MasterCard SecureCode / 3D Secure


(Chris Lavender) #30

Working for a legacy bank (who shall remain nameless), I’ve dealt with many an issue from customers regarding 3D secure / MasterCard securecode / Verified by Visa.

Firstly asking for random characters: this is a security measure to prevent people giving away the entire password to a fraudulent website, or if some malicious key logging software has been downloaded. The weakest part of any security measure is its user.

Secondly, it’s not just checking the password. There’s also check being made on the postcode of the billing address, the MAC and IP address of the device you’re using. This benefits customers by being an invisible security layer, that you barely notice if you’re using a “trusted device”.

I’m all for 3D secure and hope it is integrated sooner, rather than later, as I begin to use my card more and more online. Ever increasing my exposure to some bad actors or middlemen who will use my card info fraudulently.


#31

I used to work for a payment gateway and understand the development work involved to integrate the 3DSecure API into the transaction flow.

I am using the CA Alpha for my day to day use, but not having 3DS enabled on the issued card is the only thing stopping me from fully migrating over all my usage without using other banks / cards.

To be fair most sites I do not have a problem transacting. But obviously when paying at a merchant such as Coinbase (that requires 3DS enrolled as mandatory on the issued card). As mentioned by another user who uses coinbase, it currently fails.

Looking forward for when the 3DSecure implementation is complete, but so far loving the CA account and the general Monzo experience / vibe. Keep up the good work.


(Paul Buckley) #32

Hello

I’ve searched for older posts and can see historical info that when the current account was launched it would accommodate 3DSecure. I’ve just had tried to put a transaction through Coinbase and this failed due to the lack of 3DSecure.

Is this feature coming soon ?


(Heather) #33

I thought this was coming with the launch of the CA too. :persevere:


(Brexit Day Is Gonna Be Shamayzing.) #34

3D Secure does work as I just did a DBS check and that went through fine.


(MikeF) #35


This was the last thread on this topic. @Simonb said (in the last post) that it was being worked on but it wasn’t promised for CA launch.


(Paul Buckley) #36

Thanks for the swift response all.


#37

I had this response from @simonb few weeks ago;


(Hugh) #38

Definitely does not. Hence the whole CrossCountry website issues


(Brexit Day Is Gonna Be Shamayzing.) #39

Well it came up 3Dsecure for a few seconds on this

https://www.mygov.scot/basic-disclosure/

and payment was taken


(Hugh) #40


(Brexit Day Is Gonna Be Shamayzing.) #41

http://www.audit-scotland.gov.uk/docs/local/2008/fa_0708_scottish_borders.pdf

image


(Hugh) #42

Well we can’t both be right :stuck_out_tongue:

Either they allow fallback from 3DS, or their implementation doesn’t work OR Monzo have 3DS working


(Brexit Day Is Gonna Be Shamayzing.) #43

It may have been a fallback but it wasn’t on the screen that long and I did’t think to take note but it defo said 3DS…

Would Monzo they be able to tell internally how it was processed you reckon?


(Hugh) #44

Yeah, XC it hangs for a good 30 seconds before failing

I would have thought so?


(Brexit Day Is Gonna Be Shamayzing.) #45

This was on the screen for all of 3 seconds

I will ask


(Brexit Day Is Gonna Be Shamayzing.) #46

Must have been a fallback


(Rika Raybould) #47

Sometimes, you’ll get redirected to a 3DS page but it’ll then fail out when it tries to contact the card issuer. What happens after that will depend on the merchant and their systems/policies. :slightly_smiling_face:


(Simon B) #48

We definitely haven’t shipped SecureCode yet so the merchant Danny mentioned must have fallback.

Just spoke to our wonderful payments team and realistically it’s looking like Q1 2018 for the ETA on this. It’s not just a case of building it, but also waiting for Mastercard to complete their own testing and certification process once we’ve built it.


(Brexit Day Is Gonna Be Shamayzing.) #49

@simonb like I said to Milo, I blame the website