info@3dsecurempi.com
+44.(0).870.490.8278

Important Updates from MasterCard for September 2021

Posted On: Friday, September 3rd, 2021

MasterCard Identity Check Updates. 3DS1 Attempts server to be decommissioned on October 5th, 2021. 

A number of important changes are announced by MasterCard for the MasterCard Identity Check Program. Below is an abstract covering topics of interest to merchants.

  • UPDATE: SPA1 for EMV 3DS will be retired on September 30, 2021, not October 15 as previously communicated.
  • REMINDER: A reminder that on Sept. 30, 2021 ACSs/3DS Servers must support the enhanced Transaction Status Reason processing logic as introduced in AN 4805. This enhancement also introduces a new Directory Server-specific transStatusReason value of 83 – ‘DS dropped reason code received from DS’, as well as a new Directory Server-specific authenticationType value of 83 – ‘DS altered transaction status’ (the addition of the new authenticationType value will be published in an upcoming update expected Sept. 7, 2021.)
  • REMINDER:  Per the Identity Check Program Guide, requirement 149, ACS operators must challenge a request to add a Card-on-File (COF) regardless if it is requested using a non-payment or payment transaction.  There are further details in the Program Guide with respect to specific data elements and values in the AReq that indicate this type of transaction.
  • REMINDER: As per security standards, Mastercard is planning to Introduce Application Security Manager ( ASM ) Policy in both our 3DS1 and 3DS2 Mastercard Networks. In preparation to this all the Merchants (MPIs/ 3DSS) using cookie attributes that are following prior (pre-2011)  grammar are advised to adhere/reference to RFC 6265 standards for cookie handling grammar and behavior. All customers must adhere to RFC 6265 and make any code changes by the end of  September 2021.
  • REMINDER: On September 14, 2021, Mastercard will add UK/Gibraltar to the list of countries where Smart Authentication Stand-in will no longer fully authenticate Intra-EEA/UK/Gibraltar transactions above EUR 30. All Intra-EEA/UK/Gibraltar transactions above EUR 30 will receive a Attempts authentication response.
  • REMINDER: On September 14, 2021, Issuers in UK/Gibraltar may be automatically enrolled into Smart Authentication Direct for Acquirer Exemption service if they step-up more than 10 percent of their authentication requests featuring acquirer exemptions or Strong Consumer Authentication (SCA) flags.  
  • IMPORTANT UPCOMING DATES:
    • SPA1 for EMV 3DS will be retired on September 30, 2021.
    • 3DS1 Attempts server to be decommissioned on October 5th, 2021.  

Full support for major card brands and banks

Making eCommerce Safe

Be in the know

Industry news, events and major releases.

Let’s meet at Money2020
Posted on: Friday 31st May, 2024

Let's talk payments in Amsterdam!

See you at Seamless Middle East 2024, Dubai World Trade Centre
Posted on: Thursday 9th May, 2024

Endeavour 3DSecure - Authentication done right!

Meet us at MRC in Barcelona
Posted on: Wednesday 17th April, 2024

Endeavour 3DSecure and Tokenization, your trusted companion in payments.

Here to help

Questions? We've got answers.

Kindly note that we do not support cardholders wanting to activate 3D Secure on their card. Please contact your bank directly using the phone number provided on the back of your card.