The IWAI is ready for Changes to online payments

The Payments Services Directive (PSD) that began as far back as 2005 when first conceived released a major update in 2018 when it was repealed and replaced by PSD2. PSD2 will bring new requirements for payment transactions and anyone doing e-commerce in Europe will have to make changes to their operation.

The credit card brands also come into play in regard to upcoming regulations as well. Visa, Mastercard and others are implementing mandates around something called 3D Secure 2 (3DS2),

What is 3DS2

The most important component or change for Members coming with 3DS2 is the requirement of Strong Customer Authentication(SCA). This requirement dictates that consumers must authenticate using additional parameters.

Gone are the days of only a username and password. This was something the user knew (or in many cases could not remember). One step authentication is becoming more and more insecure, as it only required something “known” which could be obtained or hacked with relative ease.

Now, customers will need to identify themselves with two of three categories. The categories are knowledge, possession, and inherence. Often referred to as, “something you know”, “something you possess”, and “something you are”.

What Does this mean for members

3DS2 – is the implementation in Europe of Strong Customer Authentication (SCA)

3DS2 will require the IWAI to send additional data with each financial  transaction from the membership system and from the IWAI Shop , so that the bank can determine if the cardholder is the actual transactor. If the data matches what the bank requires, then the transaction can continue on a “frictionless” flow and will not need user input. This will have to match with exemptions and what is allowable for SCA to qualify once SCA is in place.

If the data is not acceptable, and the transaction also didn’t meet an acceptable exemption, then the bank will respond with a “challenge” for user authentication. If challenged.  The challenge will be presented on the Global Payment Payment page, or in the bank’s application on a mobile device if installed, providing for a better user experience.

The Challenge is defined by your bank , but often takes the form of an SMS with a one time code that you have to enter into the payment transaction page , or maybe integrated into your banks mobile banking application.

What triggers a challenge and how the challenge is done is not something the IWAI has any control over , it is determined by your Bank 

From End of November on , all renewals ,New Joins and Purchases from the IWAI shop, the following additional information will be sent to Global Payments , our financial payments service provider with each Member transaction

For every transaction

  1. Email as registered in the Membership system or shop
  2. address as given in the Membership system or shop
  3. Town  as given in the Membership system or shop
  4. Post Code as given in the Membership system or shop
  5. Mobile number as given in the membership system or shop

The IWAI does not process or hold any credit card data on our systems , the page where you enter your card data is hosted by Global Payments and they send your entered payment details to your bank for authorisation

Important:

If your registered details on the IWAI membership system or IWAI shop are wrong or different to the details you have registered with your bank , this will increase the likelihood of a challenge to a payment and create additional friction in completing the transaction.

We recommend that you log into the IWAI Membership system and check your details  or , contact your local Branch officers , or the Membership Secretary to update your details if you are unable to , before the end of 2020.

What do you need to do ?

To minimise challenges and make online payments ( not just to the IWAI)

  1. If you are not registered with your bank for online transactions or are not sure , you should call your bank and check what they need for you to be able to make online transaction ( it differs from bank to bank )
  2. Many banks are already asking you to verify details and mobile numbers , do it !
  3. Check what you have registered on the IWAI membership system and update , most important details
    1. email – we get many bounces for emails sent to members for invalid emails.
    2. Address post code – Make sure your Eircode is present and correct ( and the same as the info registered with your bank)
    3. Mobile number – optional – not required if you don’t want to , but recommended.