Strong Customer Authentication (SCA), as part of PSD2 regulation in Europe, requires changes to how European customers authenticate online payments. Card payments require a different user experience, namely 3D Secure, in order to meet SCA requirements. We've updated our Payments package to prevent Transactions from being declined by banks. Read more here.
The new requirements for SCA affect our customers in Europe as that is where the PSD2 regulation is being implemented. Read more here.
Blackthorn Payments Features Supported:
Capturing a Transaction through PayLink with SCA regulated Payment Methods.
Capturing a Transaction through Donations with SCA regulated Payment Methods.
Capturing SCA regulated Payment Methods and Transactions through the Virtual Terminal.
Not recommended and requires an additional configuration.
Capturing SCA regulated Payment Methods through the Transaction object.
Not recommended and requires an additional configuration.
Please watch the below videos for instructions on how to enable SCA and MOTO.
We've added a Custom Setting in Setup so users can easily enable their org for SCA.
Navigate to Setup.
Type "Custom Settings" in the
Quick Findmenu and click
Blackthorn Pay - Trigger Settings.
Click the checkbox next to
SCA is now enabled.
In order to use MOTO when creating and capturing payments through the Virtual Terminal, you will need to add a field to the page layout on the Payment Gateway object. This field is labeled
Stripe MOTO Enabled. When this checkbox = "true" we will set the MOTO flag on Stripe charge requests. In other words, your Transactions will succeed when using a Payment Method that doesn't require additional authentication.
If your implementation requires that you will need to create new Payment Methods from the Payment Method object and capture Transactions from the Transaction object, there is another checkbox that needs to be added to your Payment Method object's page layout for credit cards. This is the
Enable MOTO field. When this checkbox = "true" we'll set the MOTO flag on Stripe charge requests so that transactions can get captured without going through two-factor authentication.
In order to charge a newly created SCA regulated credit card number in the Virtual Terminal and the Transaction object, you will need to reach out to Stripe support to get your Stripe account configured for MOTO.
Reach out to Stripe Support to get your Stripe Account “Gated” for MOTO.
Navigation: Stripe Support Site from Help Menu -> Click Contact Support -> This will initiate a chat with support.
Stripe will ask you why you need this and you can reply that you need to take over the phone payments through the API with the Blackthorn App.
Make sure Stripe Support gates MOTO for your account in Test and Live mode.
From now until December 22nd, 2020, the below directions will teach you how to test the new features and enhancements until they are automatically pushed.
You will need to replace the PayLink URL
paylink.blackthorn.io domain to a test domain. Also you'll need to replace the Donations form URL
donations.blackthorn.io domain to a test domain.
What Features are Affected by This?
- SCA for Paylink
- SCA for Donations
TEST DOMAIN for PayLink:
TEST DOMAIN for Donations:
For example, when you create a Transaction record, a PayLink URL is generated with the
paylink.blackthorn.io domain like this one:
You'll then click on the PayLink URL so it opens up in a new page. Remove
paylink.blackthorn.io and replace it with
https://paylink-dev-v2.herokuapp.com so it looks like this:
Use the following test card to prompt for additional authentication ->
Other regulatory (3D Secure) test cards can be found here.
If you have any questions about this or need help with testing, please don't hesitate to reach out to us through our support form.
If your Stripe account has not been gated for MOTO by the Stripe support team you will notice that your Transactions will fail when you try to capture a charge from the Transaction object or the Virtual Terminal for new SCA regulated Payment Methods.
What Does This Look Like?
- When capturing a charge from the Transaction object and MOTO is not gated on the Stripe Account:
- When a capturing a charge from the Virtual Terminal and MOTO is not gated on the Stripe Account:
When using features like PayLink you'll notice that the flow of the UI has an additional step. This is to support the additional authentication process. In live mode, customers will navigate to the PayLink as they've done in the past. After clicking
PAY customers will be asked to verify their identity with a push notification, a text message, or another method chosen by their bank. Read more here.
Existing Payment Methods that you have saved in your orgs should continue to work with the new SCA regulations. Also, Payment Methods that do not require the additional authentication step will continue to work as expected into the future.
If you need to enable SCA in your Salesforce org you will notice that existing Payment Methods used with your Stripe Billing records will continue to work as expected. If you are setting up a new Subscription through Salesforce and it requires a new Payment Method, that Payment Method will need to be authorized before the Stripe Subscription shows up as "Active" in the Stripe dashboard.
How Do I Make Sure My Card Is Authorized?
Use an existing, valid Payment Method.
Create a Payment Method in the Virtual Terminal.
Create a Payment Method through the "New Payment Method" button on Contact/Account
How Can I Use the Stripe Dashboard to Authorize a Payment Method
Let's say you created a new Subscription that requires a new Payment Method. You can create your Subscription in Salesforce and push to Stripe. There you will notice your Subscription shows as incomplete. This is because the Payment Method still needs to be authorized. You can complete this step in Stripe.
- Navigate to the Subscription in Stripe.
- Click on the "Open" Invoice associated with the Subscription record.
- In the
Detailssection on the Invoice in Stripe click the link next to
- From there you will be prompted from Stripe to complete authorization and capture the payment.
Will existing, Valid Credit Card Payment Methods still work after SCA is enabled?
- Yes! Valid Credit Card Payment Methods will continue to work as expected after you enable SCA.
Will existing, Valid ACH Payment Methods still work after SCA is enabled?
- Yes! New and existing ACH Payment Methods will continue to work as expected after you enable SCA.
If SCA is enabled and I use Plaid with Stripe, will I encounter any issues?
- No, with SCA Enabled you can still continue to use Plaid without issue or interruption.
If SCA is enabled and I use Authorize.net or Spreedly, will I encounter any issues? What if I am in Europe?
If I enable SCA and use Events and PayLink, will there be any issues with Event registration?
- No, Events registration will continue to work without issue after SCA is enabled for cards NOT requiring authentication. SCA-ready support for Events checkout is on our product roadmap.
If I enable SCA and use DocumentLink and PayLink, there will there be any issues with DocumentLink?
- No, DocumentLink will continue to work without issue after SCA is enabled for cards NOT requiring authentication. SCA-ready support for DocumentLink is on our product roadmap.
Has the REST API gotten updated? What about the Apex API?
With SCA enabled, can I can use PayLink and Donations checkout and the Payment Method can be used for future recurring payments (without having to re-verify)?
- Yes! Once the Card has been authenticated through the PayLink or Donations checkout, that Payment Method can be used for future or recurring payments without additional authentication.
With SCA enabled, can I create ACH Payment Methods through PayLink or Donations and reuse them in the future?
- Yes! ACH Payment Methods are not affected by SCA regulations.
With the Virtual Terminal, Can I capture payments the same way before SCA was enabled?
- Yes, but with some additional setup. Please see the additional setup needed here.
Updated over 1 year ago