3. Any challenges?
One of the issues for PSPs/merchants is to deal with the different specifications of the various card networks. Using a solution from a partner like Netcetra that offers out-of-the-box integration with the SRC Systems of the major card networks overcomes this challenge.
While the 3DS flow remains outside the CtP process for some card networks, merchants can use the PSD2 exemptions as with standard transactions. Visa’s latest update allows the SRC System to perform 3DS authentication and handle PSD2 exemptions on behalf of the merchant/PSP.
4. What are the main benefits of using the Netcetera solution rather than other alternatives?
Why bother going through the difficult and time-consuming process of integrating with every single card network when a ready solution on the market saves time and costs? It enables a streamlined end-to-end certification process with quick activation and productive rollout.
Netcetera’s Click to Pay is a highly flexible and configurable solution concerning the specific requirements of merchants, payment service providers, and card networks. This white-label solution can be quickly and seamlessly integrated into any digital shopping application (anywhere in an online store or on a hosted payment page). While it works across all user devices and enables online shoppers to control their data and protect their privacy without long registration processes, it is an available package with VISA, Mastercard, and AMEX (currently fully evaluated). This results in the lowest possible effort for the merchant or PSP for implementation and integration.
Being a Netcetera client means enjoying full support during the integration process and complete reliability once live, with covered certification.
Netcetera’s product was specially designed to help PSPs become SRC Initiators with minimal effort.
Visa and Mastercard perform a rigorous review and certification of the CX, which the PSP would have to undergo if deciding to do it independently. With Netcetera’s solution, CX is already pre-certified and most likely very close to what the PSP would end up with after going through the Visa or Mastercard review and certification.
5. Who has the liability for the transaction?
Click to Pay is not involved in the cardholder’s authentication, so there is no liability shift for Click to Pay transactions. The liability shift relates to the 3DS authentication.
6. Does the merchant receive any customer info from the Click to Pay flow?
The PSP holds the cardholder data, stored and operated in a secure PCI-DSS-compliant environment, from which it can share non-sensitive data, such as the name or the billing/shipping address, to the merchant. If the merchant directly integrates Click to Pay into it e-shop, it will have direct access to the customer info.
7. Are e-shop or device-specific cookies used?
Browser-specific cookies are used, which means that if the consumer opens another merchant’s e-shop that supports Click to Pay on the same device/browser, they will be directly recognized and shown the cards from their Click to Pay profile. Those Click to Pay recognition cookies are dropped in common SRC domains of the networks.
8. What will happen if an unauthorized user gets the device and completes the payment?
Getting possession of the user’s device is the same, if not as easy, as gaining possession of a plastic card from the consumer. That’s why it's essential to perform a 3DS authentication before letting the shopper check out, and it is a must for high-value payments in Europe.
9. How is this different from MasterPass, or what is its advantage compared to other digital wallets?
Compared to the conventional card network-specific online wallet products (Masterpass, VISA Checkout, Amex Express Checkout), Click to Pay is based on a card network-neutral specification from EMVCo - implemented by all networks.
Thus, it offers the same solution and CX for all participating networks. It is expected that very shortly, it will act as a unified card network substitution solution with the customers being able to access a list of credit and debit cards they have enrolled in. In addition, it is also possible to retrieve the consumer address details from the Click to Pay profile to be used by the merchant, as is the case with some of the other digital wallets.
CtP doesn’t require a merchant login. Customers who traditionally prefer the guest checkout option no longer must repeatedly enter their card, shipping, and billing information when making online purchases. Also, Click to Pay users no longer must store and share their sensitive card and personal data with many online merchants to enable card-on-file payments.
10. What else could the big card networks do to boost the penetration of Click to Pay?
Card networks already promote Click to Pay adoption worldwide, for instance, by mandating push provisioning for European issuers. In addition, they support PSPs and merchants that want to integrate Click to Pay. However, educating the cardholders is highly recommendable. Once it becomes an end-user demand, merchants will seriously consider its implementation, and it can reach the status of a popular checkout method.