If you as a webshop owner want to avoid declined payments, you need to be aware of the rules that came into effect on 11 January 2021. All webshops in Denmark must have 3D Secure activated for online card payments. If you do not comply with this, customers may risk being declined when they try to pay.
The SCA rules originate from the EU directive PSD2, which mandates that security around online payments in the EU must be increased. SCA stands for Secure Customer Authentication. Secure Customer Authentication is also called two-factor authentication and essentially means that the consumer, when the amount exceeds a certain threshold, must identify themselves to ensure that the consumer's card is not misused.
What is 3D Secure?
But what is 3D Secure? 3D Secure is an extra security measure that ensures it is actually the customer who is the cardholder using the card.
For a long time there has been a version on the market called 3D Secure version 1. This means that 3D Secure has been available before, but it has now been a legal requirement since 11 January 2021. Leading experts believe that the latest version of 3D Secure – the so-called 3D Secure version 2 – complies with the SCA rules in the EU directive.
With 3D Secure version 2, the same technology is used across card brands. This means that both Dankort, Visa and Mastercard use 3D Secure version 2.
How do banks check SCA?
Banks have different ways, using 3D Secure version 2, to verify that it is the cardholder attempting to use their payment card for an online payment. In Denmark, Secure Customer Authentication is handled by Nets. They use NemID or an SMS with a code to get the cardholder to confirm that it is actually them wishing to make an online payment. Other types of cards from other countries may have other authentication methods.
It is important that you can receive SCA payments
The requirement to comply with SCA rules has been in effect since 11 January 2021.
Danish Commerce is clear in its message: "However, this does not change the message we have communicated several times over the past year. Contact your payment provider and get an agreement to enable the 3D Secure solution."
This is guaranteed with Freepay as your payment gateway. We use 3D Secure version 2 already today.
Switch to Freepay today and get on top of the SCA rules.
What about subscription payments and 3D Secure?
If you have a subscription business, you must also comply with the new SCA rules. However, it works slightly differently here, because for example the monthly charge of a customer's subscription happens at your initiative, without the customer having to go through a new payment window and approve each month. This is called a Merchant Initiated Transaction, also known as MIT. When a customer buys a product rather than a subscription from a webshop, the amount is only charged once, and it is at the customer's initiative. This is therefore called a Customer Initiated Transaction, also known as CIT.
The rules for MIT state that the customer does not need to complete an SCA via e.g. SMS or NemID for every single charge. The payment gateway must mark that it is an MIT, which means the customer will not receive SMS messages. When a new customer signs up for a subscription, they must register and go through SCA before they can be approved as an MIT.
Freepay has many years of experience with subscription businesses, and with a payment gateway from Freepay you are guaranteed that your subscription payments are processed securely and smoothly.
.png)
