As of March 14, 2020, Visa is mandating issuers in the European Economic Area (EEA) need to be live with EMV® 3DS v2.1.
This mandate is an effort to push the ecosystem forward. The original PSD2 activation date of September 14th, 2019 was extended by the European Banking Authority (EBA) to December of 2020. A stipulation for this extension was to show progress throughout the upcoming year to reach this official compliance deadline. Visa identified March and September of 2020 as key timeframes to deliver crucial functionality for adoption prior to the end of the year.
But what does this really mean to you if you are a European merchant? We’re thinking that some of your top goals for your digital business are meeting Strong Consumer Authentication (SCA) compliance, using exemptions, and maintaining high conversion rates while preventing fraud.
In order to reach these goals, you have likely turned to 3DS 1.0 and EMV® 3-D Secure (formerly known as 3-D Secure 2.0) to assist you in achieving success. As EMV 3DS v2.1 is adopted by issuers as of March 14, 2020, you will have the ability to leverage new messages, user experiences, and new forms of payment. And this is good. But we know it can be confusing. Ultimately, these new versions provide the ability to exchange more information, improve the user experience, and provide an optimal way to secure transactions for both merchant and consumer benefit.
To define what EMV 3DS v2.1 issuer readiness is - an issuer may load part of their card range portfolio, but not all of it. For the card ranges loaded and participating, the issuer will actively facilitate authentication. For the card ranges which are not loaded, the Visa Attempts server will stand-in following this mandate. Regardless, your transaction will route as an EMV 3DS v2.1 transaction. The Visa Attempts server will be responsible for producing the result if the card range is not loaded. In this scenario, as the merchant you will still receive liability shift.
As transactions begin for EMV 3DS v2.1 readiness in Europe, it’s recommended that authorization approval rates be monitored. Although we don’t anticipate any immediate impact, if you do experience a deviation from what was your previous standard, reach out to your 3DS vendor, such as Cardinal. By utilizing the Cardinal Rules Engine, we can assist in optimizing your transaction protocol routing. By leveraging the ACS Info Indicator present within the Preparation Message, we can selectively route transactions for full Strong Customer Authentication (SCA) compliance to the 3DS 1.0 protocol until the issuer is fully participating, allowing full authentication and ECI 05 values.
CardinalCommerce, a Visa solution, is a global leader in authenticating digital transactions. For over two decades, we’ve been bringing merchants, issuers, and shoppers together in an experience where everybody wins. With singular focus, proven technology, and dedicated service, we are continuously raising the bar for payment authentication around the world. We put authentication first because we believe digital commerce should be safe, rewarding and engaging, for you and your customers.
Have questions? Let’s talk
EMV® is a registered trademark in the U.S. and other countries and an unregistered trademark elsewhere. The EMV trademark is owned by EMVCo, LLC
EMV 3DS can help manage PSD2 SCA’s exemptions. See if they’ll work for you.
At Cardinal, our 2020 resolution is all about building our existing capabilities and expanding our reach in the latest protocols. See what we've got planned for 2020.
Learn how authentication affects Card-not-Present authorization rates and key statistics on fraud in the clothing and footwear industry.
Authentication is core to payment processing in Europe, so if your digital transactions are not authenticated, you will be expected to implement a solution before your business is impacted.
You'll be the first to hear about new products, features, and company updates.