Liability shift for cards
From the date you're enabled for 3DS authentication, you are no longer liable for certain fraudulent chargebacks when a cardholder denies they made the purchase.
Liability shift rules
The following tables show the general eligibility of transactions for liability shift for both personal and commercial cards. These rules apply to Visa and Mastercard for any region, to American Express for Safekey supported regions, and to JCB for J/Secure supported regions:
3DS Flex response table
|ThreeDSecure Result||Eligible for liability shift?|
|Authentication offered but not used||Y|
Split Authentication response table
|Authentication status||Eligible for liability shift?|
Note: A shopper completing authentication is not a guarantee of liability shift. The card issuer can still downgrade the transaction.
Worldpay legacy MPI response table
|Scenario||MPI Response||Is the transaction eligible for liability shift?||Result (ThreeDSecureResult)|
|3DSecure||Issuer participating||Fully authenticated||PARes = Y||Yes||Cardholder authenticated|
|Attempted authentication||PARes= A||Yes||Authentication offered but not used|
|Authentication failed||PARes = N||No||Authentication Failed|
|Authentication error||PARes = U, VERes = U||Yes|
|Issuer not participating||VERes = N||Yes||Authentication offered but not used|
|Not 3DSecure||Not applicable||No||Ecommerce|
Warning: Exceptions to the rules may exist for certain schemes in certain territories under certain programs. These exceptions may also depend on your integration or services with Worldpay. If Worldpay is your acquirer, contact your Relationship Manager or Customer Support Manager. Otherwise, contact your acquirer.
Chargebacks and liability shift
For Visa, Maestro, Mastercard, JCB and American Express, card protection may be contingent upon you taking reasonable measures to control fraud. If your fraud levels are unreasonably high you may forfeit the benefits of chargeback protection.
Restrictions to our authentication service
These restrictions apply to Visa, Maestro, Mastercard, JCB and American Express:
|Installation or Service type||Reason|
|Corporate Gateway Call Centre (MOTO)||The cardholder isn't able to enter their authentication details.|
|Recurring Payments (PayAsOrder)||Except for the first transaction (or if a cardholder changes their card details and makes an immediate payment), the cardholder isn't present to enter their authentication details.|
|C - level, S - level or A - level service||On these service levels you're using your own acquirer, and so you may need to contact them to enable the service. Service levels are explained in|