Recently I had a chargeback initiated by a customer. PayPal strongly recommends the use of 3D secure to minimise fraud. They recommend using Cardinal Commerce as a solution. I looked it up and it seems that this is a solution that should be implemented by the shopping cart software. Other ecommerce solutions have implemented this feature in their solutions (such as bluepark) and I was wondering if e-junkies is planning to implement this.
PayPal has made 3d Secure a requirement for Maestro payments with PayPal Payment pro and from what I hear from the PayPal people they are strongly planning to push for 3D secure. After all they are losing money in chargebacks and they want to minimise it. I would not be surprised if they make this a requirement in the future. So I guess, this feature needs to be implemented one way or another.
The following is what they sent as an intro to 3D secure.
3-D Secure is the authentication protocol used by Verified by Visa and
The goal of 3-D-Secure is to authenticate the consumer by the entry and
verification of a designated password or PIN prior to the completion of
an internet purchase. The 3-D Secure step slots into the payment process
before the merchant sends the normal financial authorization request to
their acquirer. The 3-D Secure protocol uses dedicated messages that
flow over the internet between the merchant, card scheme, and issuer,
outside of the network used for the financial authorization and clearing
In summary, the authentication process is carried out in the following
1. The cardholder enrolls for the Verified by Visa or MasterCard
SecureCode service at their issuing bank and chooses their Personal
Assurance Message and authentication password or PIN. The cardholder
then shops for goods and enters their payment details into the merchant
checkout page as normal.
2. The merchant 3-D Secure software interacts with the card scheme
and issuer to determine whether the cardholder is enrolled for 3-D
Secure. If the cardholder is enrolled for the service, the merchant
seeks authentication of the cardholder by their issuing bank.
3. The cardholder is shown the details of their transaction and
enters their PIN. The entry of the PIN is used both to authenticate the
consumer and to confirm that the consumer approves the completion of the
transaction. The consumer's issuing bank validates the PIN.
4. The issuer responds to the merchant to indicate whether the
cardholder is authentic, and if authentic, provides an authentication
code to the merchant.