We have received reports that customers who pay via credit or debit card cannot proceed after getting to the page that asks for the one-time password (OTP). This may happen before the OTP is sent to the customer or after the OTP is inputted.

It may look something like this:

These errors often appear as Internal Server Error.

We have determined that this is an Access Control Server (ACS) issue. ACS is what creates and loads the 3D Secure page of the issuing banks. After confirming their details, your customer was supposed to be led to a separate page to input their one-time PIN to be able to authenticate the transaction.

We can confirm that this is an issue on the card issuer's side, as we only load the OTP pages that the issuing banks provide. This means that their authentication/3D Secure page is down at the moment due to many possible reasons, including server overload/timeout on the issuing bank side. The possible resolutions are for the customer to: