Labs Feedback: 3DS 🔓


(Alex Sherwood) #212

It’s when you make a purchase that you have to use 3DS. They just do an active card check when you add your card. I’ve just tried it (minimum bitcoin purchase is £2 :money_with_wings:) & it worked like a charm :smile:


#213

I think it still would be good to have some back up option if your phone isn’t around or dead to authenticate 3D secure.


(🤦‍♂️ abofm.club 🤦‍♂️) #214

Excellent, works a treat. Really smooth way of doing it. None of this password crap. I always had to reset my password, which kind of defeated the point as all the reset info was stuff you’d have from stealing a wallet.


(Eve) #215

Barclays is notoriously awful for foreigners especially, thankfully my university switched away from them to Santander (my cousin was still stuck using them with his university). Their international student account constantly flags international payments as fraud despite, y’know, that being the whole point of the account in the first place.


(Alex Sherwood) #217

Soon PSD2 will require Monzo to authenticate users based on either biometrics or a second device so your options are pretty limited there..


(Richard) #225

Hmmm… just tried this on the national lottery site… whilst it asked for me to verify in the app… I didn’t get a notification?


#226

To be fair often regulators aren’t often great at knowing what they should be doing


(Alex Sherwood) #227

It sounds like you & @anon44204028 should go & convince them that they’re wrong then, good luck.


#228

Never said they were wrong, just said often they don’t get things right. I personally don’t see the issue with this that Mirow does because it personally wouldn’t impact me, i’ve always got an internet connection of some sort


(Caspar Aremi) #229

That’s where I tested it at 630am and it worked okay for me. Did anything come up in the app when you opened it? And did the bits on the site come up from Monzo showing what you needed to do?


(Richard) #230

Yeah, came up like that for me, only thing I was expecting was an iOS notification (similar to Active card check/transaction notification).

Had to go into the app to see the prompt to approve.


#231

PSD2 can be skipped for up to 5 low value transactions or if the provider calculates a very low fraud risk. Even then, it doesn’t have to be a mobile, just something you own/in your possession, so one could link their laptop/phone/watch/etc. in theory.


(Alex Sherwood) #232

Where did you read that?


(system) #233

This topic is temporarily closed for 4 hours due to a large number of community flags.


(Richard Cook) #234

Hey all,

As you can see, this topic was automatically locked because of the number of flags. I’ll re-open it now, but with a reminder to please stay on-topic. We want this thread to be a really useful place for us to get great feedback from you on 3DS. Thanks!

I’ve removed some of the off-topic posts now.


(Richard Cook) #235

#236

https://www.jpmorgan.com/europe/merchant-services/strong-customer-authentication


(Alex Sherwood) #238

Thanks so correct me if I’m wrong but my interpretation of this:

Under PSD2 there are clear rules regarding the challenging of payments. Transactions that are under €30 will not need to be challenged, it is entirely up to the discretion of the merchant. For transactions above €30, a new procedure kicks in, one that depends on the reference fraud rates of the acquiring bank and the issuer – not the merchant.

Under PSD2, if the fraud rate is below 13 basis points (bps) there’s no requirement for a challenge for transactions of up to €100. But if the fraud rate is below 6bps that ceiling rises to €250. For those with a rate of under 1bps a transaction can be as high as €500 before there’s a need for a challenge.

There are a couple of caveats to this approach.

  • Not all low-value transactions will go unchallenged: every fifth transaction (below €30) will need to be challenged. This will also apply if the combined value of several unchallenged transactions goes above €100. This could present some difficulty for merchants who will have to deal with customers’ expectations of a frictionless process.

is that if the merchant chooses not to challenge the payment 3DS won’t be initiated. Or in other words, that’s not really relevant as we’re only discussing how 3DS authentication should be managed.


(jan) #239

Today purchased small item online and 3D Secure came up and it was simple worked swiftly and correctly. Well done


#240

I was trying to suggest a way of improving the current system and make money work for everyone (even people who are between phones) - which is what Monzo aim to do.