DoughnutANZ
Ka whati te tai ka kai te tōreapango
- Time of past OR future Camino
- 2019, 2023, 2024, 2025, 2026, 2027 & 2028.
In a recent thread @Kathar1na highlighted that some websites that are typically used by Pilgrims only accept online payments via the Verified by Visa program. She suggested (and this was not meant to be a complete list) that RENFE (Spanish Railways) and the Roncesvalles albergue are two of these sites. She also suggested that the Verified by Visa system is currently widely used across Europe. It seems that it may be less widely used across North America and so North American pilgrims may not be used to it.
In the most common situation the Verified by Visa scheme monitors usage of your credit card online and triggers a secondary verification process if it thinks that there is unusual usage of your credit card. This can be, for example, using the card in a foreign (to you and your financial institute [FI]) country or an unusually large amount or some other undisclosed activities.
In addition, it appears that some online web sites (e.g. RENF and Roncesvalles) can mandate that the secondary verification process is always used.
The secondary verification process can be conducted in a number of different ways. The way that it is conducted for your credit card is stipulated by the FI that issued your credit card, typically (but not always) your bank.
There are a number of ways that the secondary verification process can be manifested. My only experience of it to-date has been with one of my debit cards from one of my banks and in this case the process happens online, embedded within the buying activity. An inline frame (second screen) opens up within the purchase screen that is from my bank and this screen asks me to supply an answer to a previously logged question. If I answer correctly then the transaction proceeds and I get to buy the good or service that I set out to buy but if I don’t answer correctly then my debit card is declined.
My understanding (incomplete) is that there are at least three other ways that can be used to verify that you are using your credit/debit card (and not some thief) and they are A) asking for a biometric (finger/thumb print or face scan); B) sending you a SMS txt message to the phone number that you have registered with your financial institution; C) usage of a "security token" (a discussion for another time).
Option B, SMS message is the one that could potentially cause pilgrims problems. It was suggested (unverified) on another thread that North American FI's have a tendency to use the SMS message verification process and so this seems particularly applicable to North American pilgrims but also applies to anyone.
Some pilgrims deliberately choose not to bring their phone with them when they are on pilgrimage. This is a perfectly valid choice. However if they subsequently use a borrowed or public access computer to make an online reservation or purchase while on pilgrimage then they may find that in some cases they are unable to use their credit/debit card.
Other pilgrims bring their phone with them but choose to replace their home SIM card with a Spanish (or other European) SIM card while they are on pilgrimage to provide internet access at cheaper (than roaming) rates. These pilgrims may well encounter problems.
Those pilgrims that choose to bring their home phone and use their normal SIM card will not have these issues but they may well find that this process means that they will incur reasonably expensive roaming charges and they will need to remember to turn on roaming in their phone.
Okay, what can other pilgrims do?
A general description of the process behind the Verified by Visa scheme and some criticism of it can be found at https://en.wikipedia.org/wiki/3-D_Secure
In the most common situation the Verified by Visa scheme monitors usage of your credit card online and triggers a secondary verification process if it thinks that there is unusual usage of your credit card. This can be, for example, using the card in a foreign (to you and your financial institute [FI]) country or an unusually large amount or some other undisclosed activities.
In addition, it appears that some online web sites (e.g. RENF and Roncesvalles) can mandate that the secondary verification process is always used.
The secondary verification process can be conducted in a number of different ways. The way that it is conducted for your credit card is stipulated by the FI that issued your credit card, typically (but not always) your bank.
There are a number of ways that the secondary verification process can be manifested. My only experience of it to-date has been with one of my debit cards from one of my banks and in this case the process happens online, embedded within the buying activity. An inline frame (second screen) opens up within the purchase screen that is from my bank and this screen asks me to supply an answer to a previously logged question. If I answer correctly then the transaction proceeds and I get to buy the good or service that I set out to buy but if I don’t answer correctly then my debit card is declined.
My understanding (incomplete) is that there are at least three other ways that can be used to verify that you are using your credit/debit card (and not some thief) and they are A) asking for a biometric (finger/thumb print or face scan); B) sending you a SMS txt message to the phone number that you have registered with your financial institution; C) usage of a "security token" (a discussion for another time).
Option B, SMS message is the one that could potentially cause pilgrims problems. It was suggested (unverified) on another thread that North American FI's have a tendency to use the SMS message verification process and so this seems particularly applicable to North American pilgrims but also applies to anyone.
Some pilgrims deliberately choose not to bring their phone with them when they are on pilgrimage. This is a perfectly valid choice. However if they subsequently use a borrowed or public access computer to make an online reservation or purchase while on pilgrimage then they may find that in some cases they are unable to use their credit/debit card.
Other pilgrims bring their phone with them but choose to replace their home SIM card with a Spanish (or other European) SIM card while they are on pilgrimage to provide internet access at cheaper (than roaming) rates. These pilgrims may well encounter problems.
Those pilgrims that choose to bring their home phone and use their normal SIM card will not have these issues but they may well find that this process means that they will incur reasonably expensive roaming charges and they will need to remember to turn on roaming in their phone.
Okay, what can other pilgrims do?
- If you own a reasonably modern smart phone that has a dual SIM capability then you can use both your home SIM for SMS verification and a cheap to use Spanish SIM at the same time. I will, if I get time, do another post on dual SIM phones.
- Buy a cheap burner phone when you get to Spain and (ideally) install your home SIM card on this phone and the Spanish SIM card on your smart phone or vici verco (if you prefer). Again enabling both SMS verifications to your usual phone number and your in-Spain activity to go ahead.
- Ask your FI to switch the secondary verification process (for you) to one of the non-SMS options. It is apparent from a quick search that at least some FI's in North America offer this option. This is certainly available outside of North America.
- Log a second phone number belonging to a trusted person inside your home country with your FI and ask that trusted person to vigilantly watch for texts from your FI and to forward them to your Spanish phone number. This option is obviously awkward for most people and is fraught with opportunities for something to go amiss especially as the secondary verification process is time-bound and there are time differences between your home country and Spain. However, it may work for some especially when pre-arranged.
- Leave a cheap phone at home with your home SIM card in it and automatically forward SMS messages to your Spanish number. On the surface this looks like a reasonable choice but there are complications such as keeping your home phone constantly charged (hopefully no one borrows your charger while you are away) and in setting up the forwarding to a Spanish phone number that you won't know until you are in Spain! In my opinion, this option is the worst way to implement option 2.
- Log your Spanish phone number with your FI once you get to Spain so that the verification messages are sent to your Spanish phone number. If you are leaning towards this option then before leaving home check that your FI will be happy to send those verification messages to an out of country number. There has been some suggestion that not all companies will allow this.
- Create a virtual phone number that allows you to access SMS messages using a browser before you leave home and set that up as the phone number to receive the verification messages. In this case, also, check that your FI will allow this and if given a choice, use a “long” 10 digit number for your virtual phone number not a short (code) number.
- Resign yourself to not being able to use your credit/debit card online on the sites that use this service.
- Any other option that any other person can suggest.
A general description of the process behind the Verified by Visa scheme and some criticism of it can be found at https://en.wikipedia.org/wiki/3-D_Secure
Last edited: