Question

I see inconsistent information regarding Magento and PSD2 Compliance and an implementation date of September 14, 2019. What steps, if any, can be taken to make my Magento 1 store compliant?

Is this a "real" issue for US-based merchants using US banks?

From what I understand, Magento 2 will provide compliance with updated payment gateways, etc. so there's not a lot of mystery there...if I'm understanding it correctly (Source: https://community.magento.com/t5/Magento-DevBlog/3D-Secure-2-0-changes/ba-p/136460)

No correct solution

OTHER TIPS

Some payment implementations as e.g. PayPal use an external payment page, so that merchants shouldn't have to take any action. What confuses me though is a recommendation for Magento Commerce (and Open Source?) 1.x that was sent in a Magento newsletter today:

When and/or where use of 3DS 2.0 is required, Merchants will either need to replace PayPal with Braintree or upgrade to Magento 2.3.x.

I reached out to Piotr Kaminski, who is a Lead Product Manager at Magento and he replied as follows:

The PayPal integration that is in 1.x for some of the PayPal payment methods require use of Cardinal for 3D secure. The Cardinal integration only supports 3DS 1.0. PayPal Standard/Express/HSS Pro is not affected. All the others (PayFlow Pro, PayFlow Link, PP Payments Pro 2.0/3.0, PP Advanced) are affected and the recommendation is to switch to Braintree

If you payment implementation does not redirect to an external payment page, the merchant has to update or replace the payment module to be compliant with PSD2.

Here's another quote from the same Magento newsletter:

This new directive has a significant compliance impact on most payment processing services involving credit cards or bank transfers for goods & services sold to customers in the EU.

This many no longer be a issue (until March 2021). The FCA have recently announced an 18-month extension ( thanks to wr125 for point that out). I contact sagepay and the have confirmed that the deadline is now March 2021, and while 3d secure v2 will be live on the 14th of September you can still use the old 3d secure v1.

I recommend contacting you payment processor to confirm

Licensed under: CC-BY-SA with attribution
Not affiliated with magento.stackexchange
scroll top