Important Updates from MasterCard for September 2021

Posted On: Friday, September 3rd, 2021

MasterCard Identity Check Updates. 3DS1 Attempts server to be decommissioned on October 5th, 2021. 

A number of important changes are announced by MasterCard for the MasterCard Identity Check Program. Below is an abstract covering topics of interest to merchants.

  • UPDATE: SPA1 for EMV 3DS will be retired on September 30, 2021, not October 15 as previously communicated.
  • REMINDER: A reminder that on Sept. 30, 2021 ACSs/3DS Servers must support the enhanced Transaction Status Reason processing logic as introduced in AN 4805. This enhancement also introduces a new Directory Server-specific transStatusReason value of 83 – ‘DS dropped reason code received from DS’, as well as a new Directory Server-specific authenticationType value of 83 – ‘DS altered transaction status’ (the addition of the new authenticationType value will be published in an upcoming update expected Sept. 7, 2021.)
  • REMINDER:  Per the Identity Check Program Guide, requirement 149, ACS operators must challenge a request to add a Card-on-File (COF) regardless if it is requested using a non-payment or payment transaction.  There are further details in the Program Guide with respect to specific data elements and values in the AReq that indicate this type of transaction.
  • REMINDER: As per security standards, Mastercard is planning to Introduce Application Security Manager ( ASM ) Policy in both our 3DS1 and 3DS2 Mastercard Networks. In preparation to this all the Merchants (MPIs/ 3DSS) using cookie attributes that are following prior (pre-2011)  grammar are advised to adhere/reference to RFC 6265 standards for cookie handling grammar and behavior. All customers must adhere to RFC 6265 and make any code changes by the end of  September 2021.
  • REMINDER: On September 14, 2021, Mastercard will add UK/Gibraltar to the list of countries where Smart Authentication Stand-in will no longer fully authenticate Intra-EEA/UK/Gibraltar transactions above EUR 30. All Intra-EEA/UK/Gibraltar transactions above EUR 30 will receive a Attempts authentication response.
  • REMINDER: On September 14, 2021, Issuers in UK/Gibraltar may be automatically enrolled into Smart Authentication Direct for Acquirer Exemption service if they step-up more than 10 percent of their authentication requests featuring acquirer exemptions or Strong Consumer Authentication (SCA) flags.  
    • SPA1 for EMV 3DS will be retired on September 30, 2021.
    • 3DS1 Attempts server to be decommissioned on October 5th, 2021.  

Full support for major card brands and banks

Making eCommerce Safe

Be in the know

Industry news, events and major releases.

Important Updates for Visa, MasterCard and Amex for November 2021
Posted on: Friday 26th November, 2021

Visa, MasterCard and Amex all announced the sunset dates for 3DSecure Version 1.0.2 with other important dates and exceptions.

Meet us at Money2020 USA between October 24th and 27th 2021.
Posted on: Tuesday 19th October, 2021

Endeavour will be exhibiting at the Money2020 USA in Las Vegas being held between October 24th and 27th at the Venetian.

Mastercard will mandate EMV 3DS v2.2 in European Region
Posted on: Monday 11th October, 2021

MasterCard sets the road map for V2.2 aiming to improve frictionless authentication, improve user experience for out-of-band, improve UX and performance and introduce Message enhancement for Acquirer Exemptions amongst other objectives.

Here to help

Questions? We've got answers.

Kindly note that we do not support cardholders wanting to activate 3D Secure on their card. Please contact your bank directly using the phone number provided on the back of your card.