3-D Secure 1 approaches its sunset in October 2022

Is your business at risk?

We must act fast to protect our customers

What is 3-D Secure?

3DS is a technical standard that adds a layer of security in online credit and debit card transactions. For a while, there was no consistent regulation for 3-D Secure until the issue was brought under EMVCo. This ensured a uniform approach by all major card organizations. In 2016, EMVCo published the EMV® 3DS protocol to consider the increasing use of mobile devices for online purchases. 

The key benefit of 3DS is that it protects both users and merchants from payment fraud. In addition, it shifts the payment liability to the issuing bank, another benefit for online merchants. Despite the obvious advantages, 3DS is also associated with increasing cart abandonment rates. Since it adds an additional authentication step for customers, 3DS can hurt both conversion rates and the shopping experience. The 3DS versions 2.1 and 2.2 brought a continuous improvement of user experience.

3-D Secure 2 for a seamless check-out

"With 2.x, the user experience is incomparably better than 1.0," Kiril Milev, regional director for the Middle East and APAC at Netcetera, says. "1.0 was designed with a lot of specific channels in mind. 2.0 is designed for the future, so for wearable devices, and whatever comes in the future."

"With 2.x, you allow your customers to use the features they regularly use with their devices," including biometrics via out-of-band authentication flows and FIDO-based consumer authentication. "It's secure by design, as well … The security is built in the user experience."

3DS 2.x allows more contextual data to be sent to the customer's bank to verify and assess the risk of the transaction. With the new protocol, online shoppers are only required to pass an authentication challenge if their transaction is high risk.

3-D Secure 2 in a nutshell

Reduce overall online fraud by confirming the identity of cardholders outside the transaction flow, leading to increased transaction approval rates and better consumer confidence.

Fewer false declines – more legitimate transactions are permitted, rather than automatically challenged – leading to higher turnover and revenue.

Shift liability away from merchants, encouraging merchant use of cards as a preferred method of payment.

Quicker, easier authentication for consumers, leading to fewer challenges and increased usage by creating a frictionless flow at the point of transaction.

Native Mobile Integration – 3DS2 can be tailored for use on mobile devices, making it the ideal authentication technology for the burgeoning mobile commerce market.

3-D Secure 2.3 – further improving user experience?

The new 3DS 2.3 standards that EMVCo published in Autumn 2021, offer several additional capabilities to further advance both security and convenience for cardholders. EMVCo is the payment industry’s technical body facilitating worldwide interoperability and acceptance of secure payment transactions and approving products that comply with those standards.

Since smartphones or tablets are now used for online shopping in most cases, EMVCo attaches great importance to continuously making the authentication via app channel more user-friendly. For example, the switch between the merchant app and the bank's authentication app should be automatic and as smooth as possible. 3DS 2.3 also offers further advancements in this area.

Overall, the new version EMV 3DS 2.3 will lead to a significant improvement in the user experience. Cardholders, issuers, and online merchants will all benefit from this. Netcetera wants to enter into a dialogue with its customers at an early stage to be able to support them in the best possible way during the introduction of EMV 3DS 2.3.

Why Netcetera

Netcetera boasts a 25-year track record for Swiss quality software in the fintech industry and is a market leader for secure digital payment solutions in Europe. Its 3DS products, like 3DS Server or ACS, create a balance between security and convenience to optimize conversion rates and advance the business of the entire payment ecosystem - from banks, issuers, PSPs to merchants. Always among the first to be certified according to the latest 3DS protocols, Netcetera’s independent products comply with all major card networks, like Mastercard, Visa, American Express, Union Pay & JCB. As an EMVCo associate, Netcetera helps shape new standards, addresses new trends in payment early on, and keeps its services and products up to date.

EMV ® is a registered trademark in the U.S. and other countries and an unregistered trademark elsewhere. The EMV trademark is owned by EMVCo, LLC.