• Developers
  • Reporting
  • Disputes
  • Contact us
  • Log in

Main Navigation

  • Account

      Account

        • Customer docs & pricing

          Find important documents such as our Terms of Service and Merchant Operating Instructions, as well as more information on things like Stored Credential Transactions and the Account Updater Service

        • Compliance & security

          For more information on Strong Customer Authentication, PCI Compliance, and fraud prevention best practices

        • Stationery ordering

          Order your tally rolls, card scheme logo stickers, and more

        • FAQs

          Our FAQs can help you with queries including pricing changes, cleaning and restarting your terminals, and Multi-Factor Authentication

  • Products

      Products

        • POS help
        • Ecommerce help
        • Bank Payment
  • Insights
  • Trending Articles
Sign up
Search

Main Navigation

  • Account
      Account

      Account

    • Customer docs & pricing
    • Compliance & security
    • Stationery ordering
    • FAQs
  • Products
      Products

      Products

    • POS help
    • Ecommerce help
    • Bank Payment
  • Insights
  • Trending Articles
    • Developers
    • Reporting
    • Disputes
    • Contact us
    • Log in
    Sign up /en-gb/sitecore/content/gpn/corporate/corporate/home/modals/signup-homepage

Sidebar Navigation

  • Account -
    • FAQs +
      • Pricing frequently asked questions +
      • PCI Frequently asked questions +
      • Best practice for cleaning your POS device(s) +
      • Terminal restart guide +
      • CNP FAQs - resubmitting declined transactions +
      • Multi-Factor Authentication for Global Payments Ecommerce Portal +
      • Ecommerce FAQs +
      • Bank Payment FAQs +
      • Your invoice explained +
      • How do I make a complaint +
    • Customer Docs & Pricing +
      • Terms of Service +
      • Merchant Operating Instructions +
      • Interchange fee update +
      • Recovered card form +
      • Mastercard and Visa Interchange rates +
      • Merchant Data Processing Notice +
      • Enhanced Authorisation Data Service merchant implementation guide +
      • Stored Credential Guide +
      • SCT Technical Implementation Guide +
      • SCT Decision Tree +
      • Account Updater Service +
      • Account Updater migration to UK Ensurebill +
    • Compliance & Security -
      • Ecommerce fraud management +
      • Know the risks +
      • Online Card Not Present Best Practices +
      • Fraud Hints and Tips Guide +
      • Reducing Risk of Fraud Guide +
      • Guide to Patching +
      • Know the risks +
      • What To Do If You're Compromised +
      • PCI Frequently asked questions +
      • SCA -
        • One-off payments without saving card details
        • One-click payments without saving card details
        • Card saved for recurring, automatic payments
        • Payment over the phone (MO/TO)
        • What Do I Need to Do to Be SCA Compliant?
        • PSD2 and SCA Technical Information Guide
        • Strong Customer Authentication Decision Tree
        • How to use the Strong Customer Authentication (SCA) Authentication Outage Indicator
    • Stationery ordering +
    • How do I understand my invoice? +
  • Products +
    • Point of Sale Help +
      • Quick Start Guide Miura M10 Device +
      • Quickstart Guide Miura M20 Device +
    • Ecommerce Help +
      • Transaction management +
      • Customer management +
      • Fraud Management +
      • Resetting your password +
      • Virtual Terminal +
      • Ecommerce portal navigation +
      • User Management +
      • Transaction reporting +
      • Ecommerce FAQs +
    • Bank Payment +
      • Bank Payment FAQs +
      • Bank Payment sales sheet +
  1. Home
  2. Account
  3. Compliance & Security
  4. SCA
  5. One-off payments without saving card details
Last updated 01/25/2023
2 Min Read Time

One-off payments without saving card details

Customers are charged while they’re on-session, without saving card details for future payments. One-off payments are made by customers who do not wish/need save card details or register. For example: Payments for goods and services.


What is Best Practice for SCA for me?

The purpose of SCA is to ensure that only the legitimate cardholder can make payments. The approach to achieving this follows two principals:

  1. Collecting good quality information to establish that the Cardholder is the person making the payment.
  2. Using Strong Authentication (e.g. 2 Factor Authentication) where necessary to verify the cardholder.

As such, best practice for you means using 3DS2 to give the Issuer of the card good quality information and facilitating the challenge for 2 factor authentication when requested.

