Dear Merchant,
Please see below important information for your Developers with regards to the PASA (Payment Association of South Africa) and PCI (Payment Card Industry Data Security Standard) mandated switch over to 3D Security 2 Standard and the required API call changes.
At Peach Payments, we strive to continuously provide world-class, leading payments infrastructure that offers a secure and seamless experience for our merchants and their customers.
One of the major initiatives that we are currently undertaking (in line with global payment standards) is switching over our merchants to the VISA and Mastercard mandated 3D Secure Version 2 authentication flow.
This mandated switchover requires our merchants who make use of our Recurring Payment/Card Storage functionality to add an additional parameter to their initial payment requests.
One of the major initiatives that we are currently undertaking is switching over our merchants to the 3D Secure 2 standard, as part of a global roll-out.
To find out more about 3DS 2 and why switching to this standard will add considerable value to your business, please have a look at this support page we have put together for you: What is 3DSecure 2?
After a technical assessment of your integration with Peach, we observed that extra technical work will be required on your side for this switchover to be completed. You will need to add a few extra parameters to your integration in order to handle 3DS Secure version 2 (Communications about these changes were likely sent out prior to you coming on board with us).
The changes that need to be made can be found on this link here: https://peachpayments.docs.oppwa.com/tutorials/threeDSecure/3d-secure-2.0-guide#Technicalintegrationguide-OPPServertoServer
Everything up until the section “Fields Required for 3D Secure 2” needs to be added.
Then, from the section “Fields Required for 3D Secure 2”, every parameter marked with “Mandatory”, needs to be included. The “Required unless market or regional mandate restricts sending this information” are recommended and we advise that they are included, but are not mandatory.
Section on “Merchant related fields configured in the gateway” and thereafter, you do not need to worry about - they are handled on our end.
Once completed please let us know so we can activate 3Ds2 on your account to push the traffic as 3Ds2
Deadline for these Changes: 23 September
Please also note the following important changes required if you have not done so already:
.Change of API Endpoint URL for Improved Security (Deadline Past)
This entails changing the endpoint of a requests sent to Peach (both POST and GET requests)
COF - Credentials On File API - Peach Payments (For Merchants who do Recurring/Subscription Payments)
This requires parameter changes and with regards to how cards are tokenised and how those tokens are charged.