On the 14th of March 2022, the long-awaited introduction of additional security for online transactions came into commonplace for all website and app originated transactions. This is part of the Strong Customer Authentication and 3D Secure standards.
Donorfy has been SCA and 3D Secure compliant (and ready) since 2019. All Donorfy Forms, Campaign Donation Pages and Web Widgets use Stripe’s payment elements and 3D Secure process to fulfil the transaction. The payment process is contained within Stripe’s environment and not within Donorfy which also ensures PCI compliance.
You may have been increasingly been acquainted with requests to insert a 6 digit code via text or email or asked to confirm payment in your online banking app when shopping online - this is 3D Secure.
When a customer inserts the code or verifies it in the banking app, this reduces the financial risk of that transaction to your card provider and you. When the code is correct or the app authorises the transaction it passes the challenge and then completes the remainder of the payment process. When the code is entered incorrectly the transaction fails and an error message will be displayed.
All payments are subject to this process, however low risk or exempted transactions will, in most cases, be automatically passed with every 6th transaction made by a single card online subjected to the code request. For higher-risk transactions, these will automatically be subjected to a code request.
As the full implementation of SCA is relatively new, this may result in a higher amount of failed transactions as cardholders get used to the process. There are some things that both yourself and cardholders can do to help with reducing the amount of failed transactions.
Ensuring that contact details are up to date, push notifications for mobile banking apps are switched on and the card has not got any restrictions in their online banking or banking app such as a card freeze or not allowed to transact online
Your Online Forms and Web Widgets
- Add a paragraph about 3DSecure transactions now being enforced for online transactions and if a payment is rejected to try another card or payment option.
- Add address, email and phone number options on your form - this detail is passed to Stripe to help verify the transaction. The more detail provided helps to reduce the risk.
- Add additional payment options such as Apple pay, Google and Microsoft Pay and PayPal - these already require two-step authentication as part of their payment processes and so reduce the likelihood of a failed transaction. (Donorfy Forms Only)
- Monitor transactions in your Stripe account - where there has been a failed transaction reach out to the customer and offer alternative payment such as in the Stripe terminal (MOTO Payment) and enter the transaction into donorfy manually. MOTO payments are exempt from SCA.
Chat to support and stay up to date
If you are seeing continued issues with failing payments, raise a support request with Stripe initially (Stripe's support website) and also let the Donorfy team know via a support ticket.
Follow Stripe on Twitter - @StripeStatus or via their Stripe Status webpage here you find out about regional and global incidents.