3D Secure
  • 11 Oct 2024
  • 3 Minutes to read
  • Dark
    Light

3D Secure

  • Dark
    Light

Article summary

Enhance the security of your customers' payments by implementing 3D Secure authentication. This measure not only reduces the risk of fraud but also ensures compliance with regulatory requirements and meets standards set by card issuers.

3DS version

We currently support version up to 2.2.0 of the 3D Secure protocol.

What is 3D Secure?

It is a security protocol designed to add an extra layer of authentication for online card transactions. This protocol is often used to reduce the risk of fraudulent transactions and provide more security to both cardholders and merchants during online purchases.

The most widely known implementations of 3D Secure are Verified by Visa for Visa cards and Mastercard SecureCode for Mastercard cards. These systems often prompt the cardholder to enter a one-time password or other authentication method during the online checkout process, verifying their identity before the payment is completed.

How 3D Secure works

Frictionless flow
When the provided data meets the bank's criteria, establishing trust in the cardholder's identity, the payment request could qualify for frictionless authentication, ensure a smooth and uninterrupted customer experience.

Challenge flow
Should the bank determine the need for additional verification, the authentication process will transition to the challenge flow, requiring your customer to provide supplementary information to authenticate their payments.

What is Liability Shift?

Successful 3DS-authenticated card payments come with a liability shift. In case of fraud, the issuing bank bears the liability, not the merchant.

In the event of a chargeback for a 3DS-secured payment, the issuing bank is automatically responsible for refunding the amount to the cardholder.

Information

Implementing 3DS for authentication does not grant immunity to disputed payments for merchants. While it enhances security, disputes may still arise and need to be addressed.

Implementing 3D Secure in Payment Flows

Using our Hosted Payment Page

Our hosted payment page provides the simplest path to implement 3D Secure. With this option, we manage the entire end-to-end process of 3D Secure, easing the implementation burden for both client-side and server-side. Utilizing our hosted payment page allows for the integration of 3D Secure into your payment flow, eliminating any unnecessary complications.

Visit our hosted payment page section for more details or our guide of 3D Secure using the hosted payment page.

Using our Card Payment API

if you opt for this server-to-server solution, you gain greater control over the 3D Secure flow, enabling a more customized implementation tailored to your specific needs. However, it's essential to be aware that this approach may require more effort and development resources on your part compared to using our hosted payment page.

Visit our card payments API section for more details. Follow our guide to using 3DS via the card payments API.

PCI Compliance

Using our Card Payments API to transact with full PAN card details may require a completed Self-Assessment Questionnaire (SAQ-D) form. In some cases, a full Payment Card Industry Data Security Standard (PCI DSS) certification will be required.

To aid you in making an informed choice between these integration options, this page is designed to provide the guidance you need.


Was this article helpful?