Card payment
Customer enters the card number, card validity and verification code, and confirm the request to make the payment by pressing the “Pay” button.
3D Secure payment
In the case of cards issued by Mastercard, Visa, Diners Club and American Express associations, the payment is under way with 3D Secure defined by card associations under the name Mastercard Identity Check, Visa Secure, Discover ProtectBuy and American Express SafeKey. 3D Secure standard guarantees particularly authentication of a cardholder by a card issuer in the course of payment and provides all the parties (cardholder, card issuer, e-commerce merchant, acquirer bank) with incomparably higher guarantees compared to non-authenticated SSL payments (see Picture No. 2).
Pic. 2: 3D Secure payment
The merchant can allow a customer to carry out a 3D Secure card payment without a redirection to the issuing bank (issuer) and without strong customer authentication provided that the merchant implements and uses the extended parameter of ADDINFO (see the up-to-date version of the document "GP webpay API HTTP – Technical Specification"), in which they provide information required for the Transaction Risk Analysis (TRA) of the given payment.
Providing that, based on a previous agreement between the acquirer and the merchant, the TRA exemption from the strong customer authentication is applied by the acquirer with whom the merchant has concluded an agreement on payment cards acceptance on the Internet, the responsibility for chargebacks is not transferred to the issuer and potential damages are the responsibility of the acquirer, who can transfer this duty to the merchant.
Providing that the TRA exemption from the strong customer authentication is applied by the issuer, the responsibility for chargebacks is transferred to the issuer, who is responsible for potential damages (status quo).