Contact us

FREE TRIAL

Payment Gateway Service Providers – Seamless Solution for 3D Secure 2 Transition

NO NAME
A recent announcement from MasterCard regarding the transition of customers to EMV 3DS 2.0 prior to decommissioning 3DS 1.0 calls for a proactive approach from all parties involved, including Payment Gateway Service Providers as well. This transition is causing a stir in the industry and Asseco SEE is here to untangle some questions and make the transition process as seamless as possible.

A recent announcement from MasterCard regarding the transition of customers to EMV 3DS 2.0 prior to decommissioning 3DS 1.0 calls for a proactive approach from all parties involved; including Payment Gateway Service Providers as well. This transition is causing a stir in the industry. ASEE is here to untangle some questions and make the transition process as seamless as possible.

Back in 2001 VISA introduced 3D Secure to provide issuers and merchants a way to authenticate cardholders for online payments. This standard under one name is 3D Secure 2.0 (3DS 2.0).

Initial introduction by EMVCo on 3D Secure 2.0 announces that 3D Secure 1.0 is in the phase-out stage; and will no longer have support after 31.12.2020.

This timeline crosses its path with the new PSD2 directive taking place and demanding further upgrades of 3D Secure. The result is 3D Secure 2.0 being fully compliant with PSD2 regulation on eCommerce and mobile payment channels.

A more detailed timeline leading to the current transition is available in our previous blog post. We cover the issuer side of the transition process.

Payment Gateway Service Providers Transition Roadmap

The prolongation of the transition period is causing headaches for payment gateways. Why? Because Payment Gateway is initiating 3D Secure transactions, but initial 3DS access points differ for 3DS1 and 3DS2 authentication. That means that Payment Gateway integrates with two APIs, but also manages the transaction logic. For example; since initially, PGW does not know if the card is enrolled in 3DS1 or 3DS2, authentication must be first initiated in 3DS2. If 3DS2 authentication cannot proceed, PGW must initiate a 3DS1 transaction.

With Asseco 3DS Server Single Access Point Facade, Payment gateway needs integration only with one API using one message protocol and initiating 3DS authentication transaction only once. In case the card is not apart of the 3DS2, the facade will initiate 3DS1 transaction to the dedicated MPI (Merchant Plug-in), and provide the final Authentication Response to the Payment Gateway. Asseco 3DS Server Single Access Point Facade is flexible for integration not only with Asseco SEE MPI and Asseco SEE 3DSS, but also with third-party MPI and 3DSS.

If you want to find out more, contact your ASEE 3D Secure Team or download the datasheet.

Want to learn more about cybersecurity trends and industry news?

SUBSCRIBE TO OUR NEWSLETTER

CyberSecurityhub

chevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram