back to insights


January 19, 2021

What is 3D Secure 2.0?

The release of 3D Secure 2.0 was motivated by reducing fraud in card-not-present transactions as well as improving the user experience during cardholder's online checkout process. Find out how 3D Secure 2.0 improved effectiveness both by introducing new features and bringing the security standards to a higher level without tampering with customer experience.

3D Secure 2.0

3D Secure 2.0 is an improved version of the 3D Secure authentication protocol introduced in 2001 by VISA as an interoperable three-domain solution for online card authentication. As opposed to card transactions that occur in brick-and-mortar retail, which use chips and PIN authentication methods, there was no presented solution for eCommerce until 3D Secure stepped in.

3D Secure is an additional process that occurs before a transaction becomes authorized. It is deployed in three domains that consist of:

1.   Merchant: The seller that requires payment.

2.   Customer: The Card owner and purchaser of goods.

3.  Interoperability: Card scheme (Visa, MC, Amex, Diners, JCB, etc.)

eCommerce figures to consider

For a number of years, eCommerce and other online payment systems have proven to be lucrative and presented constantly growing business opportunities, accompanied by an ever-present and rising threat regarding online fraud and theft.

Below are some figures (via eMarketer) to consider comparing the annual percentages of total sales conducted online when compared to all sales that also include brick and mortar retailers, as well as the comparison of change annually within this sector and the growth that occurred from the year 2017 until the projected year 2023.

3D Secure - retail ecommerce sales worldwide

The data shows that the global eCommerce market had sales reaching $3.5 trillion by the end of 2019 and represented 14% of the global sales figures. Projections show that eCommerce sales will reach 22% of global retail figures by 2023, with total sales reaching around $6.5 trillion.

Why the upgrade?

Considering the ever-growing trend in eCommerce, security issues needed to be taken care of and, significant changes regarding the authentication process were implemented. Static passwords were deemed untrustworthy and replaced by dynamic passwords and biometrics. This resulted in an improved user experience for both merchants and cardholders as well as more secure online payment processes.

Main changes included the following:

Stronger authentication 

Strong Customer Authentication (SCA) came into play as a PSD2 requirement, whose main goal was to reduce fraud and bring online payment security to a higher standard. Static passwords caused a variety of inconveniences for online shoppers, thus resulting in high cart abandonment rates. On the other hand, biometric authentication (e.g., face or voice recognition) is not only more secure than conventional static passwords but contributes to a smooth user experience during online checkout, which cuts down cart abandonment rates. Another method introduced in 3D Secure 2.0 is risk-based authentication, setting stone for frictionless transactions. This means that transactions that are considered ''low-risk transactions'' do not require further authentication. This method is based on data from previous transactions and cardholder behavior information.

Improved User Experience

Bringing the security standards to a higher level without tampering with user experience presented a real challenge when it comes to 3D Secure 2.0. Alongside introducing new authentication methods such as biometrics, this upgrade eliminated pop-up windows and redirects which occurred during online payment, making cardholders more confident in the security of their purchase and consequently causing cart abandonment rates to drop.

Multi-device support

3D secure 2.0 enables authentication on a wide variety of devices. 3D Secure transactions are now available in application and browser-based solutions.

What after 3D Secure 2.0?

EMVCo continues to enhance 3D Secure protocol aligning it with eCommerce trends, as well as buyer and stakeholder's needs to ensure the best UX and ultimate security. 3D Secure v2.1 brought frictionless authentication which resulted in a faster and more convenient checkout process. At this moment, there is actual 3DS v2.2, which brought new authentication methods, like decoupled authentication, and Merchant White list to give additional control to buyers in managing transaction security.

To find out more about new features and improvements, contact our regional expert on [email protected] or download the datasheet.

download datasheet
Request Trial

Interested in TriDES2?

Subscribe to our newsletter
© Asseco South Eastern Europe 2021. All rights reserved
clouddownload linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram