Payment authentication is often associated with a bad experience, consisting of multiple redirects and low authorization rates. 3D Secure 2 solves this problem by taking authentication to the next level and creating a safe and seamless payment experience for your customers.

3D Secure isn’t just a requirement for countries mandated under PSD2, but is a way for all businesses, everywhere in the world, to protect themselves against fraud. 3D Secure improves the payment experience for your customers, while saving you the costs of fraudulent chargebacks.

In this article, we'll dive into the other benefits of 3D Secure and how the payment and authentication flows work.

Quick recap: What is 3D Secure?

3 Domain Secure (3DS) is a security measure for online payments. The 3 domains (acquirer, scheme, and issuer) interact with each other using a 3DS protocol where they exchange information and authenticate the transaction.

3D Secure helps prevent fraud and is available forCard Not Present(CNP) transactions with all major card networks, and is mandatory in the EU, following theRevised Payment Services Directive(PSD2).

Illustration of how cardholders can be authenticated with 3D Secure

Benefits of 3D Secure 2

3D Secure 2 (3DS2) is the updated version of 3D Secure 1 (3DS1), which is currently beingdeprecated globally. 3DS1 is no longer supported by major card brands, with the exemption of India, Bangladesh, Bhutan, Maldives, Nepal, and Sri-Lanka, which are allowed to use it until October 2023.

3DS2 comes with a lot of benefits, including:

No redirects

With 3DS2, native authentication happens without redirects and can also work on non-browser-based payment methods, improving the payment experience and increasing conversion rates.

Risk analysis

The combination of certified SDKs and iframes in the checkout flow, paired with data-sharing APIs, makes 3DS2 the data conduit between businesses and banks. Over 150 potential data points are shared, which means that better risk decisions are drawn from the information you and card issuers know about your mutual customers. The more information you have to support authentication cases, the higher the chances of successful transactions.

Verification options

3DS2 also has multiple options for customers to verify themselves, including biometric identifiers. More authentication flows and choices means increased security and lower drop-off rates in comparison to older solutions based on static passwords.

How does 3D Secure work?

There are two different ways customers can verify themselves using 3D Secure: frictionless and challenge. The frictionless flow is based on background information that doesn't require the customer to actively verify themselves. The challenge flow means the issuer has determined the transaction needs additional verification from the customer.

Frictionless

The SDK and servers exchange all necessary information without involving the user.

Example of a frictionless flow

Challenge

The user receives a request to provide two-factor authentication. Typically through an SMS code or with a personal password. The user can also use their face or fingerprint to provide biometric authentication.

3D Secure challenge flow with password authentication

Example of password authentication

3D Secure challenge flow with biometric authentication

Example of biometric authentication

The payment is only confirmed after the customer verifies themself.

The transaction doesn’t only rely on card details for verification. This means committing fraud is much more difficult if card details are stolen or there is a data breach on the merchant’s site.

3D Secure and chargeback liability shift

Another benefit with 3D Secure is that it allows businesses to protect themselves from fraudulent chargebacks through a ‘’liability shift’’. Liability refers to the party responsible for financially compensating cardholders for fraudulent purchases.

A liability shift happens when a payment goes through the 3D Secure 2 challenge authentication flow and the liability for fraudulentchargebacksshifts from the business to the card issuer.

In some regions, card schemes may grant a liability shift after a successful frictionless flow too.

Adyen Authentication: The right balance between security and convenience

At Adyen, we use 3D Secure to take frictionless payments to the next level. We know that every business is unique, with different risk appetites and regions. Every market has its own unique regulations and behaviors. Adyen adapts to your local needs so that you can offer frictionless authentication and increase security everywhere.

Ourauthentication enginecreates the right balance between convenience and security by using machine learning to make smart authentication decisions and assess whether a transaction should be authenticated through a frictionless flow or not. This results boosts conversion and creates a better customer experience.

We support multiple integrations for both browser and mobile flows via our Checkout solution. If you’re interested in learning more about 3D Secure? Check out ourauthentication page.

We’re always here to help, so if you have any questions regarding regulations or our products,get in touch.

3D Secure: How to minimise fraud while maximising conversion

Fresh insights, straight to your inbox

Subscribe to email alerts