SCA - Strong Customer Authentication

The overall description of the timeline, requirements and risk is described here

If you are experiencing unusual payment declines, it could be related to the new Strong Customer Authentication (SCA) regulation. Find out more here

What is required from Merchants?

  1. Activate 3D Secure on your payments

  2. Review your subscription payments to ensure they are setup correctly

NOTE: Any version of 3D Secure in compliant with SCA requirements. We will publish information
on the update from 3D Secure version 1 to version 2 (EMV 3DS) soon.

How to know which transactions require SCA or not?

In general, all transactions which involve the cardholder requires SCA.
These are called Cardholder Initiated Transactions (CITs). This applies to both transactions without stored cards and those with.
The below decision tree identifies which transactions need SCA and those which don’t:

 

 

How to correctly mark transactions according to use cases 1-5
 

Use Case #1 Registering a card

I’m using Nets Flexwin payment window or Card service in which customers register their cards to store the card in the webshop for easier check-out. I use the ticket_auth.cgi API for processing easy checkout for returning customers. What do I need to do?

  • Make sure 3D Secure and Dankort Secured By NETS (DSBN) is activated by Nets.
  • Use preauth=true for registering a card
     

Use Case #2 Setting up a merchant initiated transaction (MIT)

I am using the Nets Flexwin payment window or Card service in which I want to set up a Merchant Initiated Transaction agreement with my Customer.

  • Make sure 3D Secure and Dankort Secured By NETS (DSBN) is activated by Nets, so that it can be used to Authenticate your customer before the MIT can be confirmed.
  • Use preauth=true for registering a card

The next step is dependent on the type of agreement I have with my customer:

  • If it is an agreement that I will charge on a fixed interval, then I will register the card with “mitType=RECURRING
  • If it is an agreement that I will charge at a changeable date every week or month, then I will register the card with “mitType=UCOF

Remember. The value of an MIT charge can change from one payment to the next, as long as the customer is aware of this and their rights, when they sign-up to this agreement.
 

Use Case #3 - Normal one-off payment

I am using Nets Flexwin payment window or Card service in which I want to accept one-off payments with customers who are not registered with my webshop.

All I need to do is make sure 3D Secure and Dankort Secured By NETS (DSBN) is activated by Nets.
 

Use Case #4 - Subsequent Merchant Initiated Transactions

I want to charge a Customer for a subscription they already agreed and setup with SCA (Use Case #2) – on a Recurring or Unscheduled basis. I’m using ticket_auth.cgi or BULK to process subsequent transactions.

  • Use ticket_auth.cgi for BULK for charging Customers.
  • Note: when processing a subsequent MIT transaction, it must be according to agreed agreement with the Customer, either fixed internal of changeable interval.
  • Note: Ticket_auth.cgi and BULK can in the future only be used for processing MIT transactions.
     

Normal one-off payment – using an existing stored card (Scenario 5)

Call payment window or Card service with ticket parameter

  • This is done by sending the ‘ticket’ to the Payment Window.
    • Note: The ticket ID is returned from the initial payment
  • A masked version of the creditcard will be displayed together with the expiry date.
  • The customer must enter CVC and click “Complete” to proceed and will be presented for SCA authentication.
Note: Currently the CVC is required. This will be changed in January, ie. The requirement for CVC will be removed and customers will be forwarded to SCA authentication directly.

 

Note: Next update scheduled for January will include use cases related to storing a card with a purchase and store a card without purchase amount
Do you have a question or need help?
Follow us
Nets Online Payments

Oslo: +47 21 55 44 00
Stockholm: +46 (0)8-527 525 00
København: +45 7020 3077
Jyväskylä: + 358 010 80 40 40
Close menu