To help us direct your question to the best team to provide an answer please select which option best describes you.
3D Secure: Minimize fraud and maximize conversion
Reduce fraud and improve the customer experience with 3D Secure
What is 3D Secure?
At its core, 3D Secure is a method to secure online payments and serves as a means to achieve Strong Customer Authentication (SCA). ‘3D’ stands for the 3 domains which participate in the exchange of information to authenticate the cardholder – the Acquirer, the Scheme and the Issuer.
3D Secure can be used by merchants globally, not just in countries regulated under PSD2, to help protect against fraud. As the ecommerce industry expands globally, consumer purchases cross regional borders, making fraudulent transactions more common. 3D Secure is available with all major card networks.
On September 14th 2019, new requirements for authenticating online payments were rolled out in Europe as part of PSD2, or the second Payment Services Directive. As part of this, there is a new set of technical standards required for payment authentication known as Strong Customer Authentication (SCA), designed to help reduce fraud and increase security for end users. To comply with the new standards, EMV® Co devised an updated version of the 3D Secure protocol – 3D Secure 2 (also referred to as EMV® 3D Secure).
The PSD2 mandate is now fully in place across EEA (as of 1st January 2021) and UK (as of 14th March 2022) and is actively being enforced. Merchants would need to be compliant and use 3D Secure 2 or request an exemption in their payment flow, otherwise they risk potential fines.
In North America and other regions, 3D Secure is not mandated or required. However, there are benefits to using 3D Secure as part of the payment cycle. 3D Secure 1 was retired globally on 15th October 2022 with only a small number of countries having an extension to 15th October 2023. Any existing merchant payment integrations using this version need to migrate to using 3D Secure 2.
Should you have any other enquiries, check our FAQs.
Benefits of 3D Secure 2
The new version of 3D Secure offers a lot of benefits:
Frictionless Authentication
Due to the over 10x more data exchanged compared to 3D Secure 1, 3D Secure 2 allows issuing banks to perform Risk-based Authentication (RBA) on transactions. This enables the issuing bank to make a real-time assessment of the payment without needing to ask the customer for any additional authentication (2FA) or information. What this means is the customer will not be redirected to their bank for authentication and the transaction will still include the all-important liability shift. The more data sent during authentication, the higher the chances of approved transactions.
Chargeback Liability Protection
A key benefit of using 3D Secure 2 as part of the checkout flow is the liability shift in the case of fraud-related chargebacks. It shifts liability from the merchant to the cardholder’s issuing bank. This is especially important for high-risk verticals and high-value transactions.
Improved Authentication Experience
3D Secure 2 allows cardholders to prove to their bank it’s them making the payment using biometrics, such as a fingerprint or facial recognition.
3D Secure 2 brings support for exemptions from SCA transactions in different business models and enables working with more complex payment use cases.
What You Need To Do
As the world of finance has developed, and the need for more robust security measures has increased, static password systems have become insecure and outdated.
To help you with the process of implementing 3D Secure in your checkout flow we’ve updated our Development Centre with an Introduction to 3D Secure 2.
Make sure you plan out your approach. If you are new or already using Paysafe, check your regional requirements below to understand how 3D Secure applies to you and how to extract the most out of its benefits.
EEA & UK
If you do not currently support 3D Secure or are not providing the relevant exemptions in your payment flow this may mean you are in breach of the PSD2 mandate and are likely receiving declines. Do not hesitate to get in touch to understand how you can become complaint.
Any new integrations should support 3D Secure 2 in EEA and UK as 3D Secure 1 has been deprecated.
Gaming and Gambling merchants are required to provide either the CVV (3-4 digits on the back of the card) or authenticate their customers’ transactions with 3D Secure 2.
To get the most out of your Payment Acceptance, it is important you understand where your customers are based. If you are an EEA/UK merchant and your customers are outside of the region, your transactions may be considered as One-Leg-Out in which case 3D Secure 2 is recommended but not required (out of PSD2 scope). Refer to the FAQ page to find out more or get in touch with your Partner Manager.
All Markets
If you are a merchant based in North America or anywhere else globally you are not required to use 3D Secure. There are a number of benefits with 3D Secure 2 which could lead to improved Payment Acceptance.
If you are a gaming or gambling merchant you are required to provide either the CVV (3-4 digits on the back of the card) or authenticate your customers’ transactions with 3D Secure 2.
If you expect to have customers from EEA and UK, you should consider implementing 3D Secure 2 as the PSD2 regulation still applies to those transactions and you may see increased declines. Having seen the benefits of 3D Secure, global adoption is continuously increasing with issuing banks and 3D Secure is expected to become the norm.
If you need more information or if you have any concerns, please get in touch with your Partner Manager, and refer to the FAQ page below.
Integration
Plug and Play
Easy set up and connection to a range of tailor made and customisable payment solutions
24hr Support
Dedicated technical and customer support, whenever you need it.
A Single API
One API giving you access everything, from payment acceptance to wallets and APMs.
Get in touch
North America
US & Canada (EN): technicalsupport@paysafe.com
Canada (FR): soutientechnique@paysafe.com