Credit Card Payment Process

When a credit card purchase is made on a website that utilizes a 3D Secure payment processor, the following processes and steps typically occur:

Customer initiates the purchase: The customer selects the desired products or services on the website and proceeds to the checkout page.

Payment details entered: The customer enters their credit card information, including the card number, expiration date, and CVV code, on the website's payment page.

Authorization request: The card issuer generates an authorization request with a unique authorisation code.

Authentication result verification: The payment processor receives the authorization request from the card issuer and verifies the authentication result. If the result indicates successful authentication, the payment processor proceeds to the next step.

Payment authorization: The payment processor sends an authorization request to the card issuer to ensure that the customer's credit card has sufficient funds and to confirm that the transaction can proceed.

Response and transaction completion: The card issuer responds to the authorization request with either an approval or decline message. If the transaction is approved, the payment processor notifies the website, and the second stage of verification commences. If the transaction is declined, the customer may be asked to try another payment method or contact their card issuer for further assistance.

Address/Postcode Verification: After payment authorisation is obtained - depending on the conditions set by the retailer in their payment gateway, Address/Postcode verification will be performed and again the transaction optionally declined depending on the sellers rules. 

3D Secure authentication: Once authorisation and address checks are completed the website's payment processor initiates the 3D Secure authentication process. This process adds an additional layer of security to the transaction by verifying the cardholder's identity. 

3D Redirect to the card issuer's website: The customer is redirected to the website of the card issuer (such as their bank) to complete the authentication process. This step ensures that the cardholder's identity is confirmed by the entity that issued the credit card. This can be a text message to the mobile with a OTP (one touch password), email link or a confirmation in the card-holders mobile banking app. Sometimes this step can fail on websites where the bank fails to respond quickly enough to the website request or gives an invalid response.

How your card can end up being blocked: After an authorisation, the funds are ring-fenced against the card at the earliest stage of this whole process - and await the settlement claim at the end of the day. However, after authorisation and the address & 3D secure tests are performed - if either fails, the funds will remain ring-fenced but never claimed  - as the seller voids the settlement claim in their own systems. But, there is no mechanism to feed back to the bank that the settlement claim will never be made. As a result, if you make repeated attempts at purchasing, obtain successful authorisations, but repeatedly fail address verification and/or 3D you will end up blocking your card from further transactions if the sum of your failed attempts reaches your credit limit. Only after around 3 days when the ring-fenced funds are not claimed by the settlement process will they drop off your card and restore the credit limit.  There is currently no mechanism for retailers to communicate back to card issuers that a settlement claim has been voided. Some people phone their bank who tells them they have been charged several times by a retailer - when in fact multiple authorisations have been issued but the bank does not know that they will never be claimed. This often leads to confusion.

Payment settlement: At the end of the day or a specified settlement period, the payment processor initiates the settlement process to transfer the funds from the customer's credit card account to the merchant's account.

It's important to note that the exact steps and processes may vary slightly depending on the specific payment processor, card issuer, and the implementation of 3D Secure by the website. However, the overall flow typically follows this general sequence of events to ensure a secure and authenticated credit card transaction.