If you are using a Peach plugin (Shopify, WooCommerce and/or Wix) please ignore this notification.

If you have a custom integration using our Copy and Pay, and/or server-to-server, and/or our Mobile SDK API please implement the Payments Association of South Africa (PASA) mandated changes outlined below.

Dear Merchant,

At Peach Payments, we strive to continuously provide world-class, leading payments infrastructure that offers a secure and seamless experience for our merchants and their customers.

One of the major initiatives that we are currently undertaking (in line with global payment standards) is switching over our merchants to the VISA and Mastercard mandated 3D Secure Version 2 authentication flow.

This mandated switchover requires our merchants who make use of our Recurring Payment/Card Storage functionality to add an additional parameter to their initial payment requests.

Why is this now a requirement?

  • With the rapid growth of eCommerce and the subsequent increase in volumes of stored card transactions, VISA and Mastercard have rolled out new mandates which pertain to how cardholders’ payment credentials (i.e. account details) are stored for future purchases.

  • Part of this mandate includes the switch to 3D Secure 2 (3DS2) Security Protocol

    • Including this parameter makes sure that the customer goes through their bank’s 3D Secure Authentication process, which is necessary/now mandated for your recurring payments to continue securely.

    • Change of API Endpoint URL for Improved Security

    • - This entails changing the endpoint of requests sent to Peach (both POST and GET requests)

    • COF - Credentials On File API - Peach Payments

    • - This is a parameter change is in conjunction to how cards are tokenised and how those tokens are charged. More on CoF here

In the past with 3DS 1, you would have replied on the initial transaction being fully authenticated giving you comfort in the likelihood that the subsequent transactions would be formed by the card hold, meaning less risk of being disputed. 

In 3DS 2, if you do not submit the correct parameter with the initial transaction, there is a higher likelihood that fraudulent transactions would occur.

Deadline - while the deadline is June 2022, the longer the merchant takes to implement, the higher likelihood of receiving chargebacks. 


Thank You for using Peach Payments as a Payment Gateway and please do not hesitate to reach out to us if you have any questions.

Peach Payments Support

Contact us at support@peachpayments.com