• France
Merchant Back Office
assistance
FAQContact support
Search
Categories
Tags
English
French
English
Homepage
Use cases
Create a payment
Create an installment payment
Create a payment by Alias (Token)
Create a payment link
Create a recurring payment
Manage subscriptions
Manage your transactions (refund, cancel...)
Analyze your reports
API docs
Embedded Form
REST API
Hosted payment
Mobile payment
File exchange
Snippets
Payment methods
Plugins
Guides
Merchant Back Office
Functional guides

Presentation

OSB has its own cardholder authentication solution for securing online payments.

This solution applies to payments by OSB proprietary cards when they are registered in the OSB directory (Directory Server or DS).

Cardholder authentication takes place in 3 steps:

  1. When cardholder authentication is required, the payment gateway checks with OSB whether the card is enrolled.
  2. OSB selects one of the three modes of authentication.

    1. OTP by SMS:

      OSB sends the cardholder an SMS containing a temporary security code (OTP - One Time Password) that is valid for (5) minutes.

      The cardholder enters the code on the authentication page.

    2. OTP by SCA (Strong Customer Authentication):

      The cardholder enters two codes on the authentication page:
      • 1: a temporary code;
        • OSB sends the cardholder an SMS containing a temporary security code (OTP - One Time Password) that is valid for (5) minutes.
      • 2: a permanent code.
        • This security code is transmitted by the cardholder’s bank.

    3. OOB via the banking application 

      OSB sends a notification to the cardholder via their banking app.

      The authentication page is waiting for this notification to be validated.

  3. Once the cardholder has authenticated him or herself, the payment gateway proceeds to the authorization request. If the authentication is invalid (expired session, incorrect data, etc.), the payment is refused.
© 2025 {'|'} All rights reserved to PayZen by OSB
25.22-1.11