I understand what you’re saying. But I’ve seen many int websites whose payment goes through OTP authentication. I think it depends on payment gateway ie. if It’s 3D secure or 2D secure.
@Vipul_Mehta Can you confirm if this can be disabled from bank end ? If user gets option to enable/disable those transactions it’ll be great.
You are supposed to gone you are asking about how to close community account what happens?
This is a gateway feature wherein international PG request whether they want it to be authenticated txn or not
It cannot be done user wise. Either whole base is deactivated or not
Yes so it’s possible you can get in touch with them to enable OTP step if they agree?
Most probably your first charge was for card verification and as it wasn’t an actual transaction it went through.
I don’t see how authentication without otp is a bug and not a feature.
A lot of banks implement this otp auth and because of that, all recurring charges like Netflix. iTunes etc will simply fail to go through and require a manual intervention which is very annoying.
The simple way to secure it is to limit the transaction amount to let’s say 2k.
The way this “insecure” system works in US is that the onus for fraud detection lies with the bank, and you can get fraudulent charges reversed no question asked.
One amazing way this could be handled is virtual cards like this https://privacy.com/
The best way to implement would be ask OTP for the first time, and consider that as mandate for recurring charges, though not sure about the technical and regulatory issues @Jiten
That is not true. Recurring subscriptions work without any issues. You only have to authenticate for recurring payments the first time and not everytime.
That’s how e-mandate works. In other words NACH Payments.
Check out Razorpay Subscriptions.
Zoho Subscriptions also mention the same thing that you will have to authenticate for recurring payments the first time.
My experience says otherwise. Transactions in some banks do fail in recurring setting. IE gsuite!
Hi Mahendra,
The option to enable/disable OTP specific international transactions is not possible.
If the merchant receiving the funds has not enabled the OTP route, the transactions will go through without OTP. Hence, the onus on merchant in case of any fraud.
Since, the bank has no visibility on the merchant’s side…it cannot be provided as a user specific setting.