One post tagged with "security"

Release v1.18

May 13, 2026 · 4 min read

Eugenio

Staff Engineer

Overview

BoatyBall v1.18.0 introduces a major upgrade to the payment processing system with full support for 3D Secure (3DS) authentication. This release focuses on improving transaction security, increasing payment success rates for modern card issuers, and aligning the platform with updated banking compliance requirements for strong customer authentication (SCA).

The update strengthens trust in the payment flow while ensuring a smoother checkout experience for users whose banks require additional verification steps.

New Features

3D Secure (3DS) Payment Support

The core feature of this release is the implementation of support for credit and debit cards using active 3D Secure authentication.

Key capabilities include:

Full support for 3D Secure 1 and 3D Secure 2 authentication flows (where supported by issuing banks).
Seamless redirection to issuer authentication pages when required.
Automatic handling of frictionless authentication flows when risk is low.
Improved compatibility with modern card issuers enforcing Strong Customer Authentication (SCA).

Enhanced Payment Flow Handling

The payment system has been updated to better manage multi-step authentication scenarios:

Persistent payment session state during authentication redirects.
Improved recovery handling if authentication is interrupted or canceled.
Clear status tracking for payment states:
- Pending authentication
- Authentication required
- Payment authorized
- Payment failed
- Payment completed

Improved Transaction Reliability

Backend payment services have been enhanced to:

Reduce failed payment transactions caused by timeout during authentication.
Improve synchronization between payment gateway callbacks and internal booking confirmation.
Ensure consistent reservation state after payment completion.

Security Improvements

Strong Customer Authentication Compliance

This release ensures compliance with modern banking requirements:

Enforced support for SCA where required by issuing banks.
Secure handling of authentication tokens during redirect flows.
Improved validation of payment callback signatures.

Fraud and Risk Handling Enhancements

Better detection of incomplete authentication attempts.
Reduced risk of unauthorized reservation confirmations.
Improved validation of payment completion before mooring allocation finalization.

User Experience Improvements

Smarter Checkout Flow

Reduced confusion during payment authentication steps.
Clearer messaging when users are redirected for bank verification.
Improved return flow after authentication completion.

Failure Handling Improvements

Users are now properly informed when:
- Authentication is declined by the bank
- The authentication session expires
- The payment requires retry
No more ambiguous or stuck payment states in the UI.

Backend Improvements

Payment Gateway Integration Updates

Updated handling of 3DS callback responses.
Improved idempotency for repeated payment confirmation requests.
Enhanced logging for payment lifecycle tracing.

Reservation State Integrity

Reservations are only confirmed after successful payment authorization.
Prevents edge cases where reservations could be held without valid payment confirmation.
Improved synchronization between payment and reservation services.

Fixed Issues

Payment Flow Stability

Resolved edge cases where users could remain stuck in a pending payment state after authentication.
Fixed inconsistencies where payment success was not properly reflected in reservation status.
Improved handling of interrupted 3DS authentication flows.

Session and Redirect Handling

Fixed issues where returning from bank authentication could result in lost session state.
Improved reliability of redirect URLs across different browsers and devices.

Quality Assurance

All payment flow changes have been validated through:

UAT testing across supported browsers and devices
Simulated 3D Secure authentication scenarios
Production-like load testing for payment confirmation flows
Regression testing of reservation creation and confirmation workflows

Summary

BoatyBall v1.18.0 significantly strengthens the platform’s payment infrastructure by introducing full 3D Secure support. This update improves compliance with modern banking standards, enhances transaction security, and provides a more reliable and predictable checkout experience for users worldwide.

!title: Release v1.18.0 - 3D Secure Payments Enhancement !tags: payments, 3d-secure, security, backend, checkout, reservations, compliance !release_date: 2026-05-13 !description: Introduces full 3D Secure (3DS) payment support for credit and debit cards, improves authentication handling, strengthens payment reliability, and enhances compliance with modern Strong Customer Authentication (SCA) requirements.

Overview​

New Features​

3D Secure (3DS) Payment Support​

Enhanced Payment Flow Handling​

Improved Transaction Reliability​

Security Improvements​

Strong Customer Authentication Compliance​

Fraud and Risk Handling Enhancements​

User Experience Improvements​

Smarter Checkout Flow​

Failure Handling Improvements​

Backend Improvements​

Payment Gateway Integration Updates​

Reservation State Integrity​

Fixed Issues​

Payment Flow Stability​

Session and Redirect Handling​

Quality Assurance​

Summary​