Best Practices for PSD2
This article aims to support integrators in deciding which alterations have to be made in order to comply with PSD2.
Basic facts about PSD2
For a somewhat comprehensive overview, please refer to this article at bundesbank.de: https://www.bundesbank.de/en/tasks/payment-systems/psd2/psd2-775954
One part of PSD2 is SCA (strong customer authentication), which is what most of this page will be about.
Affected Payment Methods:
Credit Cards
To comply with the SCA requirement, credit cards will implement 3-D Secure 2.0.
Amazon Pay
The required changes are outlined here at Amazon: https://developer.amazon.com/de/docs/eu/amazon-pay-onetime/sca-upgrade.html
SEPA Direct Debit
Direct Debits will not be affected by SCA according to this Q&A by the EBA.
Changes to Our API
Some payment methods require changes to the way they are implemented
Credit Card Integrations
Keeping Transactions Frictionless
3DS 2.0 requires far more information about an order to be eligible for an exemption of the 3DS customer authentication challenge. If you want to make sure credit card payments stay as frictionless as possible after PSD2 comes into effect, please refer to our collection of additional parameters: Required vs. optional parameters for 3DS2
The more data that is provided, the greater the possibility of exemption on the part of the acquirer or issuer to circumvent the input of the 3-D Secure credentials.
If you don't currently use 3-D Secure 1.0, please make sure that your system is at least able to process 3DS 1.0 transactions and activate 3DS in your merchant backend. Transactions that don't use any form of 3DS will likely be declined starting mid-September 2019!
Fore more Information, please refer to this chapter of 3DS - we strongly advise you read through this page as it holds vital information for the 3DS-challenge process.