We have a commerce site we're attempting to get 3D Secure (Verified by VISA/Mastercard Securecode) set up with.
We are using DataCash as our payment provider.
We are seeing the following issue:
Some cards that are enrolled in these schemes are being successfully shown the 3D Secure pages, others are failing, and talking to the issuing banks hasn't helped as they are telling us they haven't seen the transaction.
We are getting messages from servers like "cap.securecode.com" stating:
Your authentication could not be completed because of a system error. If this happens consistently, please contact your CSR".
Or from "www.securesuite.co.uk":
You cannot access this page.
This may be due to one of two reasons:
- The FI you are trying to access is deactivated
- The access to the FI is restricted for specific IP addresses, and your address is not one of them
Has anyone else seen these errors returned from the verifying banks, and how can I resolve it?
I'm trying to get further details of any pattern to the successes and failures.
It looks like there was an issue with the form we were using to submit the request to the 3D Secure servers:
<form method="post"
enctype="multipart/form-data"
action="https://[3dSecureServer]">
<input value="[EncodedRequest]" name="PaReq" type="hidden">
<input value="[RetailerReference]" name="MD" type="hidden">
<input value="[RetailerReturnUrl]" type="hidden" name="TermUrl">
<p>If you do not see your card issuer's instructions, below,
please click <input value="Continue" name="TDAction" type="submit"></p>
</form>
Removing the enctype
attribute from the form seems to have resolved the issue - it's had no effect on the transactions that were succeeding, and allows those transactions that where failing to succeed as well.
I imagine that this was taken from some other sample code.