The Underscore Archives

>
> The whole idea of going off to another URL sounds like a backward step
> to me and not something I would want to do willing.
>
> However, I believe legally we may have to at some point? I can't quite
> get to grips with the rules around this. Initially I thought that from
> August this year all sites had to be able to handle 3D Secure but this
> appears to have slipped.
>
> I'm guessing from what your saying PayPal already integrate with 3D
> secure under the surface? Would that be the case for big players like
> Amazon etc?

3D Secure is just an initiative of VISA and MasterCard. You're not  
*legally* bound to do anything, but to use VISA and MasterCard's  
services you are bound by their rules. 3D Secure is one of their  
latest attempts and unless you're big enough to 'negotiate' with them,  
i.e. Google / Amazon, you need to support it.

People are increasingly aware of online security and they will feel  
more comfortable handing over their card details to their bank's  
website or a large well known and 'trusted' organization like Google,  
rather than yours. Yes, handing over to another URL does indeed feel  
like a backwards step but add in that the banks are taking  
responsibility of dealing with the card information...

...It is Good Thing. Better them deal with it and you relax safe in  
the knowledge that it's not your responsibility.

-jonathan