It’s up to the merchants to opt-out, although I think there is an EU directive that will make this crap mandatory across all banks & merchants sometimes in 2019.
Just used 3D Secure on Android to purchase tickets online for Yorkshire Wildlife Park. Was given the choice of in app authenticating or sms. In app authentication using fingerprint worked completely fine.
Much better than messing about with passwords.
Had a couple of issues today but hopefully they are just flukes.
I paid money into my Amex, and was taken to the Monzo app to confirm payment but it was authorised without me even tapping to authorise.
I was sent to Monzo, authorised, then back to the app and the app wasn’t coming up as paid. I pressed the “I’ve already authorised this” button and it just said “You have not authorised this”. I used SMS in the meantime and it worked.
Incidentally what is the point of the “I have already authorised this” when it does nothing when pressed other than to say “You’re wrong”? Surely it should have a link or suggestion of going to the in-app help or something? Otherwise it’s a fairly useless button.
what is the point of the “I have already authorised this” when it does nothing when pressed other than to say “You’re wrong”?
I believe it’s a fallback for when the automatic authorisation detection does not work/is not supported by the browser. In this case, it re-checked and confirmed that you haven’t authorised it (maybe your authorisation didn’t work thanks to the awful state the iOS app is currently in?).
Sure, so perhaps it would make more sense if I’m pressing that, believing it has been authorised, to direct me to some sort of help rather than just being insistent I hadn’t authorised? Even “Check your app for authorisation” would be better than “You haven’t”
I agree though, there should be a nicer error…
It was with the Amex app so it normally worked. I actually had authorised it in the app but it didn’t think I had, so I had to do it via SMS.
This is correct and I agree, I’ll work on the error messages tomorrow as they need to be moved between two files anyway.
Used it for the first time today. Wasn’t expecting it. Faultless and no inconvenience caused - exactly how it should be!
I used it Saturday at Wahaca and it worked fine
Continuing the discussion from Labs Feedback: 3DS :
I just came across the perfect experience for this feature (In my view) which was using the “Duo Mobile” app a 2FA app required by one of our software vendors. This app showed me a notification, I force-clicked much like the Microsoft Authenticator was prompted for my Biometric (fingerprint) and the notification went away, the login was approved.
Monzo - maybe not possible for first release but this experience was excellent and would be an ideal, secure and slick experience.
Has anybody had any issues when paying Amex?
I tried to clear my balance recently (starting the process in the Amex app). It then prompted me to use the Monzo app to authenticate, but twice the payment didn’t go through. I then selected the option to have an SMS code sent, and entering that allowed the payment to proceed.
That was one of my issues above, both with the Amex app.
My AMEX authentication went straight to SMS - Didn’t give me the option to use the Monzo App (which would have failed anyway).
I’ve just added a few more entries for American Express that were found to the SMS default list.
(To explain, it looks like American Express use a few different merchant accounts. For example,
American Express and
American Express Services.)
I tried using this today and it didn’t work using my finger print so I had to use SMS instead.
Has Amex been moved to completely SMS only now?
I believe so - I think they’ve tried to do this for the ones which can cause issues when leaving the app to authorise (credit card apps seem to be a big one here).
Unless I misread it of course.
I was bigging Monzo up at work and was showing how impressive the 3D secure was with a ‘live demonstration’ as I was using my card to top up my lunch pass.
However one of my colleagues made a fair point and I don’t know the answer to. If I was using my card and I didn’t have my phone on me, how would I get around the 3D secure part?
Agreed - this is how it should work!