Skip to main content
All Collections💰Your transition to our new banking provider AdyenAll about payments
🚥 Validate 3DS payments with our new payment service provider 'Adyen' with VISA cards
🚥 Validate 3DS payments with our new payment service provider 'Adyen' with VISA cards
Updated over a week ago

This article is part of a collection of articles regarding your transition to our new banking provider, Adyen.

If your card is issued by our banking partner Adyen (GBP wallets), 3DS works differently than our other cards.

Indeed, payments will have to be validated using a payment password (displayed in Spendesk – download it here if you haven't installed it already), and a One-Time Password (OTP) received by SMS.

How will this work?

1️⃣ Users with a GBP account will be required to set up a Multi-Factor Authentication (MFA) phone number on their Spendesk account to be able to pay online.

2️⃣ During the first card generation, a payment password will be assigned to their Spendesk account (format=4 capital letters, for example "ERFX").

Where can I find this password?

Several options are available:

  1. You can find this password in the mobile app, in My profile > Security options > Payment passwords and click on Reveal password.

  2. From the Physical card details page.

  3. From any Virtual card details page.

3️⃣ The payment password will be the same for all Adyen VISA cards (even on multiple companies) for a same user.

4️⃣ When initiating an online payment, if 3DS is triggered by the merchant, a typical ACS webpage will appear, asking the user to enter:

  • an OTP code, that they receive on their registered MFA phone number.

  • The payment password (4 letters) that they remember, or can ask to see again directly from Spendesk

When both are correct, the payment is authorized 🎉

What is strong authentication and what is it used for?

Strong authentication involves the confirmation of at least two authentication factors of different categories from the following three:

i) possession (a key, a cell phone, etc.);

ii) knowledge (a password) and

iii) inherence (a fingerprint).

In the vast majority of cases, strong authentication involves opening the user's online banking mobile application and entering a password (or checking the fingerprint) on a phone previously registered by the account-holding institution.

This method replaces sending an SMS to the cell phone, which fulfills only one of the two criteria if it is not combined with password confirmation.

Source ( 🇫🇷 )

Screenshots (Mobile)

Display payment password from any virtual card page

Display payment password from physical card page

Display payment password from security settings

Payment password detail

Screenshots (desktop)

Display payment password from any virtual card page


Display payment password from physical card page

Payment password detail (when opened for the first time, when password is created)

Payment password detail

(when opened for the second time & more, redirecting to mobile for now)


Did this answer your question?