3D Secure 2.0 (3DS2) is a widely recommended solution for strong customer authentication (SCA) under PSD2. Zuora's BlueSnap, Payment API v2.0 gateway integration provides support for 3DS2 through the embedded iFrame of Payment Pages 2.0.
To comply with PSD2 using 3DS2, the following updates are required:
- Enable 3DS for your BlueSnap merchant account.
- Enable 3DS2 settings in Payment Pages.
Then you can implement and use Payment Pages 2.0 as usual. See Payment Pages 2.0 implementation overview for more information.
To comply with PSD2 using 3DS2, you must enable 3DS2 settings in Payment Pages. Then you can implement and use Payment Pages 2.0 as usual. See Payment Pages 2.0 implementation overview for more information.
With 3DS2 implemented and enabled, when end customers are challenged while transacting on your Payment Page, they will get held up on the challenge window before passing the validation. The callback page is displayed only when they are authenticated. A payment method ID is also generated and returned.
If your customers failed the strong customer authentication, the
[ThreeDs2_Authentication_Exception] error code and the actual error message are returned. The error code is common across all gateways, while the error message is gateway-specific.
Enable 3DS for merchant account
Before configuring your Payment Page in Zuora, contact BlueSnap Merchant Support to enable 3DS for your BlueSnap merchant account. After it is enabled, you should activate it in your BlueSnap Console by navigating to Settings > Fraud Settings and select Enable 3D Secure.
Enable 3DS2 settings in Payment Pages
When setting up a Payment Page, select the Enable 3D Secure 2.0 checkbox and select the created gateway instance from the Default Payment Gateway dropdown list. You can complete other settings as usual.
Zuora recommends you to enable the CAPTCHA challenge feature so that you can limit the number of times end customers can attempt to submit the form after they fail the authentication. CAPTCHA challenge can be used with the 3DS2 feature to prevent potential bot attacks and reinforce the transaction security.
For more information about enabling and configuring CAPTCHA, see Security Measures for Payment Pages 2.0.
If you select a gateway integration that does not support 3DS2, an error message is displayed when saving the Payment Page.
The "Best practices" section in Zuora’s implementation of 3D Secure 2.0 provides best practices for reducing the possibility of failed transactions due to 3DS2 authentication errors.
Additional information about 3DS2 enroll check
The 3DS2 enroll check is performed by BlueSnap and the data will not pass through Zuora. Hence, the following fields in the Payment Method Transaction Log are empty if the Gateway Transaction Type is ThreeDS2EnrollCheck.
- Request String
- Response String
- Response Code
- Response Code description
- Transaction ID