3D Secure/Barclays/Charges - help

[ImproveSearchListings]

On a recent statement from Barclays Merchant Services, we have been charged for non-secure transaction charges.

I am a little confused as we don't have 3D secure set up and so imagined that all transactions would fall into non-secure.

Does anyoe have any idea why only a percentage (about 30%) would fall into this category?

Thanks

 

[Nicole.S]

check your agreement with Barclays on whether you have 3D/Non 3D merchant account. Any extra charges should have been stated in the agreement when you signed up with Barclays. Give them a call and find out why you're charged for non-secure payments made to you.

 

[ImproveSearchListings]

We have a non-3D Merchant Account, so I would expect that all transactions would be subjected to the charge.

This isn't the case though - only a small volume of transactions are being flagged as Non-secure.

 

[Nickdavis87]

We have a non-3D Merchant Account, so I would expect that all transactions would be subjected to the charge.

This isn't the case though - only a small volume of transactions are being flagged as Non-secure.

Does the 3D secure all cards or only certain ones?

 

[ImproveSearchListings]

According to Nochex:

All the following cards are checked for participation within 3D Secure

Visa
Visa Electron
Visa Delta
MasterCard
Maestro (includes Switch)
Solo

At this time this doesn't apply to us - we just check Address and 3 digit code etc.

On Protx, all our checks are successful, but we are still getting a number that are being charged by Barclays for being 'Non Secure Card Transactions'.

Is anyone able to explain why?

 

[PayVector]

Could be a couple of things.

1. Are you doing repeat transactions?
2. Are you doing adjustment billings are follow up billing?
3. Are you doing pre-auths?

 

[Eco]

I think that Maestro (includes Switch) transactions by law have to go through secure 3D and the others do not this might explain 30% of your transactions.

 

[PayVector]

its only Maestro international that is 100% 3D required. So all merchants not using 3D secure will be losing all that business.

 

[ImproveSearchListings]

1. Are you doing repeat transactions?
2. Are you doing adjustment billings are follow up billing?
3. Are you doing pre-auths?

1. No, all transactions show as 'Not Repeated' in Sagepay.

2. Once the customer has paid, that is what will be charged (is this what you meant?).

3. Potentially, but wouldnt' that affect all transactions? All the days orders are batch sent around 2am the following morning (e.g. 2 orders at 4pm and 7:30pm on Tuesday 4th, would both be sent at 2:30am Wednesday the 5th).

its only Maestro international that is 100% 3D required. So all merchants not using 3D secure will be losing all that business.

That's just it, we're not losing the business, because we're getting chraged for the transaction - a surcharge for taking a certain card perhaps, or without the accepted check level?

Thanks for your help on this IridiumCorp - appreciate it.

 

[ImproveSearchListings]

Also, just been speaking with Barclays - they have said that for some of them the security code didn't match.

This doesn't add up as on Sagepay they have all been checked and are correct.

Not sure if this makes it more murky....

 

[Optegris]

I would ask for specific transactions where the CV2 code didn't match and pass these back to SagePay to confirm. If SagePay confirm that the CV2 was checked and found to be correct then you have a good case to go to Barclays and demand an explanation.

Vice versa, if Barclays are correct then SagePay need to investigate asap.

 

[PayVector]

Tricky one this :|

3. Potentially, but wouldnt' that affect all transactions? All the days orders are batch sent around 2am the following morning (e.g. 2 orders at 4pm and 7:30pm on Tuesday 4th, would both be sent at 2:30am Wednesday the 5th).

okay to clarify. Are you doing the authorisation real time and the settlement via batch OR are you sending through all transactions as a batch later.

Also, just been speaking with Barclays - they have said that for some of them the security code didn't match.

This doesn't add up as on Sagepay they have all been checked and are correct.

Forgive my ignorance of the Sagepay backend. Is it possible to set up 3D secure to allow a transaction even when authentication fails?

If it is possible that is your likely culprit. It would be analogous to letting a customer pay in the card holder present environment when they do not know their PIN.

Can you please check and let me know.

 

[Optegris]

Forgive my ignorance of the Sagepay backend. Is it possible to set up 3D secure to allow a transaction even when authentication fails?

Yes it is possible to allow failed 3D and also failed AVS/CV2 checks through but this is clearly flagged to the merchant in their admin area.

Basically if they have a tick for the transaction then it's been matched plus this detail is returned in the SagePay auth response.

 

[ImproveSearchListings]

Hi IridiumCorp,

The authorisation is real time and the transactions are sent through as a batch later.

It is possible to setup 3D Secure to allow a transaction even though it has not been successful - this won't affect us though as 3D Secure isn't switched on for us yet.

This is why I'm so confused - if we were charged for all of them, that'd make sense as we're not checking all of them against 3D Secure - instead we're only charged for some.....

 

[Optegris]

For the transactions that Barclays say are mismatched on the CV2 code, what shows in your admin area at SagePay for the same transaction?

 

[PayVector]

Hi IridiumCorp,

The authorisation is real time and the transactions are sent through as a batch later.

It is possible to setup 3D Secure to allow a transaction even though it has not been successful - this won't affect us though as 3D Secure isn't switched on for us yet.

This is why I'm so confused - if we were charged for all of them, that'd make sense as we're not checking all of them against 3D Secure - instead we're only charged for some.....

Thats your problem then. If you allow a transaction through that has failed authentication, ie where BMS are getting that they don't match, then you are liable for the transaction and will be charged the added amount.

Same goes for CV2. The bank is charged extra for each transaction that is put through an Ecom account where CV2 is failed or not attempted. It's only .2% but you can bet BMS will mark it up.

 

[PP Simon]

Hi, new to this forum but thought I might add something. We had a similar problem quite some time ago with Lloyds Cardnet. The reason was that we had quite a relaxed 3D Secure rule base via Protx. This was allowing transactions, that failed 3D secure, to process as long as they passed other criteria. We were then getting the extra charge where cards that were registered as part of the 3D scheme were being allowed to process on our site, even if they failed the 3D secure bit. This was sometime ago now and I cannot remember if this just applied to Maestro cards or all cards that were registered with 3D Secure. Anyway, we tightened our 3D secure rulebase and the charges have stopped.

 

[PP Simon]

Hi, exactly the same thing happened to us quite a while back. We suddenly received new charges from Lloyds Cardnet where none had been before, even though we had not changed any parameters. We had 3D secure enabled, but with quite a relaxed rulebase, which meant we would allow transactions that failed 3D secure, as long as they passed other checks (we are B2B). It transpired that we were now getting charged for Maestro transactions where we were letting it pass even if it failed 3D secure. It is quite a while ago now, so I cannot remember if it also impacted all cards that were 3D registered that we were allowing to fail 3D, or whether it was just Maestro. In any event that is what is causing your charges on just a proportion of transactions.(I do not think you need 3D secure enabled to be subject to these charges). We tightened our 3D secure rulebase and the charges have disappeared. Hope this helps.

 

[PP Simon]

Ooops, sorry, have posted twice, (17 & 18) - thought original post was deleted. New to this forum!