What is 3D Secure protection and how does it work?


According to Experian Information Solutions, more than 5% of the US population has experienced online identity fraud at least once. Also, the number of fraudulent transactions in the field of e-commerce is constantly growing, increasing by several percent every year. In this regard, companies are forced to take preventive measures to protect their business and customers. If you are looking for options to secure a payment on your e-commerce site, you should look into what 3D Secure is.

3D Secure technology was created by MasterCard and Visa and is also called 3DS. This is a technical standard that makes online transactions using bank cards more secure. In this article, we will explain what 3D Secure is and how it works.

What is 3D Secure?

3D Secure is a technology designed to protect merchants and buyers from credit card fraud by adding an additional secure verification step. Initially, 3D security authentication was used by Visa to improve the security of payments. To date, there are several security protocols for different bank cards, but all of them are based on the 3D Secure platform. In particular, there are such variants of this technology:

  • Visa Secure;
  • MasterCard SecureCode;
  • American Express SafeKey.

All these solutions differ from the original 3D Secure protocol but are based on this technology.

How does it work?

The 3D in the name 3D Secure stands for the three-domain model on which the technology is based. The three domains include:

  • Issuer’s domain (payer’s bank);
  • Acquirer domain (seller’s bank);
  • Interaction domain (infrastructure provided by the card company to provide 3D Secure). For the buyer, the entire purchase process using 3D Secure looks like this:
  • The buyer enters credit or debit card details into the payment form.
  • The system checks the correctness of the entered data and checks if 3D Secure is enabled.
  • The buyer sees a new form in front of them, where they must confirm their identity. This can be done by entering the answer to a secret question or two-factor authentication.
  • The acquiring bank verifies the information received. If there are no errors, it confirms the 3D payment.
  • The buyer is redirected to the transaction confirmation page and sees its status, approved or rejected.

What is the difference between 3D Secure and 3D Secure 2.0?

3D Secure 2.0 (3DS2) is a more modern version of 3D Secure that replaced the previous version of the protocol in 2017. 3DS2 was created primarily for a better experience on mobile devices, resulting in a 66% reduction in cart abandonment. The first version of 3D Secure had a drawback in the form of slow page loading, which forced some users to refuse to purchase. 3DS2 is a popular technology and is, in fact, synonymous with 3D Secure.

3D-Secure benefits

3D Secure has benefits for both buyers and sellers who accept payments from bank cards. The main advantages of this technology are described below.

Transferring liability for chargeback fraud

As a rule, the responsibility for chargebacks falls on the sellers, which is why chargeback fraud is very expensive for them. But when using 3D Secure, the responsibility for such fraudulent schemes lies with the issuing bank.

Fewer card-not-present scams (CNP)

The CNP scam suggests that the fraudster is using the details of a stolen bank card to pay online. In 2020, UK companies alone lost £453m due to such scams. Since 3D Secure requires the input of additional information that only the cardholder can provide (an answer to a security question or a code), such fraudulent transactions can be prevented.

More security for clients

Shoppers are accustomed to the 3D Secure interface and expect to have to go through this process when paying. Therefore, they feel safe when they buy from online stores that use this technology.

3D Secure drawbacks

While 3D Secure has many benefits for businesses and consumers, there are certainly downsides. We list them below.

The payment process is taking longer

Each additional step in the payment repels a certain percentage of customers who do not like to wait. In fact, 91% of 3D Secure confirmations take more than 5 seconds, and the average transaction takes 37 seconds. Also, some clients do not remember the answers to security questions.

False rejections

Sometimes buyers experience false rejections — they initiate a legitimate transaction, but it is rejected due to suspicions of fraudulent activity. This may be due to the issuing bank’s strict policy or the client’s suspicious activity. In 2018, false rejections of transactions exceeded $330 billion in the US, so this is a problem indeed.

Implementing 3D Secure can be expensive

Depending on your payment system, you may face additional costs for implementing 3D Secure. For example, the Visa fee is €0.02 for each 3d credit card verification request. If you receive a lot of payments per day, the total amount of fees can be significant. On the other hand, the introduction of 3DS2 can protect you from fraud and save you from losing much larger amounts.

Are there safer payment methods than online card payment?

Open bank payments are more secure than card payments because they have SCA built in. They are better protected from fraud for this reason.

Also, while 3D Secure requires customers to enter additional information, open banking does not even require entering bank card details. It simply redirects users to their online banking to confirm the purchase. This is one of the fastest, safest, and most convenient payment confirmation methods.

Similar articles