Guys I need your help ASAP and it may affect quite a few on here.
Please do NOT make this discussion about Brexit or EU Rules but kindly stick to PSD2 ONLY.
PSD2 states that ALL card payments (credit or debit) have to have two step authentication to prevent fraud and money laundering within Europe and Including UK even after “Brexit” to accept payment on any card - debit or credit after deadline. PayPal have stated quite clearly that without this they WILL NOT accept any card payments.
I use @Cartloom and have done for many years, I wish to continue using them going forward, however I have a problem and I am working with them as they are BRILLIANT and always been of great help to me.
I have a successful e-commerce business and I accept PayPal and Card payments, to make my life easier I chose PayPal as my merchant banker so I only needed one set up and they (PayPal) sent me the below over two months ago.
As a business accepting card payments, your online checkout will need to be upgraded to comply with PSD2, a new European Union directive that requires Strong Customer Authentication (SCA). The directive applies from 14 September 2019, but card issuers are working towards SCA by April so that their systems are fully operational by the deadline.
Cartloom and now come back to me yesterday and say they most probably won’t have the API integrated by deadline so I now have a business decision to make. They hope to have Stripe integration but don’t have that at present.
I am therefore asking for your advice please:
Do you use Cartloom and who is your merchant banker?
Have you checked with Cartloom to see whether they are integrated?
If you do not use Cartloom what do you use and are they accredited in your software you use?
What is the best non Cartloom programme you have integrated into RW?
My dilemma now is I am going to have to change my site to have a merchant banker and PayPal as I accept both methods of payment. Stripe does not integrate with PayPal - Is this correct?
This affects ALL people who accept card payments to sell in Europe and UK irrespective of where they are based e.g. USA so its a collective problem and that’s why as always I know someone out there will have an answer that can help.
I’ve never used Cartloom so I cannot comment on that, but I am wondering why you cannot use a billing company that is compliant with the various regulations and handles all of this for you?
Companies like Fastspring, Ecwid or Stripe will almost certain make sure their systems are compliant at the right time and you just add the line of code for the shopping cart. Fastspring’s setup is a bit fiddly, but extremely capable and I built a site last year using Gumroad that was dead easy to integrate. All of these will no doubt handle PayPal, credit cards and other payments methods.
In the case of Fastspring they take care of the EU VAT and GDPR as well at the cart stage. Leaving politics aside, going through Fastspring is a bit more expensive than when I used PayPal, but it saves a huge amount of time and stress complying with this never ending stream of bureaucratic hurdles. It is proving ever more difficult to make online sales with these restrictions and far too burdensome for the small seller to manage.
@ashleykaryl Thanks for your response. PayPal is my merchant and does cards and PayPal payments no problem and its is PSD2 compliant. I can only say that the ones you mention that Stripe is NOT at present and the API for making it to developers is not done and is expected end of July. Cartloom is my shop and all my SKU’s are listed here and its worked no problem for years and still does. However it is not compliant with any merchants yet! The problem seems to be the merchants are holding back and until the developers get the API from them to programme into their carts then everyone who uses RW to sell in UK and Europe will see their payments stop in September which is NOT good for business.
I gave up on PayPal long ago, because they couldn’t handle the EU VAT adequately and moved to Fastspring. I wouldn’t be surprised if these billing companies are deliberately withholding the API at this stage, but that’s just a guess.
In a sense what you are saying makes my initial point more valid in choosing a suitable billing company that removes the reliance on plugins. I would fire off emails to the likes of Fastspring and alternatives to see if they are ready. I don’t know what what you are selling and I haven’t used them for years, but it may be worth looking at e-junkie. The last time I looked at Paddle it seemed very focussed on software.
First we had the cookie law, then EU VAT and GDPR; now this as well. It seems clear to me the bureaucrats are intent on making everything as difficult as possible for small online sellers. Realistically, you either need to go through a billing company that keeps on top of these things or rely on platforms like Amazon.
@ashleykaryl thanks for your response. This law has been around in a similar guise within UK for a few years. If you take out any credit or deal with HMRC for first time e.g, new employee, you have had to provide pictorial evidence and address proof. This is to stop money laundering and now applies to online sales too.
I distribute and sell disabled and preventative DVT devices and I would never sell them on Amazon myself as markup is just ripping people off. I give best price direct from website. Please look at compression.solutions site for an idea of what I do.
