

then shops for goods and enters their payment details into the merchant

checkout page as normal.



2. The merchant 3-D Secure software interacts with the card scheme

and issuer to determine whether the cardholder is enrolled for 3-D

Secure. If the cardholder is enrolled for the service, the merchant

seeks authentication of the cardholder by their issuing bank.



3. The cardholder is shown the details of their transaction and

enters their PIN. The entry of the PIN is used both to authenticate the

consumer and to confirm that the consumer approves the completion of the

transaction. The consumer's issuing bank validates the PIN.



4. The issuer responds to the merchant to indicate whether the

cardholder is authentic, and if authentic, provides an authentication

code to the merchant.

  • created

    Nov '10

  • last reply

    May '19
  • 9

    replies

  • 2.1k

    views

  • 5

    users

  • 5

    links

E-junkie_GuruWebmaster & Support Guru
Nov '10

I know our system is PCI-DSS compliant, but I'll pass along the info you provided about 3D-Secure to our Development team for their consideration as a wishlist item. Of course, this would only affect checkouts where our system actually handles the buyer's card info, namely for Authorize.Net, PayPal Pro Direct Payment, and PayPal Payflow Pro checkouts.

2 years later
judger
Mar '13

I've been receiving a number of chargebacks recently and ones that I don't stand much chance of winning because I sell digital goods. I've just got off the phone to Paypal who have recommended using 3D secure. Is this something you will still be looking to implement?



Thanks in advance

Neil

E-junkie_GuruWebmaster & Support Guru
Mar '13

Implementing 3D Secure is still on our wishlist for now. It appears primarily intended to protect the few buyers who have deliberately enabled it on their card accounts; it would have no effect for the vast majority of cardholders who have not enabled it, so it probably wouldn't make much if any of a dent in your chargeback rate. There's also some significant criticism about the way it works:

http://en.wikipedia.org/wiki/3D1Secure#Criticism



You may be interested in this related forum thread about reducing chargebacks and other payment disputes, especially in cases of "buyer's remorse":

http://www.e-junkie.com/bb/topic/4134

2 years later
E-junkie_GuruWebmaster & Support Guru
Dec '15

Implementation of 3D Secure is still on the wishlist for future consideration. This forum thread and a couple more emails are the extent of all inquiries we've ever received expressing any interest in it, so such low demand probably means it won't be a high priority for Development unless the payment gateways we integrate with decide to start requiring it.

v_bampton
Dec '15

Fair enough, thanks for the update. I didn't know it was possible until I signed up for PayPal Payments Pro and it was mentioned in their welcome email.

3 years later
gravelld
May '19

In my integration I allow Paypal to handle card details so E-Junkie are not relevant, but it might be worth mentioning (because surprisingly I don't see it anywhere else on the forum) 3D Secure is one of the measures that achieve Strong Customer Authentication and that becomes mandatory on 14 September 2019 in the EEA.

E-junkie_GuruWebmaster & Support Guru
May '19

Development is working on a Strong Customer Authentication solution to be ready before the deadline of Sept. 14th required by the EU.