Hi All,

Are there any other Protx users out there who are confused by the need to implement 3D Secure next month?

I understood from the emails that it was just International maestro cards which would require this. But talking to Protx, they say its all Maestro cards.

Does anyone already have 3d Secure/Verified by Visa implemented and how do customers react?

I hate anything that slows down the checkout process!

Alison

I thought it was all.

I don't have it yet but I have emailed Barclays and they are in the process of sorting it out.

I imagine it would be a hassle at first, it would be for me and has been, but it is something that we have to get used to esp as barclays are charging a % for 'non secure' transactions.

It would be an extra 'page' but it's two passwords to remember I think so as long as you can remember these I wouldn't think it would be a problem for normal consumers.

We use Protx but do not have 3D Secure integrated yet. You have to understand its an additional security issue.

We have had 3D implemented for over a month now. I simply emailed protx and they added it. I don't believe it puts people off but it has actually given me more confidence over some orders I would not normally have dispatched. If an order is 3D secure authenticated then it's near-on impossible to get a chargeback.

I imagine it will put some people off but then this lost business should be off set by your reduced exposure to fraud.

Like most new things, consumers will resist to start off with but ultimately it will become common place and people wont blink an eye at it.

I'm sure you're right Astaroth, and we will do our best to sell it to our customers.

Its just that we are lucky to be in a line of business which attracts very little fraud - no chargebacks in over 2 years.

Silver lining is we should be able to get our merchant rates down on the back of it!

Thanks for all your replies.

I am tempted to not become 3d secure compliant. What do you think the costs are of non-compliance?

The reason for this question is because instead of Protx we use Optimal Payments based in Canadaand they don't support 3D secure properly so we will have to go through another company called Cardinal Commerce. It's going to be expensive and time consuming to set up.

(Optimal support rerpeat billing which we need),

3D secure is the online equivalent to Chip & Pin and, as such, is an extremely good idea. When we implemented it we were able to adjust our rule base so that 3D secure verification was only mandatory above a certain transaction value. This means that verification will be attempted for ALL transcations but failure does not automatically void the sale. Strangley we actually find that occasionally we get the bizarre situation that we have 3D authentication but the bank then rejects the transaction!

3D secure is the online equivalent to Chip & Pin and, as such, is an extremely good idea.

Hardly. Chip and Pin is great, it replaces an extremely easy to forge signature with a PIN. Great idea, and just as fast.

3D Secure adds a whole bunch of steps to the payment process, and requires the user to remember yet another password. The only people it protects are the credit card companies. It's a horrible idea, and I hope it dies off soon.

We will not be implementing it on any of our own e-commerce sites (though we will on some customer sites, because they want it). I've discussed this at great lengths with both our merchant bank (HSBC) and our payment gateway (Protx), and they fully understand the situation.

Implement it if you wish, but for the majority of online shops the losses in abandoned baskets will far outweigh your previous chargeback losses.

I bow to your greater experience in such matters and concede that we are purely B2B not B2C. That said we have only made it a requirement for 3D authentication above a certain value and we monitor aborted transactions very closely and get very few in all honesty. My instinct is that whether you love it or hate it is here to stay...

I bow to your greater experience in such matters and concede that we are purely B2B not B2C. That said we have only made it a requirement for 3D authentication above a certain value and we monitor aborted transactions very closely and get very few in all honesty. My instinct is that whether you love it or hate it is here to stay...

What I'd really like is some real stats for before and after abandonment rates across a large number of sites, with different product types, both B2B and B2C. All I have is data from a handful of sites.

I'm not sure about the here to stay aspect. I find it hard to believe that the likes of Amazon, Play etc. will be implementing it. Only time will tell.

So just to confirm there are e-commerce firms out there who are not going to implement 3D secure?

I would prefer not to implement as I'm B2C and my transaction values are quite small, but isn't there then a chance of not being able to process Mastercard payments?

So just to confirm there are e-commerce firms out there who are not going to implement 3D secure?

We certainly don't intend to, unless it becomes impossible to take payments otherwise. The only card type which this currently applies to is Maestro International. This represents so few cards that ut really doesn't matter.


I would prefer not to implement as I'm B2C and my transaction values are quite small, but isn't there then a chance of not being able to process Mastercard payments?

No, there are currently no plans to make 3D Secure mandatory for Mastercard transactions.

"Maestro International...represents so few cards that ut really doesn't matter."

Does anyone know the actual Maestro % of the UK card transactions?

(Out of interest I would also like to know the % of all the card types, incuding Amex, if anyone has this? We are not going to pay th extra fees to accept Amex, just want to make sure this wont effect sales)

ProTX have been really pissing me off. I get different responses to the same questions about the 3D Secure stuff from their support team.

Has anyone yet implemented it on a VSP Direct system? I've got about 5 to do!

ProTX have been really pissing me off. I get different responses to the same questions about the 3D Secure stuff from their support team.

Has anyone yet implemented it on a VSP Direct system? I've got about 5 to do!


I have not done it yet, but its in my work schedule. From what I read in the documentations its really not that hard to implment just a few more HTTP posts.

