Contact us

BOOK A PRESENTATION

3D Secure Authentication: 3DS2 Solution Overview

The new generation of online payment security and eCommerce authentication

What is 3D Secure Authentication?

3D Secure Authentication is an online payments security protocol aiming to reduce fraud without interrupting the user experience. The 3D in 3D Secure Authentication stands for three domain model, including the Issuer (customer's bank), Acquirer (merchant's bank), and Interoperability domain within the online payments ecosystem. What 3D Secure Authentication offers is an elevated approach to securing online payments by implementing Strong Customer Authentication empowered by sophisticated authentication methods, including biometrics and push notifications.

A brief history of 3D Secure Authentication

The issue of fraudulent online payments was first addressed by Visa in 2001 when 3D Secure 1 was introduced. However, despite being a breakthrough piece of technology, the consumers were not satisfied with the user experience 3D Secure 1 offered. The authentication process usually consisted of numerous browser redirects and pop-ups, making the process look more like a fraud rather than a legitimate transaction. Also, in 2001 mobile payments were not a part of the online payments security scope. These, among other reasons, resulted in 3D Secure 2 – a more sophisticated approach to 3D Secure Authentication.

How does 3D Secure 2 Authentication work?

3D Secure payments carry a significant level of protection by demanding an additional authentication step. With the added authentication step, you're making sure that the user is the rightful owner of the credit card used to make the online purchase/transaction.

Common 3D Secure Authentication methods include push notifications, face recognition, fingerprint, and dynamically generated OTPs.

3D Secure Authentication participants

Cardholders:
Increased confidence in online payments security when making online and in-app purchases
User friendly checkout experience enabled by Risk-Based Authentication and frictionless payments
Tailored approach to authentication through a variety of offered authentication methods selected by the user
Merchants and acquirers:
Increased sales and revenue due to lower cart abandonment
Liability shifts to issuer for fraud and disputed transactions
Fast and easy integration
Enhanced mobile user experience
Higher conversion rate
Sophisticated authentication methods
Customer satisfaction
Card Issuers:
More value to the existing product offering
Decreased online card fraud and disputed transactions
Enhanced risk analysis enabled by richer data collection
Progressive approach to online payments security
Sophisticated authentication methods
Higher customer satisfaction

The 3D Secure 2 Authentication flow overview

Benefits of implementing 3D Secure 2

Transaction time drops by 85%

Customers are experiencing a much smoother checkout experience which significantly reduces transaction time. (Visa)

Up to 70% lower cart abandonment rates

Customers are no longer experiencing checkout issues and consequently leading to more finalized purchases.

PSD2 and SCA compliant

The new version of the 3D Secure Authentication protocol is in line with both PSD2 and SCA regulations.

Sophisticated authentication methods

3D Secure 2 offers a variety of authentication methods, including biometrics, push notifications, and dynamically generated OTPs.

Liability shift

In case of proven online payments fraud, merchants who are a part of the 3D Secure Authentication program can cift the liablity to the issuing institution.

3D Secure 2 features

1.

Frictionless transactions

Thanks to richer data collection enabled by the new version of 3D Secure authentication, 3DS2 enables frictionless transactions. This means that transactions that are assessed as low-risk do not require additional authentication from the customer – powered by Risk-Based Authentication.
2.

Non-payment authentication

3D Secure 2 is not exclusively limited to payments. The 3D Secure Authentication model is also used for scenarios such as verifying credit cards when added to various e-wallets.
3.

In-app purchasing

With the proliferation of mobile payments came the need to apply the 3D Secure Authentication model to mobile applications offering in-app purchasing. The 3DS SDK enables merchants to integrate 3D Secure Authentication into their mobile app, enabling a seamless checkout experience.

3D Secure 2 and Strong Customer Authentication (SCA)

The Strong Customer Authentication requirement makes 3D Secure 2 that much more important in case you're doing business in Europe. Since the SCA regulation demands additional authentication to be applied on European payments, 3D Secure 2 can prove to be the right solution to overcome the conversion issues while improving the user experience.
What makes 3D Secure 2 great is the ability to bypass SCA in certain scenarios – the SCA exemptions.

Low-risk transactions

Low-value payments;

Merchant whitelisting

Corporate payments

Recurring payments

3D Secure Authentication FAQ

1. How do I get 3D Secure authentication?
Your issuing bank automatically activates 3D Secure Authentication for issued cards. This makes you and all participating online merchants a part of the 3D Secure ecosystem. When shopping online at a merchant who is also a participant of 3D Secure, your card will be recognized, and your purchase will be protected by the 3D Secure protocol.
2. What's 3D Secure authentication?
3D Secure Authentication is an online payment security protocol aiming to reduce fraud without interrupting the user experience. The 3D in 3D Secure Authentication stands for three domain model, including the Issuer (customer's bank), Acquirer (merchant's bank), and Interoperability domain within the online payments ecosystem.
3. How do I know if my card is 3D Secure?
If you live in Europe, your card is automatically enrolled in the 3D Secure program. However, if you've yet to make an online purchase with your new card and would like to make sure that it is protected by 3D Secure, it is best to contact your issuing bank and check directly with them.
4. Which card issuers support 3D Secure?
3D Secure 2.0 is an online payment security protocol supported by Visa, Mastercard, Discover, American Express, and JCB International.
5. Is 3D Secure for online purchases only?
3D Secure authentication applies to online purchases only. The goal of the program is to verify the cardholder's identity, just as you would do with a PIN on an ATM or EFTPOS device, only remotely.
6. Is 3D Secure mandatory in Europe?
Although 3D Secure is not mandatory globally, all 44 countries in Europe are required to implement 3D Secure Authentication as an additional layer of protection for online payments under the PSD2 regulation.

Trides2: One stop shop for 3D Secure Authentication by ASEE

CyberSecurityhub

linkchevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram