I see that on September 14th, 2019, that a new European regulatory requirement called “Strong Customer Authentication (SCA)” will introduce two-factor authentication requirements for many online payments in Europe.
Infusionsoft Order API functions never supported 3D Secure, but with these changes coming along in a few months time, how is this going to be handled?
For Developers who have made custom API Order Forms that work for European customers, that is going to cause some problems. If the bank requests further authentication, then the API would need to respond back with this request, and somehow that additional information would need to be relayed back. Otherwise these type of custom API Order Forms are going to have a higher rate of cards declining in the future.
This would need to be handled for both XML-RPC and REST functionality.
Are there any plans to support this? Otherwise 3rd party solutions would have to be investigated.
I raised this query back in March and was told they were speaking to their legal team but didn’t know anything about it at the time. I can see no-one at Infusionsoft has bothered to respond to your query at all. It’s getting quite concerning now since it comes into play in September.
This discussion has also been raised in the Infusionsoft Open User Facebook Group as well.
Amanda recently write this post on July 4th:
Yesterday we had Crystal say she will look into it and report back.
Seb wrote this post on June 5th:
It is now 10 weeks to go when this becomes active. What is concerning is that no one from Infusionsoft has mentioned anything. This will affect any Custom Developed API Order Forms that have their payment service provider based in the European Economic Area (EEA) area. If nothing is done, there is going to be a higher risk of failed payments.