In the case of ECOM payments, our advice is to use 3DS2, a fully SCA compliant authentication tool, for every transaction. By doing so, you give the Issuer the maximum amount of information possible. The Issuer then can decide to approve the transaction (frictionless) or to challenge the cardholder with SCA, for example a One Time Password sent by SMS to their phone.

Where authentication via 3DS2 is not available, we recommend using 3DS1.


Can I use Exemptions, to avoid challenging my customer?

For a transaction meeting certain criteria, for example a low value transaction, there are two potential ways an exemption may be applied.

  1. An Issuer, based on the good quality information you supply, and exemption criteria being met (in this example the low value), may apply an Issuer exemption and allow the transaction to flow through without a challenge (frictionless).
  2. Your Acquirer, based on a request by you, may request an exemption (in this case the low value exemption) to bypass SCA. If the Issuer accepts the request for the Acquirer exemption, there will be no challenge to the cardholder (frictionless). If the Issuer declines, the transaction will have to be processed again using 3DS2.

  3. Which solution do you use?

    If you need help identifying your integration type please contact us.

  • HPP

  • API

I take payments online via our website, which is integrated to GP ecom via HPP, what do I need to do?

Make a change to your HPP integration to ensure all of your transactions are processed with SCA.The purpose of these changes is to supply the Issuer with all the information they may need in order to verify the cardholder. HPP will automatically facilitate a challenge to the cardholder if required.HPP 3DS2 documentation is available here: 3D Secure - Version 2 (SCA)

HPP can support both 3DS2 and 3DS1 simultaneously and should 3DS2 be unavailable, HPP will dynamically route transactions through 3DS1, vastly reducing the complexity of implementing this service.

 

 

I take payments online via our website, which is integrated to GP ecom via API, what do I need to do?

Integrate into our new 3DS2 service to ensure all of your transactions are processed with SCA. The purpose of 3DS2 is to supply the Issuer with all the information they may need in order to verify the cardholder, and facilitate a challenge to the cardholder if required.

API 3DS2 documentation is available here. Where 3DS2 is unavailable 3DS1 should be used. The API 3DS1 documentation is available here.

 


What should I expect from 14 March 2022?

Where ECOM transactions are processed without 3DS there is likely to be an increased decline rate.
We are advising our merchants using 3DS2 to expect an increase in challenges to their customers (when compared to 3DS1) for a time as the new services are rolled out. Over time, we believe that the Issuers should gradually reduce the number of challenges to customers, making the process more seamless.


Who is Liable in the event of a dispute?

Liability for fraud related chargebacks, passes to the card Issuer when an SCA challenge occurs.
Where the Issuer decides to approve the transaction either frictionlessly with an Issuer exemption, or with a challenge, the Issuer is accepting liability. This means any fraud related chargebacks should not be billed to you.


What if I requested an Exemption?

If a transaction is processed frictionlessly following a request by you for an Acquirer exemption to 3DS2, you should note that you are accepting liability for the transaction. This means any fraud related chargebacks which occur on exempt transactions will likely be billed to you.


  • Account
  • Products
  • Customer Docs & Pricing
  • Compliance & Security
  • Industry news
  • Trending articles
  • Notices and Policies
  • Sitemap

Already a customer?

Log in

Connect

  • LinkedIn
  • Twitter
  • Facebook
  • YouTube
{D6036E8F-C9A1-420D-AEC3-5680EC9FBE35}
 

Global Payments is a trading name of GPUK LLP. GPUK LLP is authorised by the Financial Conduct Authority under the Payment Services Regulations 2017 (504290) for the provision of payment services and under the Consumer Credit Act (714439) for the undertaking of terminal rental agreements. GPUK LLP is a limited liability partnership registered in England with company number OC337146. Registered Office: Granite House, Granite Way, Syston, Leicester, LE7 1PL. The members are Global Payments U.K. Limited and Global Payments U.K. 2 Limited. Service of any documents relating to the business will be effective if served at the Registered Office.

Global Payments is also a trading name of Pay and Shop Limited. Pay and Shop Limited is a limited company registered in Ireland with company number 324929. Registered Office: The Observatory, 7-11 Sir John Rogerson's Quay, Dublin 2, Ireland. Service of any documents relating to the business will be effective if served at the Registered Office.

© 2023 GPUK LLP. All rights reserved. Privacy Statement | Terms of Use  | Ethics Reporting Hotline | Gender Pay Report  | Anti Slavery Statement