eCommerce Payments

Encoded integrates contact centre and eCommerce transactions with a 3D secure payment solution. Users enter their card details in a secure web form and provide a secret password before the transaction is processed. It also offers the opportunity to store details securely, for recurring payments.

3D Secure (3-domain structure), also known as a payer authentication, is a security protocol that helps to prevent fraud in online credit and debit card transactions. This additional security was initiated and created by Visa and MasterCard and is branded as ‘Verified by Visa’ and ‘MasterCard SecureCode’ respectively.

The payer authentication is a three-part process, with three parties involved in the process: the card issuer (such as Visa or MasterCard), the acquirer (merchant bank), and the payment service provider (PSP).

Users enter their card details in a secure web form and provide a secret password before the transaction is processed. It is essential for online payments and required by law for organisations accepting payments online.

With 3D Secure enabled on a merchant’s website, the customer uses the card that is enrolled in the 3D Secure program, with the following process:

1. The customer enters their credit or debit card information on the Encoded payment form.
2. The customer sees the 3D Secure page and needs to authenticate themselves to the issuing bank by entering the password or a one-time PIN.
3. Encoded (the PSP/Payment Services Provider) carries out fraud detection and checks the card and transaction data prior to sending it through to the payment gateway for distribution to the correct acquiring (merchant bank).
4. The merchant’s bank then requests a code from the card-issuing bank to authorise the transaction.
5. The authorisation code is passed back to the merchant’s bank, via the payment gateway and then via Encoded (PSP) back to the merchant.
6. The merchant releases the goods or services if successful.
7. The customer sees the response about whether the transaction is successful or failed.

Using Encoded eCommerce payments provides merchants with the following benefits:

• Providing customers with alternative ways to pay such as online can help to avoid peaks and troughs in call volumes.
• Working with a PCI DSS compliant payments services provider like Encoded saves time and money on lengthy card scheme compliance testing.
• Using Encoded eCommerce payments with other solutions helps build on existing investment and increase customer service opportunities.
• Help protect against customer chargebacks.

3D Secure provides an additional layer of protection provided by the card issuer. In fact, if a fraudulent transaction becomes authenticated through 3D Secure, is likely that liability will shift to the acquirer, not the merchant. Merchants are protected against misleading chargebacks since the liability is transferred.

Encoded is Level 1 PCI DSS certified and with eCommerce payments, everything is fully automated and confidential with data being stored within Encoded’s secure cloud infrastructure. This makes using Web payments an easy way to de-scope the contact centre from PCI compliance and achieve PCI DSS SAQ-A.

Mobile apps are popular for customer transactions. Encoded’s mobile payment service solution is designed to work with other Encoded payment solutions and can be integrated into any existing app, using our service API, iframe or by commissioning us to write a new app in its entirety.

All Encoded’s payment services work cooperatively. Sharing stored card details between solutions enables card holders to use the service of their choice without having to re-enter card data.

The European Payment Services Directive (PSD) is designed to harmonise the way payment institutions in Europe work to the same payment standards. The original PSD was updated to become PSD2, to create a new standard for payments and allow non-banking organisations to enter the payment industry. This allows new competitors into the industry. Part of PSD2 is Strong Customer Authentication (SCA) for eCommerce/online payments to ensure the person making an eCommerce payment is who they say they are.

Strong Customer Authentication (SCA,) or Multi-factor Authentication, is a requirement of the UK’s Financial Regulator, the Financial Conduct Authority (FCA) for organisations taking payments to ensure the person making the payment is who they say they are. SCA means that at least two of the following checks are required for a payment to be made, something known ie a password, a physical device ie a keyfob or phone, or biometric verification such as voice or fingerprint with unique characteristics. With eCommerce payments the main implementation of SCA is 3D Secure 2.0.