Forums / PayPal Website Payments Pro support / 3D-Secure: NOT PROTECTED???

3D-Secure: NOT PROTECTED???

Results 1 to 9 of 9
26 Mar 2013, 03:43
#1
batracy avatar

batracy

New Zenner

Join Date:
Jun 2012
Posts:
57
Plugin Contributions:
1

3D-Secure: NOT PROTECTED???

Just implemented PayPal Payments Pro and now when people pay with their credit card I'm seeing the following message in the comments section of their order on my admin page:

3D-Secure: NOT PROTECTED
ECI Value =
CAVV Value =

What is this? I didn't see anything in the configuration about 3D-Secure. Did I miss something?

If they pay using PayPal, no such message.
26 Mar 2013, 07:20
#2
drbyte avatar

drbyte

Sensei

Join Date:
Jan 2004
Posts:
63,506
Plugin Contributions:
173

Re: 3D-Secure: NOT PROTECTED???

It simply means that the transaction isn't protected by the 3D-Secure transaction protection coverage which PayPal offers.
26 Mar 2013, 14:32
#3
batracy avatar

batracy

New Zenner

Join Date:
Jun 2012
Posts:
57
Plugin Contributions:
1

Re: 3D-Secure: NOT PROTECTED???

Should I be concerned that this is not provided? Is this something I need? Where do I find and configure it? I did a search of PayPal and did not find anything on 3D-Secure!
26 Mar 2013, 17:22
#4
drbyte avatar

drbyte

Sensei

Join Date:
Jan 2004
Posts:
63,506
Plugin Contributions:
173

Re: 3D-Secure: NOT PROTECTED???

The information you posted suggests that the credit card used didn't qualify for 3D-secure processing, thus was irrelevant.

Sounds like you don't know what 3D-Secure is. Some visa/mastercard accounts have a password associated with them, and in those cases the 3D-secure step is the thing which makes the customer enter the password they'd previously selected.

References:
Files already on YOUR own site:
- your_site.com/vbv_learn_more.html
- your_site.com/mcs_learn_more.html

Wikipedia:
- http://en.wikipedia.org/wiki/3D_secure
26 Mar 2013, 18:29
#5
batracy avatar

batracy

New Zenner

Join Date:
Jun 2012
Posts:
57
Plugin Contributions:
1

Re: 3D-Secure: NOT PROTECTED???

You are correct in that I am unfamiliar with what 3D-Secure is. Thanks for pointing me to available information on this.

It seems however, there is some inconsistency in the implementation of this. For example:
- In looking through older threads on this particular issue it would seem that 3D-Secure is only used for a UK based merchant store.
- In looking through the code (paypaldp.php module), there is a check for the merchant being set to UK in all areas where 3D-Secure is used except where the message is generated for the order history.

Based on this, one could conclude that the 3D-Secure is only for UK based merchants and that there is an error in the code causing the message to be generated for non UK based merchants. My store is US based.

So now my question is, is 3D-Secure only for UK merchants? If so, then would adding the check for the merchant being UK based on line 868 of paypaldp.php module correct this issue? (Yes, I understand the code and can make the change if required). If not, then why does the code check for the merchant being UK based?

Thanks!
26 Mar 2013, 18:37
#6
drbyte avatar

drbyte

Sensei

Join Date:
Jan 2004
Posts:
63,506
Plugin Contributions:
173

Re: 3D-Secure: NOT PROTECTED???

PayPal only requires it for UK merchants who have opted to accept Mastercard-affiliated cards.
Thus, yes ZC intentionally handles it only when in UK mode.
26 Mar 2013, 18:42
#7
batracy avatar

batracy

New Zenner

Join Date:
Jun 2012
Posts:
57
Plugin Contributions:
1

Re: 3D-Secure: NOT PROTECTED???

Thanks! Appreciate the quick response!

Is there any problem with editing the code so the message is not generated then?
26 Mar 2013, 18:43
#8
drbyte avatar

drbyte

Sensei

Join Date:
Jan 2004
Posts:
63,506
Plugin Contributions:
173

Re: 3D-Secure: NOT PROTECTED???

probably no problem
26 Mar 2013, 18:49
#9
batracy avatar

batracy

New Zenner

Join Date:
Jun 2012
Posts:
57
Plugin Contributions:
1

Re: 3D-Secure: NOT PROTECTED???

Ok, changing line 868 in module paypaldp.php from:

if ($this->requiresLookup($order->info['cc_type']) == true) {

to:

if (MODULE_PAYMENT_PAYPALDP_MERCHANT_COUNTRY == 'UK' && $this->requiresLookup($order->info['cc_type']) == true) {

I'll post here if this creates any problems.

Thanks again for the help!