Payment process
- The buyer validates their cart and chooses their payment method on the merchant site which redirects them to the payment page.
- The gateway displays the card detail entry page.
- The buyer enters their card data and confirms the entry. The payment server proceeds to cardholder authentication.
If the card is not enrolled or if an error occurs during the enrollment verification, the payment is refused. Otherwise, the payment gateway displays the authentication page in a modal window.
OSB selects 1 of the 3 modes of authentication.
- By SMS
OSB sends the cardholder an SMS containing a temporary security code (OTP - One Time Password) that is valid for (5) minutes.
The cardholder enters the code on the authentication page.
- By SCA (Strong Customer Authentication)The cardholder enters two codes on the authentication page:
- 1: a temporary code;
- OSB sends the cardholder an SMS containing a temporary security code (OTP - One Time Password) that is valid for (5) minutes.
- 2: a permanent code.
- This security code is transmitted by the cardholder’s bank.
- 1: a temporary code;
- By OOB (Mobile application)
OSB sends a notification to the cardholder via their banking app.
The authentication page is waiting for this notification to be validated.
- By SMS
- If authentication is valid, the payment gateway submits the authorization request to the acquirer. If the authentication is invalid (expired session, incorrect data, ...), the payment is refused.
- The payment gateway notifies the merchant website about the payment result.
- In case of success, the payment gateway displays the summary page with the transaction details.