To help us direct your question to the best team to provide an answer please select which option best describes you.
3D Secure: Minimize fraud and maximize conversion
Reduce fraud and improve the customer experience with 3D Secure
What is 3D Secure?
At its core, 3D Secure is a method to secure online payments and serves as a means to achieve Strong Customer Authentication (SCA). ‘3D’ stands for the 3 domains which participate in the exchange of information to authenticate the cardholder – the Acquirer, the Scheme and the Issuer.
3D Secure can be used by merchants globally, not just in countries regulated under PSD2, to help protect against fraud. As the ecommerce industry expands globally, consumer purchases cross regional borders, making fraudulent transactions more common. 3D Secure is available with all major card networks.
On September 14th 2019, new requirements for authenticating online payments were rolled out in Europe as part of PSD2, or the second Payment Services Directive. As part of this, there is a new set of technical standards required for payment authentication known as Strong Customer Authentication (SCA), designed to help reduce fraud and increase security for end users. To comply with the new standards, EMV® Co devised an updated version of the 3D Secure protocol – 3D Secure 2 (also referred to as EMV® 3D Secure).
The PSD2 mandate is now fully in place across EEA (as of 1st January 2021) and UK (as of 14th March 2022) and is actively being enforced. Merchants would need to be compliant and use 3D Secure 2 or request an exemption in their payment flow, otherwise they risk potential fines.
In North America and other regions, 3D Secure is not mandated or required. However, there are benefits to using 3D Secure as part of the payment cycle. 3D Secure 1 was retired globally on 15th October 2022 with only a small number of countries having an extension to 15th October 2023. Any existing merchant payment integrations using this version need to migrate to using 3D Secure 2.
Should you have any other enquiries, check our FAQs.
3DS 2 FAQ
Strong Customer Authentication (SCA)
In order to accept payments under the new European SCA requirements,
you need to ensure your customer can authenticate for a payment using two of the following:
Something They Know
A password, a PIN code, a security question.
Something They Have
A mobile phone or a hardware token.
Something They Are
A fingerprint or facial recognition.
3DS2 will allow you to process transactions using the above,handle exemptions from
SCA transactions in different business models, and work with more complex payment use cases.
What You Need To Do
Make sure you plan out your approach. If you are new or already using Paysafe, check your regional requirements below to understand how 3D Secure applies to you.
EEA and UK
Any new integrations should support 3D Secure 2 in EEA and UK. If you are currently using 3D Secure 1, now is the time to act, update your integrations as soon as possible to 3D Secure 2 ahead of October 2022.
If you do not currently support 3D Secure in your payment flow this may mean you are in breach of the PSD2 mandate. You must ensure your integration supports 3D Secure by 1st January 2021 for EU or by 14th March 2022 for UK, or your transactions may be declined with a Soft Decline.
Active monitoring and suspension of merchants who are not authenticating their customers or providing the relevant exemptions commenced on December 31st 2020 for EEA regional merchants and 14th March 2022 for UK based merchants.
Soft Declines, are increasing across all markets where payments from EEA and UK customers are not authenticated, with EEA & UK issuers ramping up their stand up processes for Strong Customer Authentication. Starting 1 August 2021, if you receive a Soft Decline, you must resubmit the transaction(s) for authentication using 3D Secure.
If you are in North America or anywhere else globally and you don’t have customers from EEA and UK, you are not required to use 3D Secure. However, if you expect to have customers from EEA and UK, you should consider implementing 3D Secure 2 as the PSD2 regulation still applies to those transactions and you may see increased declines.
If you use 3D Secure 1 as part of your payment flow, we recommend that you upgrade as soon as possible to 3D Secure 2 prior to October 2022, to ensure that your transactions would not be affected by the 3D Secure 1 sunset.
If you need more information or if you have any concerns, please get in touch with your Partner Manager, and read our post on 3DS 2 below.
Plug and Play
Easy set up and connection to a range of tailor made and customisable payment solutions
Dedicated technical and customer support, whenever you need it.
A Single API
One API giving you access everything, from payment acceptance to wallets and APMs.