Secure Trading believes the liability shift to be as follows:

* Important note: If the brand is Visa and enrolled or status is returned as a “U” (Unknown), it means that the merchant is not covered by the 3-D Secure scheme. In this case the merchant is still liable for any fraudulent transactions.
** Important note: There are some cases where the liability is not covered by the card issuer; for example some commercial cards under both brands. For more information please contact your acquirer.
*** Important note: In this case it is strongly recommended that the transaction does not proceed. This means the password entered did not match.

This is a high level overview of the liability shift. Please bear in mind we facilitate the process; we do not create or enforce the rules. If you are unsure of any transaction status that you may see, we would recommend that you contact your acquirer.

We recommend allowing your customers to correct any invalid data they enter if you receive this error. This means the transaction will be processed with valid data instead of storing invalid data which isn’t of use to anyone. However, if you do not wish to validate an optional field then it may be omitted in the request to Secure Trading (either by not including the XML tags or leaving the value blank).

Either the password or username is wrong in the request, or you may be using a username that has not been setup for use with Web Services (EG: your Site Admin username). Please contact support and we can create a specific username for use with Web Services.

Please ensure that the “alias” you pass in the XML request is your Web Services username, rather than the Site Reference of your account.