Offer Maestro payments? Have you Implemented SecureCode yet? If not you could be fined $25k pcm

Several of my clients have hit a problem with their web developers or payment providers over the new Maestro SecureCode system.

The problem? That the payment providers have not yet implemented the new SecureCode system which went live on July 1st. Failure to use SecureCode by the end of July when MasterCard are auditing could result in a fine of $25k per month.


So what is SecureCode?

To quote from the MasterCard website:

“MasterCard SecureCode is initiated on a retailer’s website and interacts with both the cardholder and their card issuer. When your customer comes to pay, a pop-up window appears asking them to enter a unique, personal code that has been registered with their bank. The bank then authenticates the cardholder performing the transaction and provides the electronic retailer explicit evidence of the online purchase.”
http://www.mastercard.com/uk/merchant/en/security/what_can_do/SecureCode/faq.html


And what's the problem?

When a client emailed their bank to find out then this had happened and whether they needed to comply they received the following reply:

“As of 30 June all merchants should be compliant with MasterCard's mandate that all Maestro transactions are required to be passed through MasterCard SecureCode authentication. And that MasterCard will be doing a full audit in July to identify any Merchants that are not compliant. Please see below extract from a recent memo.

Any non-compliant merchant identified as a result of the July audit will now be subject to scheme fines of up to $25,000 per month until compliance is reached. These fines will be backdated until the 1st July 2009. The forthcoming audit results will be shared with your Cards Processor as soon as possible and merchants who have not achieved compliance will either be fined or asked to remove Maestro from their websites.

MasterCard have assured us that their will be no exceptions to this process and that no further extensions are negotiable.”


So what should you do?

If you offer MasterCard/Maestro payment options I would strongly recommend that you find out from finance and /or your payment provider if they have implemented MasterCard SecureCode.

If not, get it implemented ASAP, and consider removing the MasterCard/Maestro option from your website until it is sorted out.