Have you recently received an email from us with the subject line "Confirm payment for your subscription"? Let's help you understand what this means and what steps you need to take:
Why Did I Receive This Email?
This email is sent when we try to charge your card for a recurring order from AATU, but your bank has declined the automatic charge.
Your bank requires you to complete additional authentication to confirm the charge as an extra security measure, and unfortunately, we are prevented from processing your order until this step has been completed.
What Should I Do?
Within the email, you'll find a button labelled "Confirm payment information." Clicking this leads you to a page where you'll need to enter additional information to authorise the charge. This might include a code sent to you via text message or answering security questions.
Once you complete this step, your card will be charged, and your order will be processed swiftly.
What If I Encounter an Error?
If you click the button and receive an error stating, "Your payment information couldn't be confirmed," it's likely that the link in the email has expired.
Check your email, including your 'junk' or 'spam' folders, for a more recent email from us with a new link. If you can't find one, please contact us for assistance.
An example of this error can be seen below:
How Can I Avoid This Issue in the Future?
This process is triggered by your bank, not us, so we have limited control over it.
If this happens often, you might want to discuss with your bank how to facilitate automatic charges for future orders.
Why Don't I Experience This With Other Subscriptions?
You might wonder why you're encountering this authentication step with AATU, but not with other subscriptions. Here's what makes this situation unique:
Exemptions Vary: While all payments are subject to Strong Customer Authentication (SCA) requirements, there are exemptions. However, these exemptions depend on various factors, including the level of risk associated with the transaction.
Bank's Discretion: Your bank evaluates each transaction based on its risk factors. For some recurring payments, your bank might not see the need for additional authentication due to lower perceived risk or a history of regular, problem-free transactions.
Increasing Security Measures: Banks share some responsibility for fraudulent transactions. As a result, they are becoming more vigilant and often opt for added security checks, even if it means a slight inconvenience for customers. This is part of their effort to protect both you and themselves from potential fraud.
Therefore, while it might seem like an extra step compared to other subscriptions, this process is in place to enhance the security of your transactions. Each provider and bank may handle these scenarios differently, which is why you might not experience this with other services.
More About the Authentication Process
This inconvenience is part of a security measure known as "3D Secure," a requirement under the European Strong Customer Authentication (SCA) regulations within the Payment Services Directive (PSD2). Its aim is to reduce fraud and secure online and contactless offline payments.
How Do I Know If the Email I Received Is Genuine?
With the increase in online fraud, it's crucial to verify the authenticity of emails asking for payment information. Here are some steps you can take to ensure the email you received is genuinely from us:
Keep Your Browser and Device Updated: Modern browsers are equipped with features to detect and block fraudulent web pages. Keeping your browser and device updated minimises vulnerabilities that fraudsters exploit.
Check the Website URL: After clicking the green button in our email, verify that the URL in your browser matches our official domain, which is
Be cautious of URLs with subtle differences, such as:
- "aatus.co.uk" – an extra 's'
- "aatu.co" – a different domain ending (.co instead of .co.uk)
- "aatu.secure-transactions.net" – a different domain altogether (secure-transactions.net instead of aatu.co.uk)
These are examples of potentially fraudulent domains.
Contact Our Team for Verification: If you're still unsure about the email's legitimacy, don't hesitate to reach out to our team for confirmation.
By following these steps, you can protect yourself from potential scams and ensure that your subscription and payment information remain secure.