As I do my own RW websites I have always used Cartloom for shop and PayPal as merchant. I have used this combination for years and never had a problem so that’s why I don’t really want to change.
Cheers
Paul
OK I hope you find a suitable solution. When you go through a billing company the customer is buying from them, rather than you. They are basically resellers and that’s why the terms of business are effectively determined by the billing company for both you and the end buyer.
It is also the responsibility of the billing company to maintain legal compliance with the various regulations around the world.
I’m wondering what the latest is on the SCA and if and what RW stacks have been updated to meet the requirements.
I have been advised by Stripe that the stack I’m using Checkout by Micheal at Yuzool @yuzoolthemes needs to be updated to integrate with Stripe’s "PaymentIntents API” ??
They (Stripe) are saying nothing needs to be done within my Stripe account itself…it is all about the add-ons/plugins/stacks and “ensuring they have been updated to integrate with Stripe’s ‘PaymentIntents API’”
I am getting emails from Stripe advising;
"Our information shows your business will be impacted by SCA, and that you still need to make changes to your Stripe integration to get ready for these new requirements. As this change may require additional software development."
I am using Yuzool’s Checkout v 1.0.7 as my payment gateway to Stripe.
Payments are not subscription only one-off fixed amount payments.
Any advise and your experiences would be greatly appreciated.
My limited understanding thus far is that is a stack uses Stripes own API, it’s all good. I think an indication of this is that you get the standard stripe pop-up at checkout. I think.
If it doesn’t, and perhaps uses it’s own “home-made” API, then it needs to be updated.
I use Cart2 from Yuzool for a few sites, PHP Jabbers on a lot and RCP on now only one or two (maybe three).
I’m yet to put real time into understanding what is required, I’ve ear-marked next week for that. I think I will need to get my PHP jabber stuff updated (more $$$!), the RCP boys say RCP is good to go (not tested yet) and Micheal has gone quiet. But that’s not unusual for him, he’s a busy bunny in real life now I understand. He was one of the only devs to pay attention to this news when it first became a topic, so that might count for something?
Either way, I’d suggest it’s prudent to source an alternative that either is already ready, or is openly being made ready.
Once I’ve done the reading, talking and digging next week and have a better understanding of what is going on, I’ll post again. If anyone else is better informed now, let’s hear it!
@scottf As per original post and updates. you are using stripe via a third party currently - Yuzool, therefore Michael does need to change his API to comply - he did state he was doing this but I have no update. If you go direct to Stripe and not through a third party then thats OK you do not need to do anything as they are compliant.
Remember this only applies to payments made in UK and Europe currently.
I use PayPal currently but indirectly through Cartloom and I just have to tick a box on Cartloom and all is done as it will be then direct and not through a third party.
I highlighted this a few months ago really just as a warning to developers to help mere mortals like me. To date I have not heard from any who have made change - please accept my apologies if you have but please let us all know so we can look at making an informed change if required.
Summary Direct to merchant OK if they are compliant, indirect through third party stack - need API updating by developer.
I Hope this helps? Paul
I agree and thought exactly what you have said…the stacks devs @yuzoolthemes need to update their stacks to integrate with Stripe’s PaymentIntents API.
Hope fully we will hear something from Michael regarding Checkout stack soon.
As Steve said, I might need to source an alternative that either is already ready, or is openly being made ready and stop using Yuzool Checkout, which will be a shame as it was quite a good easy payment option but if that is not going to be usable anymore then it’s time to move on.
Any suggestions of another simple payment stack that will be SCA compliant??
Roberto has said RapidCart Pro has been updated…but I don’t know a way to test this until 14 September when SCA is introduced…so not totally confident.
Thanks and I will stay in touch if I hear anything.
That’s interesting. I wonder if we can find out from him what needed to be changed? If would help move the rest of the community along a good bit. Is he on this forum?
@steveb, @scottf I assume as there was no further update then to date (my knowledge only - so apologies if you have) there are currently no developers stated on this forum that they are compliant within RW.
Obviously direct there are lots who have said they are e.g. PayPal, Stripe etc. but I ma interested in finding one that is within RW as a stack.
Thanks to you all - just over a month to go - we wait and see!
Paul