3-D Secure provides an additional layer of security for eCommerce transactions prior to authorisation. It enables the exchange of data between the merchant, card issuer and, when necessary, the consumer, to validate that the transaction is being initiated by the rightful owner of the account.
3-D Secure 1.0, developed and owned by Visa, has been in the market for 15 years. 3DS 2.0 is the new generation of the 3DS protocol, developed and owned by EMVCo.
The enhanced 3-D Secure 2.0 provides several improvements over 1.0, including:
Support for transactions across a variety of devices for improved customer experience
10X more data to support enhanced risk-based decision-making for issuers
Less friction for consumers, leading to reduced shopping basket abandonment
Get a one page overview of how 3-D Secure 2.0 works
The proliferation of connected devices has made it easier for consumers to purchase goods and services, but has also introduced new challenges for combatting fraud and providing frictionless checkout experiences.
Global eCommerce spending now surpasses US$3.5 Trillion (€2.9 Trillion).1
1.2 billion card not present purchases are declined globally each year.2
62% of cardholders will abandon a card or move it to back of wallet after a decline.1
1. Ethoca Research, "Solving the CNP False Decline Puzzle," 2016.
2. Ethoca Research, Solving the CNP False Decline Puzzle, 2017, and eMarketer Worldwide Retail and eCommerce Sales Estimates, July 2017
Better authentication benefits everyone
Merchants and Acquirers
Enhanced transaction security
Better customer experience with more completed sales
Better fraud management capabilities
Improved decision-making keeps cards top of wallet
Peace of mind
More successful checkouts
Making the transition to 3-D Secure 2.0
Visa recommends that issuers and merchants support both the 1.0 and 2.0 specifications:
Supporting both versions will ensure that stakeholders can initiate and respond to either authentication message version and maximise authenticated transactions.
To implement 3-D Secure 2.0, merchants' 3-D Secure Server and issuers' Access Control Server software must support the updated 3-D Secure 2.0 specifications.
Merchant 3-D Secure Server providers will manage initiation of authentication requests according to the 3-D Secure version(s) supported by the issuer.
The implementation guide for merchants and acquirers
This guide includes 3-D Secure 2.0 processing flows, how to get started, programme rules, and more.