Intermittently declined transactions (POS)

Since about 1-2 weeks some transactions get randomly declined when paying in shops (usually using physical card but also using google pay).

The rejection of transaction happens quite randomly (I think, though one shop may be little bit more prone to exhibit it). Retrying the transaction in the same place also results in rejection. Even though paying a moment earlier at different place works just fine.

I wrote to Curve support and got information that the transaction was rejected by bank with “Do not honour” which usually means that bank risk engine likely kicked in and blocked transaction. I contacted the bank and got information that the transaction was blocked because Curve doesn’t support latest 3D Secure 2.0 – even though this is POS transaction and not Internet one [1])… I wrote again to Curve and Angelica responded that actually transaction was declined with “Insufficient funds” message which could mean insufficient funds but typically means the bank is blocking transaction (so, again - risk management).

The thing is, it happens randomly, even for low amounts (even for successive transactions for about same amount in shops next by). And if it gets declined paying either using google pay (and the bank card in their) or directly with the bank’s card works just fine, so it looks like only Curve interface is somehow triggering the issue. It’s getting quite annoying and irritating.

[1] Bank message:

nie udało się Panu zapłacić kartą przez internet, ponieważ odbiorca płatności nie dostosował się do wymogów zabezpieczeń w ramach tzw. usługi 3D Secure. Jest to usługa, która dodatkowo zabezpiecza płatności kartą przez internet. Jeśli odbiorca płatności nie dostosuje się do najwyższych standardów bezpieczeństwa, które stosuje nasz bank (tzw. usługa 3D Secure 2.0 - Mastercard Identity Check lub Visa Secure), niestety nie będzie Pan mógł w tym punkcie płacić kartą przez internet.

OK, after a long call with my bank they say that for some transactions they require “Strong authentication” (i.e. 3D secure, even tho they are in POS) and supposedly it’s not triggered by the “risk management” (no information in the system)… how does Curve handle the situation where “strong auth” request is received from the bank?

Your bank should be aware that Curve handles 3DS authentication on its side.

How come it “should be aware”? Does Curve signal it somehow?

Yes, it does. I’m using Curve with several different 3DS supported cards and never had such issue.

1 Like

OK, awesome but! And this is big BUT - those payments are made in the physical shop, NOT online. Thus, the whole debacle with 3D secure confuses me AF because it applies to online shopping to the best of my knowledge… (even from your link: “3D Secure (3DS) is a tool for online transactions that asks you to authenticate”

1 Like

It’s definitely an issue of your bank.

Article 13

Trusted beneficiaries

2. Payment service providers shall be allowed not to apply strong customer authentication, subject to compliance with the general authentication requirements, where the payer initiates a payment transaction and the payee is included in a list of trusted beneficiaries previously created by the payer.

If your bank cannot (or don’t want to) acknowledge Curve’s 3DS, ask them to put Curve to your whitelist. They must do it according to the above law.

To answer your question: your bank should let Curve to handle or decide about 3DS regardless the type of the transaction.