1. Home
  2. Software updates and news
  3. Payment gateway upgrades: PSD2 and SCA

Payment gateway upgrades: PSD2 and SCA

This page was last updated on 21 August 2019. When we have more information we will publish it here.

This page is only relevant if you use our fundraising functionality.

As part of a new EU directive known as PSD2 (Payment Services Directive Two), donation gateways in Europe are now required to increase the security of payments that they receive from supporters, via a process called SCA (Strong Customer Authentication).

The initial deadline for complying with the new SCA requirements was 14 September 2019. However, the European Commission has granted the UK an additional 18 months implementation period whereby banks will not be required to fully comply with SCA until March 2021. Other European countries may likewise receive extended deadlines too, but this is uncertain.

What is SCA?

You have probably already seen an online payments process in which you are redirected to a message from your bank, prompting you to enter a password. This process is known as “3D Secure,” and may already be implemented on your gateway(s). 

Under the SCA rules, the user is not redirected to a screen (except for the RSM payment gateway, which will redirect instead). Instead, a pop-up message is displayed if the bank decides that they require more credentials, asking the end user to type in a password or a code that the user received via text message. This new authentication method is now being referred to as “3D Secure 2.”

What we are doing: Gateway upgrades

The Engaging Networks team are working with all of the gateways that we support, and which process payments in Europe, to upgrade our software connections to support the PSD2 directive.

By the time of our next software release — several weeks from now — the following gateways will support 3D Secure 2:

Payflow 
Paypal Pro 
Paysafe 
RSM 
Stripe 

What about Worldpay and iATS and Pay via Paypal?

Worldpay

As 3D Secure (1) is already supported in our current setup with Wordpay — and because of the recent postponement of the 3D Secure 2 deadline, we have chosen to tackle Worldpay’s 3D Secure 2 upgrade in a future software release.

iATS

We are still awaiting technical implementation requirements from iATS, and at this time no solution for 3D Secure 2 has been offered. In order to meet the SCA requirement, we will update our integration with iATS to support 3D Secure 1, until iATS provides a solution to enable technology providers to integrate 3D Secure 2 with the APIs provided by iATS.

Pay via Paypal

You do not need to use PSD2 with Pay via Paypal, where it redirects to the Paypal logon screen, so no changes are needed.

What you need to do

In the UK, SCA compliance will not be required for 18 months, and it is likely that other European countries will follow a similar implementation period, too. However, we recommend implementing this new technology sooner, to provide additional security for your online donations, and to help deter or thwart fraud attacks. Therefore, keep an eye out for emails from us and from your payment gateway, providing more information on upgrades and what you can do to set up 3D Secure 2 and then test it to make sure it works.

A final note on testing 

We strongly advise that you set up a “test version” of your donation pages, with test gateway credentials assigned to these pages. Only after thorough testing should you make these pages “live” with the payment gateway enabled. 

Your supporters’ interaction with 3D Secure 2 will take place primarily on your fundraising pages, using Javascript to trigger a “popup layer” for the additional authentication steps. You should therefore fully test how it will work on your own donation templates, given that many of you have added customised code to your donation pages, so initially you may see issues with adding the 3D Secure 2 pop up layer. 

If you have any questions, please don’t hesitate to contact Support, and keep an eye out for more updates from us in the near future.

Updated on August 21, 2019

Was this article helpful?

Need Support?
Can’t find the answer you’re looking for? Don’t worry we’re here to help!
Contact Support