Curious about our approach to authenticating consumer transactions? Check out our most frequently asked questions below.
3-D Secure is a fraud prevention protocol that was created by Visa and Mastercard to authenticate e-commerce transactions. The protocol sits on the merchant payment form between the payment page and the gateway, verifying transactions in real-time.
Typically, Visa & MC do not work directly with merchants or ISO's to make 3DS accessible; they rely on certified providers like PAAY to service the e-commerce market.
In the US, there are only two certified providers of 3-D Secure, and PAAY is one of them.
The authentication starts as soon as the customer finishes entering their credit card information on the merchant payment form prior to the customer hitting submit. If the transaction is authenticated, the merchant will receive 3DS data that is then passed to the gateway and finally to the processor. There is no impact on the customer experience, everything happens on the backend. To Demo how this works, please visit our demo checkout page. As you enter your credit card information, you will see the authentication happen (Don't worry, your credit card won't be charged!)
If the transaction is not authenticated, PAAY will close out the authentication request and the transaction will continue as normal. There will be no impact on the customer experience, however, the liability shift will not occur.
About 65% of transactions are authenticated and qualify for a liability shift. There are ways to optimize your payment page to increase the number of authenticated transactions. For more information on how to optimize your payment page please contact firstname.lastname@example.org
We currently provide chargeback protection on Visa, MasterCard, American Express, and Discover transactions. Stay tuned, JCB is launching shortly.
Download a complete list of chargeback codes covered by 3-D Secure here.
No, everything happens in the backend. There is no impact on the customer experience. Click here for a demo of the checkout process.
All you need is a customizable payment form and an account with PAAY. If you’re interested in trying out the solution, please contact email@example.com and we’ll get you started with a risk free trial.
No, we only need your primary MID.
The solution works with all types of e-commerce merchants, except merchants with the following MCC codes:
MCC 4829: Wire Transfer/Money Order.
MCC 5967: Direct Marketing-Inbound Teleservices.
MCC 6051: Non-Financial Institution-Foreign Currency, Money Order (not Wire Transfer), Travelers’ Cheques.
MCC 7995: Betting, including Lottery Tickets, Casino Gaming Chips, Off-Track Betting and Wagers at Race Tracks
Yes. Please check the logs in your Konnektive CRM account, you should find a CAVV, ECI and XID for each protected transaction, if you cannot see any of these values attached to the transaction it did not receive 3DS protection. If you are using another CRM please contact them directly to see if they accept 3-DS data.
U.S. banks support 3-D Secure. If you are using an international bank please reach out to them to confirm that they support it as well.
The solution works with all processing platforms that have the pass through fields to capture 3D Secure data (ECI, CAVV, XID), and this is the case with almost all major processors.
*Note: The only processing platform that we know does NOT have the fields for 3D Secure, is First Data's Omaha frontend platform. (The backend DOES accept 3D Secure).
If you are using Authorize.net, 3D Secure authentication can only happen if you are on one of the following processing platforms:
First Data's Nashville Platform
Authorize.net * you need to enable 3D Secure (if you don't know how, reach out to firstname.lastname@example.org and we will send you instructions). If your gateway is not listed, please reach out and ask them if they support 3D Secure data.
PAAY offers a number of implementation options that accommodate a variety of needs. Choosing a method:
The integration can be applied to any customizable checkout page. It will take a few minutes and can be done by anyone.
Coding experience is needed. You'll need access to your servers to generate your own token. Programing language specific.
This integration consists of 2 to 3 calls to the API.
This integration consists of 1 to 2 call to the API.
Join our newsletter to stay up to date on features and releases