- Created by user-faaa9, last modified by Peter Posse on 31. Mar 2026
Notice on new French regulations for internet payments outside of 3-D Secure.
For internet payments outside of 3-D Secure, the velocity limit is set at 100 euros since 14 October 2024.
This limit will be lowered to:
- 10 euros from 10 April 2025 onwards;
- 1,01 euros from 10 May 2025 onwards; from this date, internet payments outside 3-D Secure, which are strictly higher than 1 euro, will no longer be admitted. This rule does
neither apply to CITs recognized by the issuer as strongly authenticated, (ii) nor to MITs associated to a valid chaining reference, (iii) nor to 0 euro information requests, and (iiii) nor to 0 euro pre-authorizations. - Merchants are invited to check the qualification of their authorization requests ≥1 euro, to make a difference between authorization requests and other use cases (card verification, balance inquiry, preauthorization etc.) because this limit could be lowered down to 0.01 euro form 1 January 2026
Data Elements
| Key | Format | CND | Description | |
|---|---|---|---|---|
| 1 | skipThreeDS | string | O | Indicates whether and under which conditions authentication should be skipped or performed as data share only (dataOnly). By default, all transactions and SCA exemptions will be requested through EMV 3DS if not specified otherwise. Values accepted:
|
| 2 | object | O | Object detailing requested SCA exemptions | |
| 3 | challengePreference | string | C | Indicates the merchant's challenge preference for this transaction during 3DS authentication. Mandatory only after a Soft Decline to re-trigger the transaction with 3DS and challenge mandated. Default value Values accepted:
Note: This parameter is ignored when SCA Exemption requested (threeDSExemption parameter is present). |
threeDSExemption
| Key | Format | CND | Description | |
|---|---|---|---|---|
| 1 | exemptionReason | string | M | Designates the type of SCA exemption (e.g. Acquirer TRA or MIT) to be applied. Values accepted:
Note: Acquirer exemptions and other exemptions may be also requested through an authorization without authentication (i.e. EMV 3DS or EMV 3DS Data Only) depending on scheme specific rules. Note: The exemption |
| 2 | merchantFraudRate | integer | O | Merchant fraud rate in bps taking into account all Merchant sites and card volumes, calculated as per PSD2 RTS Article 19. The merchant fraud rate is optional and has to be calculated by the Acquirer. The submission of this data point might be beneficial to increase the level of confidence of the ACS/issuer into the ongoing transaction. Also, Issuers may use it to decide if a merchant should be eligible for the white listing exemption. |
Schema
BASEURL= https://www.computop-paygate.com/schemas
{
"$schema": "http://json-schema.org/draft-07/schema#",
"$id": "BASEURL/threeDSPolicy.json",
"title": "threeDSPolicy",
"description": "3DS Policy",
"type": "object",
"properties": {
"skipThreeDS": {
"type": "string",
"enum": ["thisTransaction", "outOfScope", "dataOnly"]
},
"threeDSExemption": {
"type": "object",
"properties": {
"exemptionReason": {
"type": "string",
"enum": ["transactionRiskAnalysis", "delegatedAuthority", "lowValue", "trustedBeneficiary", "secureCorporatePayment"]
},
"merchantFraudRate": {
"type": "integer",
"minimum": 1,
"maximum": 99
}
},
"required": ["exemptionReason"],
"additionalProperties": false
},
"challengePreference": {
"type": "string",
"enum": ["noPreference", "noChallenge", "requestChallenge", "mandateChallenge"]
},
},
"additionalProperties": false
}
Sample - SCA exemption request
{
"skipThreeDS": "thisTransaction",
"threeDSExemption": {
"exemptionReason": "transactionRiskAnalysis",
"merchantFraudRate": 4
}
}
Sample - re-trigger after Soft Decline
{
"challengePreference": "mandateChallenge"
}