Post by lukeketchum1 » Thu Mar 07, 2019 10:32 pm

Hello guys,

I received the below from Braintree Payments themselves (ie the company, not the opencart extension people)

-----------------------------
Last month, we notified you of upcoming changes related to Strong Customer Authentication (SCA) requirements. The requirements are part of the European Payment Services Directive (PSD2) regulations, which mandate additional authentication measures be performed on transactions in the EEA. Moving to 3D Secure 2.0 (3DS 2.0) can help merchants transacting in Europe meet SCA requirements as well as help increase fraud protection. 3DS 2.0 is also expected to reduce friction in comparison to 3DS 1.0 in both the web- and mobile-purchase process and can help maximize conversions.
What do I need to do?
Braintree recommends that merchants integrate 3DS 2.0 into their checkout experience by April 2019 per the card brands' guidelines. The beta version of the web SDK is now available to integrate and test in the Sandbox. It will be ready to use in production soon. Please reference our 3DS 2.0 adoption guide for more information on how to make this change.
For merchants using a third-party shopping cart provider, you'll want to reach out to them for details on their plans to meet PSD2 SCA requirements.
When is the deadline?
Although the date of enforcement isn't until September 2019, card issuers may begin to require that transactions meet SCA requirements any time after April 14, 2019, so being ready when the 3DS 2.0 protocol is active is an excellent proactive measure that can help you avoid unnecessary declines.
-----------------------
Do you guys know, will it be as simple as Braintree Payment extension people will release an update that covers these requirements?

Please let me know

Thank you

Luke

Active Member

Posts

Joined
Tue Jan 23, 2018 12:30 am

Post by Johnathan » Fri Mar 08, 2019 10:03 pm

I don't think the OpenCart team has mentioned their plans. It's possible the OpenCart team plans on updating the extension in the next version to also use 3D Secure 2.0, but I haven't heard of any definitive info on that. Given how they don't even release bugfixed versions of OpenCart itself, though, I would highly doubt they're going to make a September deadline for integrating new code.

My Braintree Payment Gateway Pro does support 3D Secure, and will be updated to support 3D Secure 2.0 once it's officially released by Braintree. Currently they don't have all the API info in place, so I'm not sure why they keep sending these e-mails. I'll be updating my extension before the deadline, for anyone that's currently using it.

Image Image Image Image Image


User avatar
Administrator

Posts

Joined
Fri Dec 18, 2009 3:08 am


Post by lukeketchum1 » Thu Mar 14, 2019 3:35 pm

Thanks for your reply Jonathan, I will definitely bare this extension in mind.
Is this requirement PSD2 SCA update not as important as it sounds or something? I'd have thought if it was they'd be all over it since Checkout/Payment is a fairly basic part of an ecommerce platform? I thought there would be lots of store owners on here panicing but seems barely mentioned so maybe I'm just mis-reading or something :)

Active Member

Posts

Joined
Tue Jan 23, 2018 12:30 am

Post by Johnathan » Thu Mar 14, 2019 10:11 pm

Most stores don't even use 3D Secure in my experience, so it's probably not a big deal to most people. I haven't found definitive info that they're discontinuing 3D Secure 1.0 either --- I would assume it will continue working, though I don't know that for sure. I'd be surprised if they just stopped it working though. Probably they're just emphasizing it so much to get people on board, since it's really hard to get people to update things unless they think it's security-related.

Image Image Image Image Image


User avatar
Administrator

Posts

Joined
Fri Dec 18, 2009 3:08 am


Post by lukeketchum1 » Thu Mar 21, 2019 4:43 pm

I have now confirmed that I am set up for and utilising 3D Secure 1.0 at least so thats something. In the meantime I had the following mail about the same...
------------------------------------------
Over the last two months, we've notified you of upcoming changes related to Strong Customer Authentication (SCA) requirements. To help you prepare for upcoming SCA requirements, part of the European Payment Services Directive (PSD2) regulations, Braintree recommends that merchants integrate 3DS 2.0 into their checkout experience by April 2019 per the card brands' guidelines.
Our 3DS 2.0 adoption guide provides more information on how to make this integration change. The web and iOS SDK are available for a limited release in Sandbox and Production.
If you are using a third-party shopping cart provider, please reach out to them directly for steps to meet PSD2 SCA requirements.
When is the deadline?
Card issuers may begin to require that transactions meet SCA requirements any time after April 14, 2019, even though the date of enforcement isn't until September 2019. Being ready when the 3DS 2.0 protocol is active is an excellent proactive measure that can help you avoid unnecessary declines.
Are there any additional resources I can reference?
We'll continue sharing relevant details leading up to the date of enforcement. In the meantime, please read these blog posts for more information on the regulations and how to prepare.
--------------------------------------------
It's this inparticular that concerns me "Card issuers may begin to require that transactions meet SCA requirements any time after April 14, 2019, even though the date of enforcement isn't until September 2019. Being ready when the 3DS 2.0 protocol is active is an excellent proactive measure that can help you avoid unnecessary declines." that certain card issuers can choose to start rejecting transactions that aren't 3DS 2.0 after April 14th?

Active Member

Posts

Joined
Tue Jan 23, 2018 12:30 am

Post by Johnathan » Thu Mar 21, 2019 10:50 pm

I'm not entirely sure myself, because as you can see it's vague about the implementation dates. The info I've found says that MasterCard 2.0 may start being enforced in April (whatever 2.0 is) with Visa having various dates based on location. PSD2 (SCA) has a deadline for September:

https://www.braintreepayments.com/blog/ ... ecure-2-0/

Braintree's not even ready itself though --- their SDK's are not finalized for 3D Secure 2.0, and they say not to use it in production at this time anyway:

https://developers.braintreepayments.co ... ascript/v3

Because of that I wouldn't worry too much, I'd imagine there will be a bit of a grace period as everyone wants to make sure everything works together. I could be wrong though --- it wouldn't be the first time somebody starts enforcing something that's not ready to be enforced yet. :D

Image Image Image Image Image


User avatar
Administrator

Posts

Joined
Fri Dec 18, 2009 3:08 am


Post by Domoniccross » Sun Mar 24, 2019 2:28 am

Johnathan wrote:
Fri Mar 08, 2019 10:03 pm
I don't think the OpenCart team has mentioned their plans. It's possible the OpenCart team plans on updating the extension in the next version to also use 3D Secure 2.0, but I haven't heard of any definitive info on that. Given how they don't even release bugfixed versions of OpenCart itself, though, I would highly doubt they're going to make a September deadline for integrating new code.

My Braintree Payment Gateway Pro does support 3D Secure, and will be updated to support 3D Secure 2.0 once it's officially released by Braintree. Currently they don't have all the API info in place, so I'm not sure why they keep sending these e-mails. I'll be updating my extension before the deadline, for anyone that's currently using it.
Are you still facing any issue?

https://prizelava.com


Newbie

Posts

Joined
Sat Dec 22, 2018 4:17 pm

Post by Johnathan » Mon Mar 25, 2019 9:56 pm

Braintree needs to finalize their API docs before I can implement anything related to SCA. I'll be keeping my eye on it in the coming weeks, but so far it's not implementable in a live store.

Image Image Image Image Image


User avatar
Administrator

Posts

Joined
Fri Dec 18, 2009 3:08 am

Who is online

Users browsing this forum: Majestic-12 [Bot] and 44 guests