top of page
  • Writer's pictureAna Gomez

3-D Secure: The Complete Breakdown for Merchants

3-D Secure is an online security protocol used in card-not-present (CNP) transactions to improve security. It was first rolled out in 1999 to protect e-commerce transactions, and has since been branded under different names such as Mastercard SecureCode and Verified by Visa. The protocol allows the parties involved in a transaction to exchange information in a uniform way, enabling them to determine the authenticity of the transaction. In recent years, the need for better security in e-commerce transactions has increased, as criminals have migrated their fraudulent behavior to the online world. To address this issue, Marqeta has created its own version of the protocol called 3-D Secure 2.0, which gives merchants more control over how challenges are issued.

How 3D Secure works

3D Secure authentication is a process that aims to improve the security of online transactions by verifying that the person making the purchase is the cardholder. This is achieved through a three-domain model, which includes the acquirer domain (businesses that accept credit card payments), the issuer domain (the environment of the issuing bank), and the interoperability domain (systems that enable communication and information exchange between parties). The authentication of all parties involved in the transaction is done using digital certificates and the SSL and XML protocols, ensuring the security of the process. 3D Secure is a technology that adds an extra layer of security to online transactions by verifying the cardholder's identity. When a consumer uses a 3D Secure-enabled credit card to make a purchase on a merchant website with 3DS activated, the following process occurs: the customer provides their card details, directory servers verify that the card is registered in their system, the consumer is prompted to enter a password or one-time PIN to verify their identity with their issuing bank, the authentication results are sent to the merchant's payment provider, the transaction is approved by the acquirer, and the customer can see the result of the transaction. The original version of 3D Secure, known as 3DS 1.0, required customers to enter a code or password before completing the payment process. The updated version, 3DS 2.0, allows the card issuer to use a wider range of transaction data for risk-based analysis and enables instant, secure, and accurate customer authentication without requiring a static password. It also includes a 2-factor authentication process and is mobile-friendly. cx consulting services

The Benefits of 3D Secure

3D Secure is a payment authentication mechanism that offers numerous benefits for retailers and their customers. It improves the legitimacy of the business and strengthens customer loyalty by enhancing the security of online shopping. Other advantages include liability reorientation, greater security and reduced fraud, no additional fees, fewer disputed transactions, increased customer satisfaction, and compliance with the European SCA regulation. 3D Secure shifts liability to the card issuer after properly validated transactions, making fraudulent transactions less likely and boosting confidence in the safety of payment information. It can also be implemented without incurring extra costs.

The Drawbacks

One potential challenge with 3D Secure is that the pop-up authentication pages may be mistaken for phishing scams. However, 3D Secure only uses one-time codes, so your personal information should remain safe. The verification process may take a little longer, but the added security is worth the extra effort. Overall, 3D Secure is a valuable tool for enhancing transaction security and building trust with consumers.


bottom of page