What is 3D Secure v2?


Did you know?

3D secure v2 is the latest iteration of the 3D secure protocol. It is a part of the finance industry’s drive to improve payment security, improve customer experience, as well as reduce fraud.

In the European Union, this drive has been largely prompted by extensive financial regulation, known as the Payment Services Directive (PSD2). This regulation requires merchants to apply SCA (Strong Customer Authentication) on transactions. This version of 3D Secure addresses the deficiencies of the previous version.

Improvements include:

  • Better experience for users across multiple devices
  • Offers improved security with emphasis on SCA with Two Factor Authentication (2FA) and biometric authentication
  • Frictionless support where there is a low risk
  • Better risk analysis, meaning that security is vastly improved
  • Non-Payment Authentication

Risk-Based Authentication (RBA)

Risk-Based Authentication (RBA) is applied by the card issuer to determine whether a transaction is associated with a certain level of risk. Risk levels are based on a set of criteria that include, but are not limited to:

  • The transaction value
  • User/Card behavioural history
  • Transaction history
  • New or existing user

Frictionless Payments

RBA permits the use of frictionless payments in some situations. What does frictionless exactly mean? For example, a customer makes low-value transactions often, in the country where their card is issued, and on a device that is routinely authorized. The card issuer might determine these transactions as low-risk, therefore the card owner would not be subject to authentication.

What are the benefits of Frictionless Payments?

  • Payment can be made quickly without customer verification, based on their risk assessment
  • Greater user experience which leads to less abandonment during the payment process. A user is more likely to abandon a payment process the harder it is made for them to finalize a transaction.

Non-Payment Authentication

Non-Payment Authentication using 3D Secure v2 protocol does more to prevent online fraud. Fraudsters continue to try to find ways to get access to credit and debit card data and hence there is still a significant online population that does not feel comfortable making online payments. What commonly occurs is known as customer checkout drop-off or transaction abandonment.

Essentially a customer who is about to purchase an item is confronted with a payment pop-up screen that requires them to enter personal card information.

Non-Payment Authentication reduces drop off, takes away the consumer stress and hesitation from the checkout stage of a purchase. This is done by shifting the 3D Secure verification away from the final payment stage to a different environment.