On 14 September PSD2 mandate goes into effect. Banks will theoretically decline payments that require Strong Customer Authentication and have not gone through the 3D Secure flow. However, not sure how this will apply in the UK.
Recurly, in their white paper on “What Every Subscription Business Needs to Know About PSD2” list the transactions that PSD2 applies:
- PSD2 does NOT apply to Merchant Initiated Transactions (MIT) like recurring subscription charges.
- PSD2 DOES apply to the initial sign-up transaction and any one-time transactions. Merchants must present the 3DS flow on these transactions in order to satisfy SCA.
- PSD2 applies to all online transactions where both the issuing and acquiring banks are located in the European Economic Area (EEA). Merchants should also be aware that similar regulations are expected to be adopted in Australia and New Zealand in January 2020.
- Transactions impacted include payments made via credit cards and alternative payment methods.
Fortunately, alternative payment methods such as PayPal, AmazonPay, and ApplePay are PSD2-compliant and meet SCA requirements. So, the main impact of PSD2 and SCA will be on credit card transactions.
Subscription businesses must present the 3D Secure flow on the initial purchase only. Subsequent recurring purchases are exempt from PSD2 and Strong Customer Authentication unless the issuing bank declines the exemption.
Preparations for PSD2
Companies like Recurly, the subscription payments company, are updating their gateways to other platforms such as Adyen, Stripe, Braintree, Wirecard, Sagepay, Worldpay, etc.
Recurly have enhanced their client-side integration so their customers can use Recurly to satisfy the SCA requirement on both initial subscription sign-ups and one-time purchases. Their aim is to enable you to incorporate 3DS into your checkout flows in mere hours, not days.
Subsequent renewal purchases
For renewal purchases, Recurly will request to have these renewal transactions exempted from SCA by flagging them as "MIT" (Merchant Initiated Transactions). This includes existing subscriptions that started prior to September 14, 2019. Recurly will "grandfather" these in as merchant-initiated so that they won’t require SCA when they come up for renewal on or after September 14th. However, at the discretion of the card issuer, there may still be subsequent renewal MIT purchases that require SCA.
CTMfile take: PSD2 is not going to be easy, particularly for recurring payments. But companies like Recurly are making it as easy as possible. The Recurly report on PSD2 is definitely worth a download, here.
Like this item? Get our Weekly Update newsletter. Subscribe today