Thanks to PayLane’s implementation of the 3-D Secure technology, it is not merchants, but banks that are responsible for chargebacks in case of fraud transactions, on condition that:
- 3-D Secure has been activated for the card,
- the payer has been redirected by the merchant to a website where the card authentication takes place,
- the authentication process is successful.
To make it easier for merchants to use 3-D Secure, without requiring them to have in-depth knowledge of the whole authentication process, we have brought it down to 2 functions called through API.
Verifying the card
Before finalising the payment, the merchant should check if the card is in the 3-D Secure system (1st function). Regardless of whether the card is or is not in the 3-D Secure system, if the verification process is successful, PayLane system returns the Verification ID.
In case the card is not in the 3-D Secure system, the payment can be done based on the returned ID. If the card is in the system, the ID will be returned together with the transaction hash and a link to a website, where the payer should be redirected to in order to have their card verified.
User verification takes place outside PayLane system, where the payer provides their code (static password or a one-time password sent by the banks via text message/email). If the verification process is interrupted/incomplete/unsuccessfully completed, there is no possibility to re-do the payment process using the previous ID. After the authentication, the payer goes back to merchant’s website with information on its status (successful or unsuccessful).
Payments using the Authorisation ID
All that’s needed to accept a payment is to run the second function that’s given the authorisation ID as an argument. The ID is returned when checking whether the card is in the 3-D Secure system.
photo source: Getelastic