Enable 3DS2 for Braintree gateway integration
Learn how to enable 3D Secure 2.0 (3DS2) for Braintree gateway integration to comply with PSD2 using Payment Pages 2.0.
3D Secure 2.0 (3DS2) is a widely recommended solution for strong customer authentication (SCA) under PSD2. Zuora's Braintree and Braintree v2.0 gateway integrations provide support for 3DS2 through the embedded iFrame of Payment Pages 2.0
To comply with PSD2 using 3DS2, you must enable 3DS2 settings in Payment Pages . Then you can implement and use Payment Pages 2.0 as usual. See Payment Pages 2.0 implementation overview for more information.
Enable 3DS2 settings in Payment Pages=
When setting up a Payment Page, select the Enable 3D Secure 2.0 checkbox and select the created gateway instance from the Default Payment Gateway dropdown list. You can complete other settings as usual.
Zuora recommends you to enable the CAPTCHA challenge feature so that you can limit the number of times end customers can attempt to submit the form after they fail the authentication. CAPTCHA challenge can be used with the 3DS2 feature to prevent potential bot attacks and reinforce the transaction security.
For more information about enabling and configuring CAPTCHA, see Security Measures for Payment Pages 2.0.
If you select a gateway integration that does not support 3DS2, an error message is displayed when saving the Payment Page.
3DS2 Challenge Requested
A 3DS2 Challenge Requested setting is available on the gateway setting page. By selecting this setting, the challengeRequested: true indicator will be passed to the Braintree gateway to request the cardholder challenge. The 3DS2 authentication challenge will be enforced if possible. Ultimately, it is the issuing bank that determines whether a card needs to be authenticated through a challenge.
See Braintree Gateway for more information.
The "Best practices" section in Zuora’s implementation of 3D Secure 2.0 provides best practices for reducing the possibility of failed transactions due to 3DS2 authentication errors.