PSD2 Strong authentication with 3D Secure 2

Updated: 09 April 2024

Financial Conduct Authority UK – Strong Customer Authentication.

Glossary

Access Control Server (ACS)
A service either hosted or related to the Issuing bank. Responsible for issuing challenge URLs and generating device fingerprints.

ASPSP
Account servicing payment service provider.

Cardinal Centinel
A 3D Secure MPI provider.

CVV or CCV
Credit card security code.

ECI
eCommerce indicator.

EBA
European Banking Authority

EEA
European Economic Area

EMV payment method
https://en.wikipedia.org/wiki/EMV

Merchant account
A merchant account is a type of bank account that allows businesses to accept payments by debit or credit cards. When a customer pays for your product or service with a card, the funds are first deposited into a merchant account before being transferred to a business bank account.

MOTO Transactions
Mail Order Telephone Order.

MPI
Merchant plug-in https://en.wikipedia.org/wiki/Merchant_plug-in

Payment method
PayPal (aka “PayPal Business”), AmazonPay, ApplePay, Credit Card, Debit Card.

Payment Method Nonce
One time reference to a payment method stored in a Vault. Possibly has an expiration time.

Payment Method Token
Tokenised Credit Card data and device fingerprint. References a payment method stored in a Vault. This token can be used to create transactions without the PCI compliance burden that comes with handling unencrypted data.

SCA
Strong Customer Authentication. Banks will decline payments that require SCA but have not gone through authentication.

Leave a comment