3D Secure: All You Need to Know

According to the E-commerce Attack Rates report by Experian Information Solutions, nearly 6.64 % of the U.S. population became victims of online identity fraud. E-commerce fraud attacks also increased by almost 30% in 2018 compared to previous years.

Thankfully, there are preventive measures that can be taken to protect your e-commerce business and your customers from payment fraud. If you are looking for ways to reduce the risk of unauthorized charges in your online business, keep 3D Secure on your radar.

Created by Visa and MasterCard, 3D Secure also referred to as 3DS is a technical standard that adds a layer of security in online credit and debit card transactions. 

Different card networks developed their own 3D Secure transaction products:

• MasterCard SecureCode

• Verified by Visa

• Discover ProtectBuy

• SafeKey

The term 3DS stands for 3 Domain Server. The technology is named this because every 3D Secure transaction involves three parties:

• The Acquirer Domain

  the merchant's bank accepting card payments.

• The Issuer Domain

  the organization that issued the card being used in the online transaction.

• The Interoperability Domain

  payment systems that act as connectors between an Acquirer Domain and an Issuer Domain.

3D security protocol adds an additional level of payment protection to an online transaction. In order to complete an online purchase, the cardholder is asked to provide proof of identity by entering a unique password, an SMS code or a temporary PIN.

Here are the initial steps involved in the 3D Secure process:

Step 1

Card information collection

The cardholder enters their unique credit/debit card data.

Step 2

3D Secure enrollment confirmation

The system checks whether or not the card is registered for 3D Secure.

Step 3

Redirection to provider's 3D Secure page

If 3D Secure enrollment is confirmed the client is then redirected to a 3D Secure page served by the card provider.

Step 4

Additional security authentication

On the provider's website, the client will be asked to enter their unique password or a one-time authentication code which will be emailed to their confirmed email address or sent to their confirmed phone number.

Step 5

Redirection to merchant's website

If the cardholder authentication went successfully the cardholder is then redirected back to a merchant's website for payment confirmation.

Step 6

Payment Confirmation

Once back on the merchant's site, the customer will receive confirmation of a successful payment.

A major benefit of 3D Secure is that it protects both users and merchants from the threat of payment fraud.

The payment liability shift is another perk of 3D Secure for online merchants. By completing an additional authentication step through 3D Secure, an issuing bank becomes liable for fraudulent chargebacks. Even if the customer claims they have an unauthorized payment from you on their card, most of the time the card provider will be liable for managing the refunds.

Fewer chargebacks also mean more money in your pocket. 3D Secure helps mitigate the resources associated with disputes management, chargeback penalties, and fees.

The liability shift, however, sometimes comes at the cost of conversion rates. 

While 3D Secure protocol is one of the most effective payment fraud prevention methods, it is often associated with higher cart abandonment rates.

As a general rule of thumb, the longer the checkout process is, the more likely the customer is to abandon their carts altogether. Adding yet another authentication step for them to complete often hurts both conversion rates and the overall shopping experience.

Deciding between higher conversions and lower fraud risk is a tough choice to make.

The good news is, with improved 3D Secure 2.0 protocol, the merchants can now both better prevent frauds and deliver enhanced customer experience.

The main purpose of the new 3D Secure 2.0 protocol is to better facilitate information exchange between the three parties of the transaction.

3DS 2.0 simplifies the payment process. Instead of the static password that had to be remembered in version 1.0, the 3DS 2.0  protocol uses a token-based and biometric authentication like face or voice recognition.

Overall, the new 3D Secure 2.0 technology means less checkout hassle for customers: shorter waiting time, fewer passwords to remember, and most importantly, fewer steps when completing the purchase.

Unlike the previous version of 3D Secure, the 2.0 protocol supports non-browser-based payment methods including wearables, in-app purchases, mobile payments, and digital wallets.

3DS 2.0 also promises improved risk assessment. When approving or declining a 3DS 2.0 transaction, over 100 data points are being transferred to issuing banks. That’s almost 10 times more data points than the previous protocol used. The more information the system analyzes when doing authentication, the better the chances of fraud prevention.

As a result of these changes, merchants will see fewer cart abandonment and higher conversion rates. Experts say that by using 3DS 2.0 the checkout time can be reduced by 85%, and cart abandonment rates can be lowered by 70%.

As e-commerce continues to evolve, so does 3D Secure technology.

Recently introduced 3D Secure 2.0 protocol is a huge leap forward in the world of online payments. Not only does the technology offer smoother shopping experiences, but it also takes online payment security to a whole different level.

If you are still on the fence about the protocol, now is a good time to jump on the bandwagon of 3D Secure technology.