Top FAQs

With the introduction of the PSD2 guideline, all your customers will have to pass a 3-D Secure authentication check (apart from some clearly defined exclusions and exemptions). To make sure 3-D Secure is correctly rolled out for your transactions whenever necessary, go through this checklist:

  1. Confirm that 3-D Secure is active for all credit card payment methods in your Back Office via Advanced > Fraud Detection > 3D-Secure

    BO-3DS-active.png
    The image above shows where to find the 3-D Secure activation status for your payment methods in the Back Office

    If any of your payment methods is not “Active” as stated in column “3-D Secure status”, contact us

  2. Check that your integration implements the 3-D Secure step correctly. For Hosted Payment Page, we take care of this, but for DirectLink you need to implement it yourself

  3. Understand when exclusions and exemptions from 3-D Secure apply. Learn how to implement it correctly for Hosted Payment Page and DirectLink

  4. Know when to skip 3-D Secure using our Soft Decline feature and how to recover them via DirectLink

If a transaction reaches status 2, it is important for you to know whether this is related to a PSD2 violation. Our platform offers you multiple sources of information that will help you. Use them to confirm your integration takes the PSD2 guideline into account:

  1. Look up the transaction’s error code. The most common PSD2-related errors are:
    NCERROR Root cause/Possible solutions
    40001137
      • You advised our platform to perform the authorisation step although there was no 3-D Secure check 
      • As your customer’s bank rejected the transaction, this is out of your control
    40001139
    40001134
      • Your customer was unable to pass the 3-D Secure check
      • Contact your customer to learn why s/he was unable to pass the check
    40001135
      • Your customer’s issuer was not available to roll the 3-D Secure check
      • As your customer’s bank failed to roll out 3-D Secure, this is out of your control. Consider offering alternative payment methods for retries

    Check our dedicated Transaction error codes guide for detailed information about these decline reasons

  2. Receive parameter CH_AUTHENTICATION_INFO in your transaction feedback for Hosted Payment Page and DirectLink. It contains information about decline reasons from your customers’ issuers

  3. Consult our dedicated 3-D Secure status guide to get fully familiar with 3-D Secure. Understand all 3-D Secure statuses and learn how to read the authentication log

The EU’s Second Payment Services Directive (2015/2366 PSD2) entered into force in January 2018, aiming to ensure consumer protection across all payment types, promoting an even more open, competitive payments landscape. Acting as a payment service provider, we pride ourselves on being confirmed PSD2 compliant since 29 May 2018.

One of the key requirements of PSD2 relates to Strong Customer Authentication (SCA) that will be required on all electronic transactions in the EU from 1st January 2021 for Europe and from 14th September 2021 for UK. SCA will require cardholders to authenticate themselves with at least TWO out of the following three methods:

  • Something they know (PIN, password, …)
  • Something they possess (card reader, mobile. …)
  • Something they are (voice recognition, fingerprint, …

This means your customers, in practice, will no longer be able to make a card payment online by using only the information on their cards. Instead they will have to, for example, verify their identity on a bank app that is connected to their phone and requires a password or fingerprint to approve the purchase.

More information about PSD2 can be found here: https://www.europeanpaymentscouncil.eu/sites/default/files/infographic/2018-04/EPC_Infographic_PSD2_April%202018.pdf

From 1st January 2020 for Europe and from 14th September 2021 for UK, Strong Customer Authentication (SCA) rules will come into effect for all digital payments in Europe. Right now, banks, payment service providers and card networks are all working on technical solutions that will comply with the requirements for PSD2. To accept payments after January 1st you will have to make sure that these technical solutions will work with your online store.

Accepting payments from the world’s largest card networks, Visa, Mastercard and Amex, will require that you have implemented the security solution 3D Secure for your online store. 3D Secure has been used since 2001 to improve the security for online card transaction but now a new version has been developed that will facilitate the PSD2 Strong Customer Authentication requirements.

We recommend you to use 3-D Secure, since it helps prevent fraud and also protects you from liability in case of any fraud. From January 1st 2020 it will also be a requirement for accepting the payments from major cards.

First, you need to make sure that 3-DS is enabled on your online store for all your payment methods (Visa, MasterCard, American Express, Carte Bancaire, JCB). Make sure it's done. If not, please ask our support to activate it.

