Compliance to 3DS 2.0
-
Hi all,
will this plugin be updated in order to be 3DS 2.0 compliant?
I have received an email by Braintree to inform me that soon this will be mandatory.Thanks
Kindest regards,
Tito
-
Hey, I was looking for the same thing, and it’s a few threads below yours:
https://www.ads-software.com/support/topic/3ds-2-0/
Tl;dr – the plugin update will be out before September 2019, EVEN THOUGH 3DS 2.0 has started to come into force already. This is bad enough to make us consider leaving Braintree tbh.
- This reply was modified 5 years, 7 months ago by lauramay7.
Thanks @lauramay7, that’s the correct info.
In short, we will release a new version of the plugin prior to September 2019, which supports 3DS 2.0.
I’m marking this thread resolved. In the meantime, I’ve added this topic as a sticky post as well.
—-
For internal reference: #266-gh-woocommerce-gateway-paypal-powered-by-braintree
- This reply was modified 5 years, 7 months ago by Dat Hoang.
Hey you realise that compliance has already come into force, right? September is just the final date, so all providers must be compliant before then. Ie this plugin not being updated *now* means we will all miss sales. I really think we will have to leave Braintree for this reason, and suggest others will have to do the same. We can’t miss up to five months of sales.
Hi @lauramay7,
Thanks for providing more info.
Hey you realise that compliance has already come into force, right?
To be honest, I have not noticed this yet.
This is what you mean https://www.braintreepayments.com/blog/ready-for-3d-secure-2-0/#3whatisthetimelineforimplementing3ds20 ? Some cards have started implementing this since April 01, 2019?
I am contacting with our developers and teams, then update here also.
Yes, some cards are already rolling this out as of this month. Thanks for looking into it, because it is quite worrying.
Hi all,
FYI. I’ve checked the status of implementing 3DS 2.0 as well as SCA (Strong Customer Authentication).
We’re a bit behind implementing these changes. The good news is that our development team and Paypal team are all aware of this, and we’re actively working to release a new version for these changes.
We will update here as soon as we have more update.
—–
For A12s: internal references #266-gh-woocommerce-gateway-paypal-powered-by-braintree and #p73Jol-Tr-p2
- This reply was modified 5 years, 7 months ago by Dat Hoang.
Hi,
Any news on the update? It really is a crucial issue that needed to be resolved 2 months ago.
Hi there @nextgaything
While issuing banks may be prepared, this needs to filter down to Braintree where they connect to those banks. We can’t upgrade until the Braintree SDK supports 3DS 2.0, which they are still working on –
https://developers.braintreepayments.com/guides/3d-secure/migration/javascript/v3
..Our SDKs are still under development and the implementation is subject to change…but do not release your 3D Secure 2.0 integration in production at this time.
As soon as possible after that “Availability” notices changes, we’ll get to work on it.
that needed to be resolved 2 months ago.
The Sept 2019 date is the deadline for merchants to adopt these changes so we do have time but we cannot move faster than the payment gateway allow ??
Thanks,
What Braintree has been emailing us about for the past 3-4 months is this:
“Braintree recommends that merchants integrate 3DS 2.0 into their checkout experience by April 2019 per the card brands’ guidelines. The beta version of the web SDK is now available to integrate and test in the Sandbox. It will be ready to use in production soon. Please reference our 3DS 2.0 adoption guide for more information on how to make this change.
For merchants using a third-party shopping cart provider, you’ll want to reach out to them for details on their plans to meet PSD2 SCA requirements.
When is the deadline?
Although the date of enforcement isn’t until September 2019, card issuers may begin to require that transactions meet SCA requirements any time after April 14, 2019, so being ready when the 3DS 2.0 protocol is active is an excellent proactive measure that can help you avoid unnecessary declines.”So you see how it should’ve been already done?
Another point is we need time to test with the sandbox before the deadline to be ready.
So maybe there needs to be a beta/testing release of this plugin with the support too.I’ve also contacted Braintree about their own email and the status of the SDK. Will report back once I get a reply.
The beta version of the web SDK is now available to integrate and test in the Sandbox. It will be ready to use in production soon.
With this advice, it would be great to test in Sandbox now but this is a beta version so the code may/will change and that will mean redoing our extension.
I can certainly pass this onto the engineers for discussion but this would mean having two different pieces of code between when the plugin is in Sandbox vs Live mode.
Another point is we need time to test with the sandbox before the deadline to be ready.
So maybe there needs to be a beta/testing release of this plugin with the support too.Absolutely, we are wanting to get this released in time to give store owners like yourself ample time
@nextgaything I look forward to any feedback and reply from Braintree about this communication.
Thanks,
internal: updated #266-gh-woocommerce-gateway-paypal-powered-by-braintree
Hi,
Got back from Braintree:
“In our original attached communication, we were attempting to be proactive in notifying merchants about upcoming PSD2 deadlines, but the dates were not meant to represent the release dates of Braintree’s production SDKs. I understand how our messaging could have been easily misinterpreted.
Generally speaking, Braintree has released updated JavaScript, iOS, and Android SDKs that are able to support 3DS 1.0 and 2.0 calls in beta, so developers can begin integrating and testing in the sandbox environment now. The production SDK, however, is not yet completed. Still, we encourage developers to begin testing in the sandbox environment as soon as they can so 3DS 2.0 can be implemented as soon as Braintree’s new production SDK is released.
Regarding the deadlines you mentioned, the April deadline is for issuing banks by the card brands (e.g. Visa, Mastercard, etc.) to support 3DS 2.0 messaging. This means that if an EU issuer does not support 3DS 2.0 and a merchant submits a 2.0 message, the card-brand will stand-in and provide a no-challenge authentication which grants the merchant a liability shift. This largely affects issuing banks but should not have a significant impact on your declines as a merchant.
The September deadline, however, is when the PSD2 regulations for issuing banks to enforce Strong Customer Authentication take effect. When this happens, there is a much higher chance that any given issuing bank will issue a soft decline when 3DS information is not present on the transaction. This deadline will likely have a larger impact on merchants.
To be clear, while I don’t have a specific date available, I can confirm that Braintree’s 3DS 2.0 production SDKs will be released in advance of the September deadline. That way your plugin’s team of developers will be able to implement it well before it affects your processing in any way. We will of course send notification to merchants and update our blog as soon as we have more information about a go-live date.”
So not sure what to do.
Hey @nextgaything
Thanks for passing that back.
Hi again,
We do appreciate everyone’s patience with this.
We are collaborating with our partners at Braintree to better understand timing and implement as quickly as we can once their product and subsequent documentation is released.
The bottom line is that as soon as we can release a full update to the Braintree plugin to complete work with the SCA/PSD2 updates, we will.
Thanks,
- The topic ‘Compliance to 3DS 2.0’ is closed to new replies.