Improve the experience, increase security, and reduce fraud with 3D Secure.🛡️🚀
Payment authentication is often associated with a bad experience, consisting of multiple redirects and low authorization rates. 3D Secure 2 solves this problem by taking authentication to the next level and creating a safe and seamless payment experience for your customers.
3D Secure isn’t just a requirement for countries mandated under PSD2, but is a way for all businesses, everywhere in the world, to protect themselves against fraud. 3D Secure improves the payment experience for your customers, while saving you the costs of fraudulent chargebacks.
In this article, we'll dive into the other benefits of 3D Secure and how the payment and authentication flows work.
Quick recap: What is 3D Secure?
3 Domain Secure (3DS) is a security measure for online payments. The 3 domains (acquirer, scheme, and issuer) interact with each other using a 3DS protocol where they exchange information and authenticate the transaction.
3D Secure helps prevent fraud and is available forCard Not Present(CNP) transactions with all major card networks, and is mandatory in the EU, following theRevised Payment Services Directive (PSD2).
Benefits of 3D Secure 2
3D Secure 2 (3DS2) is the updated version of 3D Secure 1 (3DS1), which is currently being deprecated globally. 3DS1 is no longer supported by major card brands, with the exemption of India, Bangladesh, Bhutan, Maldives, Nepal, and Sri-Lanka, which are allowed to use it until October 2023.
3DS2 comes with a lot of benefits, including:
With 3DS2, native authentication happens without redirects and can also work on non-browser-based payment methods, improving the payment experience and increasing conversion rates.
The combination of certified SDKs and iframes in the checkout flow, paired with data-sharing APIs, makes 3DS2 the data conduit between businesses and banks. Over 150 potential data points are shared, which means that better risk decisions are drawn from the information you and card issuers know about your mutual customers. The more information you have to support authentication cases, the higher the chances of successful transactions.
3DS2 also has multiple options for customers to verify themselves, including biometric identifiers. More authentication flows and choices means increased security and lower drop-off rates in comparison to older solutions based on static passwords.
How does 3D Secure work?
There are two different ways customers can verify themselves using 3D Secure: frictionless and challenge. The frictionless flow is based on background information that doesn't require the customer to actively verify themselves. The challenge flow means the issuer has determined the transaction needs additional verification from the customer.
The SDK and servers exchange all necessary information without involving the user.
The user receives a request to provide two-factor authentication. Typically through an SMS code or with a personal password. The user can also use their face or fingerprint to provide biometric authentication.
The payment is only confirmed after the customer verifies themself.The transaction doesn’t only rely on card details for verification. This means committing fraud is much more difficult if card details are stolen or there is a data breach on the merchant’s site.
3D Secure and chargeback liability shift
Another benefit with 3D Secure is that it allows businesses to protect themselves from fraudulent chargebacks through a ‘’liability shift’’.
Liability refers to the party responsible for financially compensating cardholders for fraudulent purchases. A liability shift happens when a payment goes through the 3D Secure 2 challenge authentication flow and the liability for fraud and chargebacks shifts from the business to the card issuer. In some regions, card schemes may grant a liability shift after a successful frictionless flow too.