As 3-D Secure version 2 (3DSv2) aims to grant the Strong Customer Authentication (SCA) trigger to the issuing bank, the issuing bank needs to better assess the risk involved within transaction. As a consequence the 3DSv2 specification contains a lot of data elements. Good news if you are using our fraud tool, since some of them are already commonly used in our fraud screening!  Of course, some are new and specific to 3-D Secure v2. In summary the data elements can be categorized as follows:

  • Mandatory information - browser data:
      • Card holder name (CN)
      • Integration with Shopping Carts?
        You are kindly invited to go onto the shopping cart market place to install the latest version of the Worldline plugin or take contact with your supplier directly. 
      • If you are using our eCommerce page, mandatory information are collected by Worldline. You can directly go to the recommended information below.
      • If you are using your own payment page, you will need to collect mandatory information yourself as per below. We advise you to consult our support page to find out how and take a look at the example of java script.
    • Read more in the Directlink 3D guide
  • Recommended information - these could possibly be used as part of fraud prevention screening:
      • Email (EMAIL)
      • IP address (REMOTE_ADDR)
      • Phone number (Mpi.WorkPhone.subscriber, Mpi.HomePhone.subscriber ...)
      • Billing address (ECOM_BILLTO_POSTAL_CITY, ECOM_BILLTO_POSTAL_COUNTRYCODE, ECOM_BILLTO_POSTAL_STREET_LINE1 ...)
      • Shipping address (ECOM_SHIPTO_POSTAL_CITY, ECOM_SHIPTO_POSTAL_COUNTRYCODE, ECOM_SHIPTO_POSTAL_STREET_LINE1 ...)
    • Note that the recommended/optional parameters should be provided to benefit from the friction less flow which can increase your conversion.
  • Optional information – extended cardholder/account data as introduced by EMVCo:
      • Mpi.cardholderAccountAgeIndicator
      • Mpi.cardholderAccountChange
      • Mpi.cardholderAccountPasswordChange
      • Mpi.suspiciousAccountActivityDetected
      • Mpi.threeDSRequestorChallengeIndicator
    • Read more in the full list

Our existing APIs already capture a lot of the data elements, but we are adding a lot of new data elements. The reason is that we believe that everybody in the payments ecosystem benefits from increased security, with the least amount of negative impact to the experience of the consumer. Payments are based on trust and by providing more data it becomes easier for parties to trust one-another, without requiring additional challenges to authenticate the consumer. Almost all of the newly added data elements are optional, but we advise you to supply as much of them as possible. This increases the likelihood of your transactions following the frictionless flow, while you benefit from liability shift. In case you use the Worldline hosted payment page, we will capture the browser related data automatically.

The level of required changes will differ based on the type of integration you have with Worldline.

If you use our eCommerce page, Worldline will take care of all mandatory fields.

If you are integrated in DirectLink, meaning that you have your own payment page, we have a Javascript example available on the support page to collect the mandatory data.

For the optional information collection, refer to our support page on how to integrate with Worldline.

If the issuer is applying new PSD2 ruleset and 3DS is not active in the merchant's account, the transaction will be rejected with a new error code - soft decline. Therefore, please make sure to have 3DS active for each brand in your account(s). If you are integrated with DirectLink (Server to Server), you will need to implement the soft decline mechanism.

For more information the merchant can always contact his acquiring bank.

All PCI related information can be found on the PCI Security Standard council website.

Worldline delivers payments services that are compliant with state of the art data security standards in the payment industry: PCI DSS.

PCI DSS includes a large set of security requirements and controls which are implemented and run on a regular basis.

These security controls aim to keep a constant high security level on the payment platform, which leads to optimal protection for transactions and data.
 

Setting up firewalls correctly is important in ensuring that transactions are processed successfully.

Read our dedicated guide

We have put together some commonly asked questions along with links to help support our customers during these times. Do visit the COVID-19 FAQ page for more information.

Your invoices for the last 24 months are available in your Worldline account. Log in to the Back Office and go to “Configuration > Billing”. Select the invoice you wish to download.

BOinvoices

You can access invoices older than 24 months via the Order2Cash platform.

To register with Worldline, simply click "Open a free test account" on our website and fill in a short form. 

As soon as we have checked your details, we will e-mail you a temporary password. 

Once you have received your temporary password, you will be able to log in using the ID you chose when you first registered. To complete your registration and fully activate your account, please complete the steps listed on your account’s home page. 

When processing transactions online, dealing with Interchange fees (IC) and Scheme fees (SC) can be challenging: It's not always clear for what exactly acquirers and card brands charge that money. Moreover, the trend of increasing these fees might add to that confusion. 

Worldline is happy to help you manage these fees by offering two models. Depending on your business model, either the IC++ or the Blended pricing will suit your needs best. Our colleagues from our Sales department are at your service to help choose the best option for you:

  • IC++ combines the Interchange fee, the Scheme fee and an additional percentage of the transaction amount value to one fixed price per transaction. IC++ is a passthrough model and therefore subject to cost swings.
  • Blended Pricing applies a fixed percentage of the transaction amount value. All Interchange, network dues and assessment fees are covered, the Blended Pricing protects you against cost swings (especially IC & SF price increase) and card mix.

 

 

 

If you want a production account, please send an e-mail to your account manager. If you do not have an account manager assigned to your account yet, please contact us

 

Please send our Customer Care department the signed contract. In order to activate your account, at least one payment method must be activated. If you want more information regarding payment methods, please contact your account manager.

If you use our eCommerce page, Worldline will take care of all mandatory fields.

If you are integrated in DirectLink, meaning that you have your own payment page, we have a Javascript example available on the support page to collect the mandatory data.

For the optional information collection, refer to our support page on how to integrate with Worldline.

NCERROR and NCSTATUS are complementary statuses that will provide extra information in case of transaction failure.

NCERROR is an 8-digit code. Find a full list of all possible errors in your Back Office: Operations > View Transactions. Look up the impacted transaction and click on "?", as shown in the overview:

BCfaq_BOnav

NCfaq_BOtarget

For eTerminal transactions we display the fields in the transaction overview as shown above in "NC ST/ER" (ST = NCSTATUS / ER = NCERROR). We also provide both fields in our transaction feedback for all other integration modes. Learn here how to receive it for the channel you use:

Find a list of supported payment methods here

As soon as you've completed all the necessary steps and we've received all the relevant documents and a signed contract, we'll activate your account. The quicker you can complete these steps and send us the documentation, the quicker we can open your account.

Please note that you need at least one active payment method before we can activate your account. 

On this support site you can find all manuals presenting our products. Feel free to browse these documents.

Payment processing is a service that allows websites to sell online by accepting payment via electronic methods such as credit cards, debit cards and bank transfers.

Provided by payment service providers, payment processing is the technical connection or 'gateway' between a website and the financial institutions or 'acquirers' that govern different payment methods. To put it simply, without a payment service provider you won't get paid.

Working with Worldline, you will benefit in three key ways. Firstly, our payment gateway is connected over 200 domestic and international acquirers. So, whether you want to take online, mobile or phone payments, we're ideally placed to help you find the right acquirers for your market and offer the payment methods that are preferred by your customers.

Secondly, we can collect your payments too. We can help you activate several payment methods from different acquirers with just one contract so you can offer your customers more of the local payment methods they know and trust.

And finally, as well as processing and collecting payments, we also offer advanced fraud prevention solutions to help businesses accept more safe orders and block more fraudulent transactions.



To learn more about ways we can help your business, see our solutions page.

Worldline offers a complete suite of flexible products, sophisticated technologies and dedicated expertise to help you manage and optimize your online fraud prevention practices. Our industry-leading fraud detection tools and experts bring over 20 years of industry and regional expertise, and we will work closely with you to develop, implement and manage a holistic fraud solution that includes prevention, detection and management. We also offer comprehensive chargeback management and dispute management solutions. 

By working with Worldline, you can pick the solutions that best fit your needs and customize our services to either outsource fraud management functionalities or keep them in-house with our ongoing support.

An acquirer is a financial institution that processes payments from certain credit and debit cards. The acquirer is responsible for the financial part of transaction processing and Worldline is responsible for the technical part. In other words, without an acquirer the money will not be transferred to your bank account.

For every online payment method you want to add, you need an acceptance contract with an acquirer. If you’d like advice on which acquirer would be best suited for you and your region, please contact us. If you know which acquirer you want to work with, you can simply select them from the drown down list when adding a payment method in your account. 

But why not let us take care of it for you? Full Service allows you to activate many local payment methods, all at once and in several different countries – with one single contract. If you trade internationally, it could be the ideal way to accept payments from all across Europe. It saves you time-consuming administration and because you can offer more payment methods, it can also increase your revenues. 

Find out more about Full Service here and by contacting us and asking for contract information.

Full Service allows you to activate many local payment methods all at once, and in several countries, with one single contract. If you trade internationally, it could be the ideal way to accept payments from all across Europe. It saves you time-consuming administration and because you can offer more payment methods, it can also increase your revenue.

Through our affiliate Worldline Financial Solutions, we are able to collect the payments from your customers via their local acquirers and send them directly to your merchant account once they have been authorised.

In your Worldline account, your Full Service payment methods will be preconfigured with the affiliation details of Worldline FS so for each transaction received, they will be able to route the money directly into your merchant account.

As the payment process with Full Service is the same as the normal payment process, transactions with Full Service will work perfectly with any shopping carts that support Worldline ePayments e-Commerce.