Online payments have been around for quite a while. However, last year marked with the Covid-19 pandemic, caused a big spike in the number of stakeholders who went online. For reference, Office for National Statistics states that online sales in the UK accounted for 35,2% of all retail in January 2021.
A 2021 report from Retail Economics and Natwest reports that 46% of UK consumers bought goods and services online that they, prior to the pandemic, only ever purchased online. What makes this a new trend is the following fact; 32% of consumers state that they plan to continue with their new shopping habits in the future.
Such numbers pose new opportunities as well as threats. As more and more people turn online to purchase goods and services, those with ill intentions do not waste time. Security questions regarding online payments have popped up, and that is where 3D Secure steps in. In order to provide ultimate security in the online payments ecosystem, EMVCo's specification reflected on current and future market trends to support security, performance, and user experience.
Issuers are still on the fence when it comes to adopting new 3D Secure versions. But there is no doubt about the benefits they bring to the table. From security matters to user experience improvements, 3D Secure ties it all together. Key benefits the protocol provides are the following:
Since the previous 3D Secure v1.0, there had been a lot of changes in the online payments industry. One of those major changes was extending to mobile apps and securing mobile payments, impacting both security and user experience positively. Secondly, since mobile emerged as one of the alternative online payment channels, alternative authentication methods, which are becoming today's standard, were introduced. We're talking about supported biometric authentication, which provides a high level of security without tampering with user experience during the checkout process.
Following, 3D Secure v2.1 collects ten times more data than the previous version, allowing issuers to conduct a more precise risk analysis, resulting in fewer step-ups and false declines. A new feature introduced in this version enables Merchant-Initiated Transactions, such as subscriptions. The first payment requires SCA, but the following identical payments do not. One of the essential upgrades revolves around the PSD2 SCA requirement, making the 3D Secure v2.1 a fully compliant solution.
3D Secure v2.2 includes all features provided in the v2.1 upgrade, plus some extra benefits. Supported SCA exemption flags allow for a more flexible approach. This is thanks to enhanced risk analysis which resulted in low-value payment exemptions as well as merchant whitelisting. The cardholder is in control when it comes to choosing the authentication method they want to apply during checkout. It makes the solution more user-friendly and the authentication process straightforward. Moreover, decoupled authentication introduced in this version allows authenticating the transaction at a time different from when the transaction occurred, which comes in handy in scenarios such as recurring payments or split shipments. Another feature included in the v2.2 is delegated authentication, which means that issuers can enable third parties (merchants, acquirers, etc.) to conduct the authentication on their end. This method eliminates unnecessary friction and provides a better customer experience.
A considerable leap happened between 3D Secure 1 and 3D Secure 2, influenced by the fast-moving global digitalization, demanding more security and less friction. New versions of the 3D Secure protocol successfully overcame all of the obstacles 3D Secure 1 encountered. They are compliant, flexible, secure, and user-friendly.