I personally think 3D Secure is a very good thing, if only for the libaility shift to the banks rather than the retailers. It certainly gives some of our companies more confidence to trade online and our customs seem to agree too

Well, I have enabled 3D secure on our Protx account but not yet activated it and we seem to have no problems still accepting Maestro cards.

Has anyone had a definitive answer as to whether it is ALL Maestro cards or just International ones - and what is the difference. Protx told me it was all Maestro cards but this doesn't seem to be the case.

Still as confused as ever!

Its only International Maestro cards.

From the horses mouth : http://www.protx.com/aboutus/newslettermay07.asp

Its only International Maestro cards.

From the horses mouth : http://www.protx.com/aboutus/newslettermay07.asp

Well, they need to get their staff to read this as it is not what they told me! I had read this too, wanted to be 100% sure, rang up to confirm it was just overseas registered cards and was told I needed to implement it to accept any Maestro. They are probably on commission per sign-up!

One of my clients who has a v. good relationship with ProTX has just spoken to them and they've confirmed - are you ready for this? The definitive answer is....

They don't know!

They've admitted to him that they don't have a clud whats going on. They're basically getting conflicting info from the banks themselves which is why we're all getting conflicting info ourselves.

From looking around on the web it appears the Maestro will "support" 3d secure from this summer.

Not sure what this means for protx mind...

Well I'm definitely not going to integrate it as it will cost me extra (I'm not with Protx), and it is a pain for retail customers, especially who are unused to it.

If I stop being able to accept payments, then I'll just add it in.

Of course there is a small chance I'll get fined, but can't really see this happening as so many websites are currently non-compliant.

I just spotted this , so I guess its all transactions not just international



Mastercard SecureCode necessary from 30 June
Sunday April 29 2007

Following the changeover of debit cards from Switch to Maestro, any company accepting Maestro online will have to comply with new Mastercard regulations from 30 June. To continue accepting Maestro payments online the website must be Mastercard SecureCode enabled.
CyberSource has released a white paper about the issue of what e-retailers need to know about Verified by Visa and Mastercard SecureCode. This can be downloaded from the security company's site.
Emma Herrod




Souce : http://www.internetretailing.net/news.php?news_id=496@1177879932&cat_id=0

I just spotted this , so I guess its all transactions not just international

Souce : http://www.internetretailing.net/news.php?news_id=496@1177879932&cat_id=0

I don't believe this is correct. Both Protx and HSBC have informed us that we do not need to implement 3D Secure to continue taking payments.

TBH, I don't know who to believe anymore. Just as well we have 3D secure enabled and we are using protx forms for now. So will see what happens on Sunday.

Its like talking to a politician trying to get a straight answer on this one :)

On techsupport.protx.com/downloads.asp there is no support/snippet for PHP, here us what they say:

After the recent development of the 3D Secure Authentication process into our VSP Direct product, we only currently offer example integration kits which encompass the new 3D Secure process in ASP and JSP languages ONLY. These 3D Secure integration kits can be downloaded using the drop down box below.

Is anyone tried to fix from 2D to 3D on PHP platform for VSP direct? Can you provide me a snippet for PHP?

Thanks for understanding...

I think I am just going to wait and see what happens.

If all my maestro cards get declined I will just have to turn on 3d Secure (although I would rather not at the moment)

I don't know if this is the best way, but its what I'm going to do.

I think I am just going to wait and see what happens.

If all my maestro cards get declined I will just have to turn on 3d Secure (although I would rather not at the moment)

I don't know if this is the best way, but its what I'm going to do.

If you have a problem with charge backs then I would highly recommend turning it on. Just so you can benfit from the libility shift.

If you have a problem with charge backs then I would highly recommend turning it on. Just so you can benfit from the libility shift.

But you may find you end up worse off because of abandoned orders.

But you may find you end up worse off because of abandoned orders.

TBH its all down to how you market the service. Chip and Pin did not decrease sales. We have found our overage basket size was actually larger when we enabled it.

Swings and roundabouts, but I think I go for anti fraud everytime

A you can imagine 3D secure is an absolute necessity for Ampalian and I wouldn't consider being without it. It has literally saved me thousands!

Customers understand and even appreciate the security.

Here is my customer statement:

You may be asked for your Verified by VISA or MasterCard SecureCode details. This is the online equivalent of Chip and Pin. If you are not enrolled in either you may be offered the opportunity to do so. This is not required but for your future security we recommend that you do.

A you can imagine 3D secure is an absolute necessity for Ampalian and I wouldn't consider being without it. It has literally saved me thousands!

Customers understand and even appreciate the security.

Here is my customer statement:

You may be asked for your Verified by VISA or MasterCard SecureCode details. This is the online equivalent of Chip and Pin. If you are not enrolled in either you may be offered the opportunity to do so. This is not required but for your future security we recommend that you do.


We are the same for watchfinder, before 3D Secure came along we simply did not take credit cards over the web. Although we still got knocked for 60k in one year. Since 3D secure (and 192 business fraud services) this has not gone down to zero.

So for me its worth it

What's that I can smell????

