Originally Posted by
der_saeufer
Find a new card issuer, preferably one whose implementation of VbV or Securecode allows you to approve transactions in their app.
It sounds like B of A is using a similar VbV implementation to Chase, where if it can't approve the transaction on its own it declines and makes you call in and then try again. Except that trying again sometimes trips the merchant's or processor's fraud protection and gets a decline from their end.
FYI, Visa's rebranding VbV to "Visa Secure". There are also two separate versions (corresponding to 3D Secure 1.0 and 2.0); I suspect any future implementation by US issuers will be solely 2.0.
Also, per 10.16.2.4 of the
Visa rules, it sounds like Visa will do "stand-in" processing for those issuers that don't support it:
An Issuer that participates in Visa Secure must:
...
* Verify the CAVV. If the CAVV is not verified during Authorization by the Issuer or by Visa, the CAVV is assumed to be valid.
* In the US Region: Provide Visa with its CAVV keys for Stand-In-Processing
For a 3-D Secure 1.0 Authentication Request, if an Issuer does not support Visa Secure, Visa will respond to an Authentication Request, on behalf of the Issuer, with an Attempt Response that contains a CAVV.
Effective 12 April 2019 for the Europe Region
Effective 15 August 2019 for the Canada Region, LAC Region, US Region
Effective 18 April 2020 for the AP Region, CEMEA Region
For a 3-D Secure 2.0 Authentication Request, if an Issuer does not support Visa Secure, Visa will respond to an Authentication Request, on behalf of the Issuer, with an Attempt Response that contains a CAVV
That all said, though, if the behavior people are seeing is already due to said "stand-in" processing, I'm not sure it'll be much different with 2.0. Then again, maybe there'll be more encouragement to get it working properly now that the EU is effectively mandating 3D Secure.