Please note that this is a very old post and probably contains out-of-date information.
I have a fork of the ActiveMerchant gem that includes tekin's 3D Secure code plus methods to perform authenticate/authorise transactions (which seem to be required for recurrent payments for a continuous authority merchant account). Could be of use to someone.
Oh, I also fixed some bugs to do with how ActiveMerchant was adding start dates and issue numbers to the requests. I can't remember exactly what changed - have a look at my commits. I still need to report it as a bug but seeing as Shopify aren't support 3D Secure I guess they aren't dealing with the weird complexities of Maestro/Switch card details.
Oh yeah, that reminds me of another problem I had - ActiveMerchant distinguishes between Switch (UK Maestro) card numbers and real (European) Maestro numbers, expecting you to set the card type to 'switch' or 'maestro' accordingly. Obviously customer's don't distinguish so you can't rely on them choosing between Switch and Maestro when they submit your credit card form so... I had to do something like this:
...in my controller to correct the card type on submission. This sucks! But it works so I'm reasonably happy. What makes me mad though is that after spending a day and half implementing 3D Secure so we could finally take Maestro (after Google Checkout accepting it) is that SagePay have sent not one customer through 3D Secure!