If you can take a £60k hit on chargebacks what are you doing here? The Caribbean is very nice.

Is anyone else confused over the situation with ProTX and REPEATs? If so, I had an email dialogue with them that might shed some light. Let me know if it's of use and I'll post it

Is anyone else confused over the situation with ProTX and REPEATs? If so, I had an email dialogue with them that might shed some light. Let me know if it's of use and I'll post it

As far as I understand it, you can carry on using REPEAT, but you can't do REPEAT PREAUTH. Does that match your conclusions?

What's that I can smell????

If you can take a £60k hit on chargebacks what are you doing here? The Caribbean is very nice.


I nearly posted something back to this, but I dont want to get involved in a bun fight. I know our figures and I know what the fraud level was , hence why we spent so much on anti-fraud measures.

As far as I understand it, you can carry on using REPEAT, but you can't do REPEAT PREAUTH. Does that match your conclusions?

Yeah - it basically boiled down to "no change". With the following caveat:

To the best of our knowledge, yes this will be the way that the new system will handle Continuous Authority. We have not been informed of any other way that it will do this. However, once we know for definite all of our vendors will be informed accordingly.

We just implemented 3D secure (via Protx) and our initial fears that it would lead to more abandoned payments don't seem to have realised - so far. It looks like 3D secure is only relevant for certain types of cards and so doesn't always activate... If that helps anyone

As we have come to know that merchants must replace all Switch branding with Maestro and all internet Maestro transactions must be taken using the MasterCard SecureCode 3-D Secure system. We are planning to implement this 3D Secure payment for HSBC. So I would like to know the necessary changes that are needed to be made to implement it and passing of some additional parameters for the same. I would like you to explain the same with a set of examples which will help me while coding .Going to be using XML API.
Can someone help as soon as possible.

Can someone help as soon as possible.

I think you need ProTX support. support@protx.com

Just an update.

I HAVE NOT switched on 3d Secure and all payments are going through fine including UK maestro cards. Never had an international one anyway thus far.

I would like to take Irish Laser cards through my Euro account. Are they Maestro branded as well?

Just an update.

I HAVE NOT switched on 3d Secure and all payments are going through fine including UK maestro cards. Never had an international one anyway thus far.

I would like to take Irish Laser cards through my Euro account. Are they Maestro branded as well?

That's good to know - thanks ;)

If I wasn't a mod I'd be posting a lot of expletives right now! I'm am SO p*ssed off with ProTX and their crap support.

3 weeks it's taken them (so far) to even get a test account working for me to test 3d Secure.

It seems the support ticket goes to a different person whenever it's update and they never bother to read the history of it.

If it wasn't for all the REPEATS I have to do through them I'd be looking to move elsewhere now. I'm certainly not recommending them to anyone else anymore like I have been.

They were great when they were a private company. Now they're just utter crap!

Rant over!

Hiya
I'm surprised this is being actioned so late on Protx? It became compulsory on Worldpay at the end of June https://support.worldpay.com/admin/ and all Maestro card users will now be required to register for 3D secure. I've been using 3D secure/ verified by Visa etc for about 6 months or more now and not found it's caused an issues. I can see any abandoned orders and I always speak to the customer if that happens and none have ever been put off by it, in fact they seem pleased their details are that little bit more secure.

It also seems to have deterred frauds attempts (touch wood) I had a spate of attempts the one month but they couldn't get past the securecode or past the security on the website and via Worldpay and eventually gave up.

OK,

So a quick update in case anyone hasn't seen it.

Protx are updating their Payment process on 1st August. this will add another page to the payment checkout, making it three pages by m counting. (They will now ask you to select what type of card you want to use, like Worldpay do).

Also on the 1s August, if you do not have 3d Secure activated you will not be able to accept Maestro, either domestic or international - in fact your customers won't even be given the option to try, it simply will not happen.

If you take orders over the phone you will also need a MOTO merchant from your bank account as Protx's VSP admin system will not allow Maestro payments.

There is some good news, you can now fully customise your payment templates (its about time) and they will now display payment pages in other languages depending on the users browser settings. Handy if you want to take payments from customers overseas.

Also on the 1s August, if you do not have 3d Secure activated you will not be able to accept Maestro, either domestic or international - in fact your customers won't even be given the option to try, it simply will not happen.


This is only true if you're using VSP Form. If you're using VSP Direct, things are different.

After I received the email, I spent about half an hour on the phone to them today, and they have categorically confirmed that they will continue to process UK Maestro cards in exactly the same way. It will be up to your bank whether they decline the transaction.

I've spoken at length with HSBC about this, and they have also assured me that they will not be changing anything right now.

I finally have a VSP Direct system set up with 3D Secure.

I'll keep the following URL in test mode so you can see how it looks from a user perspective when you're asked for your 3DSecure passowrd.

https://www.keyone.co.uk/payonline3D.asp

Just to add something from a slightly different perspective. Apart from suffering the same confusion as most people on this issue from a business viewpoint, as a consumer, I equally haven't had any proper information about any changes. If I have a maestro card, and want to use it online, what is meant to happen, from the customer perspective. How many consumers out there know about and understand the changes?