Enable 3DS2 for your PayPal Payflow account
Learn how to enable 3D Secure 2.0 for your PayPal Payflow account and configure the necessary settings to support 3DS2 integration.
Before configuring your Zuora tenant, you must enable 3D Secure 2.0 for your PayPal Payflow merchant account. PayPal Payflow integrates with CardinalCommerce's Cardinal Cruise technology to provide support for 3DS2. For more information, see PayPal's Documentation.
Configure the gateway instance
Only the PayPal Payflow version supports 3DS2. If you are using another version of the PayPal gateway integration, create a new PayPal Payflow gateway instance.
Note that the following fields are required to enable 3DS2:
-
API Key
-
API Identifier
-
Org Unit ID
-
Processor ID
-
Merchant ID for PSD2
-
Transaction Password
Configure 3DS2 settings in Payment Pages
When setting up a Payment Page, select the Enable 3D Secure 2.0 checkbox and select the created gateway instance from the Default Payment Gateway dropdown list. You can complete other settings as usual.
Zuora recommends you to enable the CAPTCHA challenge feature so that you can limit the number of times end customers can attempt to submit the form after they fail the authentication. CAPTCHA challenge can be used with the 3DS2 feature to prevent potential bot attacks and reinforce the transaction security.
For more information about enabling and configuring CAPTCHA, see Security Measures for Payment Pages 2.0.
The "Best practices" section in Zuora's implementation of 3D Secure 2.0 provides best practices for reducing the possibility of failed transactions due to 3DS2 authentication errors.