Termination of VISA fraud liability protection using 3DS 1.0.2
As the ongoing pandemic situation has proved, the digital economy plays an increasing part in all our lives; therefore, it is vital that electronic payments are secure, convenient, and accessible.
Visa, in accordance with the Payment Services Directive 2 (PSD2), aims to contribute to a more integrated and efficient European payments market and ensure a level playing field for all Payment Service Providers (PSPs). As such, it introduces enhanced security measures to be implemented by all PSPs.
To implement these new security measures, TrustPay has already informed our Partners that due to new SCA mandate introduced by Payment Services Directive (PSD2), it is required to update TrustPay gateway integration by the 1st October 2020.
Current protection from fraud disputes
Visa supports the PSD2 requirements for Strong Customer Authentication with 3-D Secure (3DS). 3DS provides secure, compliant, advanced, and convenient electronic payments, and aims to deliver the right balance between security and consumer convenience. Visa Secure is designed to make Visa transactions more secure; as such, it uses the 3DS specification, which enables to authenticate the payer. At present, merchants that authenticate Visa transactions using 3DS 1.0.2 are generally protected from issuer card-not-present fraud-related dispute claims.
What are the changes?
The main change is the new protocol, EMV® 3-D Secure, commonly known as 3DS 2.0. The transition to 3DS2.0 will take place on 17th October 2021.
As a result, from this day on Visa will remove fraud liability protection for merchants on all 3DS 1.0.2 fully authenticated or attempted authentication transactions.
What does it mean to you?
You will be still able to submit transactions through 3DS 1.0.2 for cardholder authentication, however beginning from 17th October 2021, the transactions authenticated by the 3DS 1.0.2. will be open to fraud-related disputes in Visa (chargebacks).
Are any changes to MasterCard transactions?
No, Mastercard will continue to support 3DS 1.0 transactions on the Mastercard Authentication Network up until the final decommission date, which takes place on 14th October 2022. There are no changes to MasterCard 3DS liability protection rules. Liability protection rules will continue to apply to both EMV 3DS and 3DS 1.0 transactions as they do today.
For further questions, please contact us via the e-mail address firstname.lastname@example.org and our colleagues will be happy to advise you.