To post a new support question, click the Post New Topic button below.
Current Version: 4.8.5 | Sytist Manual | Common  Issues | Feature Requests

Please log in or Create an account to post or reply to topics.
You will still receive notifications of replies to topics you are part of even if you do not subscribe to new topic emails.

3d Secure V2 - Required By September 2019

K
8 posts
Tue Jan 08, 19 4:36 AM CST
Hi,

What are you doing about 3D Secure v2? In Europe because of SCA, 3D Secure v2 is going to be required for transactions to be processed, the enforcement date for this is September 2019.

This isn't a feature request, because it's going to be an absolute requirement for your product to be able to function using some of your current payment integrations.

Ideally I'd like to see you support Stripe.js and not have your Stripe integration collect details via the site, as it's more secure, as per my comments on the feature request thread:

----
Stripe - Can we please have an option for using Stripe.js instead of the current method where card details are captured via Sytist please? Doing so massively reduces the PCI-DSS (SAQ-A only) burden on accepting cards and makes things much more secure. This also fixes the Apple Pay etc. issues as well, as integrating against Stripe.js means you're integrated against all payment methods Stripe supports.

Incidentally telling people that there are payment options such as Worldpay that don't require them to have https is incredibly dangerous, the whole payment flow needs https, not just the part that captures card details - otherwise the link to Worldpay could be swapped to a phishing site instead. I'm pretty sure it's also one of Worldpays requiremtns for PCI-DSS that you have to have SSL on the site that links through to them as well.
----

Thanks,

Karl
16,139 posts (admin)
Tue Jan 08, 19 10:03 AM CST
This is the first I have heard of "3d Secure V2". So I will need to do some research on it.
Tim Grissett, DIA - PicturesPro.com
My Email Address: info@picturespro.com
K
8 posts
Tue Jan 08, 19 11:38 AM CST
Thanks. I thought I'd included this link before from Stripe, https://stripe.com/guides/3d-secure-2 it gives good info on what it is and how to solve it with PaymentIntents, Stripe.js & Elements (removes a massive PCI-DSS burden that way as well).

I imagine the other gateways you've integrated will also have some changes for it.

Cheers,

Karl
K
8 posts
Thu May 23, 19 1:59 AM CST
Stripe have released their SCA compliant payment flow now: https://stripe.com/gb/payments/strong-customer-authentication

This is going to be an absolute necessity for anyone who accepts payments from customers with the EU. Without supporting an SCA compliant payment flow, we won't be able to take payment from EU customers.

This is the ideal time to switch to a less burdensome way of integrating with Stripe as well, to lessen the PCI-DSS requirements down to SAQ-A.

Thanks,

Karl
16,139 posts (admin)
Thu May 23, 19 11:50 AM CST
Ok, thanks.
Tim Grissett, DIA - PicturesPro.com
My Email Address: info@picturespro.com
5 total messages
Please log in or Create an account to post or reply to topics.
This post has been viewed 1,676 times
Category: Payment Options
 
Loading more pages
Loading more pages

Sign up for email promotions.

Your information is safe with us and won't be shared.

Thank you for signing up!

 
©2003 - 2021 Grissett, LLC. All Rights Reserved.

By continuing to browse or by clicking Accept Cookies, you agree to the storing of cookies on your device necessary to provide you with the services available through our website.

    Accept   Privacy & Cookie Policy
Loading More Photos
Scroll To Top
Close Window
Loading
Close