Payment authentication is often associated with a bad experience, consisting of multiple redirects and low authorization rates. 3D Secure 2 solves this problem by taking authentication to the next level and creating a safe and seamless payment experience for your customers.
3D Secure authentication isn’t just a requirement for countries mandated under PSD2, but is a way for all businesses, everywhere in the world, to protect themselves against fraud. This technology improves the payment experience for your customers, while saving you the costs of fraudulent chargebacks.
In this article, we'll dive into the other benefits of payment authentication and how its flow works.
Quick recap: What is 3D Secure?
3 Domain Secure (3DS) is a security measure for online payments. The 3 domains (acquirer, scheme, and issuer) interact with each other using a 3DS protocol where they exchange information and authenticate the transaction.
3D Secure helps prevent fraud and is available for Card Not Present (CNP) transactions with all major card networks, and is mandatory in the EU, following the Revised Payment Services Directive (PSD2).
Benefits of 3D Secure 2
3D Secure 2 (3DS2) is the updated version of 3D Secure 1 (3DS1), which is currently being deprecated globally. 3DS1 is no longer supported by major card brands, with the exemption of India, Bangladesh, Bhutan, Maldives, Nepal, and Sri-Lanka, which are allowed to use it until October 2023.
3DS2 comes with a lot of benefits, including:
No redirects
With 3DS2, native authentication happens without redirects and can also work on non-browser-based payment methods, improving the payment experience and increasing conversion rates.
Risk analysis
The combination of certified SDKs and iframes in the checkout flow, paired with data-sharing APIs, makes 3DS2 the data conduit between businesses and banks. Over 150 potential data points are shared, which means that better risk decisions are drawn from the information you and card issuers know about your mutual customers. The more information you have to support authentication cases, the higher the chances of successful transactions.
Verification options
3DS2 also has multiple options for customers to verify themselves, including biometric identifiers. More authentication flows and choices means increased security and lower drop-off rates in comparison to older solutions based on static passwords.
How does 3D Secure work?
There are two different ways customers can verify themselves: frictionless and challenge. The frictionless flow is based on background information that doesn't require the customer to actively verify themselves. The challenge flow means the issuer has determined the transaction needs additional verification from the customer.
Frictionless
The SDK and servers exchange all necessary information without involving the user.
Challenge
The user receives a request to provide two-factor authentication. Typically through an SMS code or with a personal password. The user can also use their face or fingerprint to provide biometric authentication.
The payment is only confirmed after the customer verifies themself.
The transaction doesn’t only rely on card details for verification. This means committing fraud is much more difficult if card details are stolen or there is a data breach on the merchant’s site.
3D Secure and chargeback liability shift
Another benefit of this protocol is that it allows businesses to protect themselves from fraudulent chargebacks through a ‘’liability shift’’. Liability refers to the party responsible for financially compensating cardholders for fraudulent purchases.
A liability shift happens when a payment goes through the 3DS2 challenge authentication flow and the liability for fraudulent chargebacks shifts from the business to the card issuer.
In some regions, card schemes may grant a liability shift after a successful frictionless flow too.
Adyen Authentication: The right balance between security and convenience
At Adyen, we use the 3D Secure system to take frictionless payments to the next level. We know that every business is unique, with different risk appetites and regions. Every market has its own unique regulations and behaviors. Adyen adapts to your local needs so that you can offer frictionless authentication and increase security everywhere.
Our authentication engine creates the right balance between convenience and security by using machine learning to make smart authentication decisions and assess whether a transaction should be authenticated through a frictionless flow or not. This results boosts conversion and creates a better customer experience.
We support multiple integrations for both browser and mobile flows via our Checkout solution. Interested to learn more? Check out our authentication page.
We’re always here to help, so if you have any questions regarding regulations or our products, get in touch.
Fresh insights, straight to your inbox
By submitting your information you confirm that you have read Adyen's Privacy Policy and agree to the use of your data in all Adyen communications.