Contact us

To help us direct your question to the best team to provide an answer please select which option best describes you.

  • I would like to speak to someone about setting up a new account
    Next
  • I'm an existing customer and need help with my account
    Next
  • I’m looking to integrate payments to my software platform or application
    Next

3D Secure: Minimize fraud and maximize conversion

Reduce fraud and improve the customer experience with 3D Secure

3DS-2 SCA

What is 3D Secure?

At its core, 3D Secure is a method to secure online payments and serves as a means to achieve Strong Customer Authentication (SCA). ‘3D’ stands for the 3 domains which participate in the exchange of information to authenticate the cardholder – the Acquirer, the Scheme and the Issuer.

3D Secure can be used by merchants globally, not just in countries regulated under PSD2, to help protect against fraud.  As the ecommerce industry expands globally, consumer purchases cross regional borders, making fraudulent transactions more common. 3D Secure is available with all major card networks.

On September 14th 2019, new requirements for authenticating online payments were rolled out in Europe as part of PSD2, or the second Payment Services Directive. As part of this, there is a new set of technical standards required for payment authentication known as Strong Customer Authentication (SCA), designed to help reduce fraud and increase security for end users. To comply with the new standards, EMV® Co devised an updated version of the 3D Secure protocol – 3D Secure 2 (also referred to as EMV® 3D Secure).

The PSD2 mandate is now fully in place across EEA (as of 1st January 2021) and UK (as of 14th March 2022) and is actively being enforced. Merchants would need to be compliant and use 3D Secure 2 or request an exemption in their payment flow, otherwise they risk potential fines.

In North America and other regions, 3D Secure is not mandated or required. However, there are benefits to using 3D Secure as part of the payment cycle. 3D Secure 1 was retired globally on 15th October 2022 with only a small number of countries having an extension to 15th October 2023. Any existing merchant payment integrations using this version need to migrate to using 3D Secure 2.

Should you have any other enquiries, check our FAQs.

3DS 2 FAQ

Strong Customer Authentication (SCA)

In order to accept payments under the new European SCA requirements,
you need to ensure your customer can authenticate for a payment using two of the following:

3DS-2 Password & Pin

Something They Know

A password, a PIN code, a security question.

Mobile & Hardware Token

Something They Have

A mobile phone or a hardware token.

Fingerprint & Facial Recognition

Something They Are

A fingerprint or facial recognition.

3DS2 will allow you to process transactions using the above,handle exemptions from
SCA transactions in different business models, and work with more complex payment use cases.

Find Out More

What You Need To Do

Make sure you plan out your approach. If you are new or already using Paysafe, check your regional requirements below to understand how 3D Secure applies to you.

EEA and UK

Any new integrations should support 3D Secure 2 in EEA and UK. If you are currently using 3D Secure 1, now is the time to act, update your integrations as soon as possible to 3D Secure 2 ahead of October 2022.

If you do not currently support 3D Secure in your payment flow this may mean you are in breach of the PSD2 mandate. You must ensure your integration supports 3D Secure by 1st January 2021 for EU or by 14th March 2022 for UK, or your transactions may be declined with a Soft Decline.

Active monitoring and suspension of merchants who are not authenticating their customers or providing the relevant exemptions commenced on December 31st 2020 for EEA regional merchants and 14th March 2022 for UK based merchants.

3DS-2 Deadline

All Markets

Soft Declines, are increasing across all markets where payments from EEA and UK customers are not authenticated, with EEA & UK issuers ramping up their stand up processes for Strong Customer Authentication. Starting 1 August 2021, if you receive a Soft Decline, you must resubmit the transaction(s) for authentication using 3D Secure.

If you are in North America or anywhere else globally and you don’t have customers from EEA and UK, you are not required to use 3D Secure. However, if you expect to have customers from EEA and UK, you should consider implementing 3D Secure 2 as the PSD2 regulation still applies to those transactions and you may see increased declines.

If you use 3D Secure 1 as part of your payment flow, we recommend that you upgrade as soon as possible to 3D Secure 2 prior to October 2022, to ensure that your transactions would not be affected by the 3D Secure 1 sunset.


If you need more information or if you have any concerns, please get in touch with your Partner Manager, and read our post on 3DS 2 below.

Do merchants have anything to fear from 3DS 2.0?

Integration

Plug and Play
Easy set up and connection to a range of tailor made and customisable payment solutions

24 hours support

24hr Support
Dedicated technical and customer support, whenever you need it.

A Single API
One API giving you access everything, from payment acceptance to wallets and APMs.

Get in touch

EEA & UK

UK: 0800 294 1404
INT: +44 (0) 118 928 5075

e: uk.customerservice@paysafe.com

North America

US & Canada (EN): technicalsupport@paysafe.com

Canada (FR): soutientechnique@paysafe.com