XF 2.1 Will Stripe and other payment methods be updated to PSD2 regulation? (September 14th deadline)

Alfa1

Well-known member
My Stripe dashboard shows this warning:

Update your integration to prepare for SCA
On September 14, European regulation will mandate

Strong Customer Authentication (SCA)

for many online payments. When it goes into effect, a form of two-factor authentication will be required for many card payments. Unless you update your integration, your customers’ banks will decline many transactions.



Beginning September 14, 2019, PSD2 regulation will require Strong Customer Authentication (SCA) for many online payments made by European customers, to help reduce fraud. To ensure payments will not be declined, businesses will need to build an extra layer of authentication into online card payments, unless transaction-specific exemptions apply.

The impact of SCA on your business can vary depending on the type of purchase, whether you charge a customer during or after checkout, and even which bank your customer uses. Stripe has designed SCA-ready payment APIs and products to help you manage this complexity and minimize the impact of SCA on your checkout conversion.
 

Robust

Well-known member
In 2.1.2 (I think?) XF moved to the PaymentIntent API, which has support for these SCA requirements. As long as it prompts for the 3DS correctly (I believe it does, can't remember) it's ready for the new regulation. Definitely worth having XF confirm this, though.

I don't think versions prior to XF 2.1.2 will be compliant with this.
 

Alfa1

Well-known member
Thanks for the feedback! Is it correct to assume that this is on the radar for all payment methods? (where applicable)
 

AndreaMarucci

Well-known member
The work is in progress and is on target for the next release which will be before the end of August.
Chris I've just updated to 2.1.3. This is the release you're talking about to be SCA ready? I'm receiving many emails from Stripe telling me about SCA and the i'm using Stripe only from XF so it's a little urgent :)
 

Alfa1

Well-known member
Stripe sent out this warning:
Our information shows that xx% of your yearly payments volume could be impacted by upcoming SCA requirements.

Although we anticipate a gradual enforcement of SCA, we expect the first banks to start declining payments without two-factor authentication on 14 September. As a result, we still recommend updating your integration before 14 September to help avoid increases in declined payments. These changes can require frontend, backend, and client bindings version changes, so we recommend that you start updating your integration as soon as possible.
 

Robust

Well-known member
It looks like it is going to be tight...
PayPal still haven't added SCA support in any form at all so far either, so I'd say it's not too tight. Which, on another note, is actually disappointing, since they're a payment processor and make exactly zero effort to help merchants against unauthorised chargebacks and stop unauthorised use on their platform.
 

Alfa1

Well-known member
FYI: I'm now getting the first warnings on declined payments:
! Update your integration now for SCA
This payment didn’t use an SCA-ready product. Unless you update your integration, payments like this are at risk of being declined.
 
Top