close

Request an online demo

Get a personalized online demo of Kount's trust and safety technology at a time and date of your choosing.

hexagonshexagons

What is 3D Secure 2.0?

Jessica Velasco | Wednesday, December 20th, 2023 | 11 minutes

3D Secure 2.0 is an authentication method for card-not-present transactions. The technology’s aim is to verify the person using the card is the actual cardholder—and not a criminal or other unauthorized person.

3D Secure 2.0 is an updated version of the original 3D Secure technology, and the platform’s functionality has changed significantly since its launch. There were several flaws with the 3DS process, and 3DS 2.0 has been created to address those shortcomings.

Now, the technology offers many benefits to merchants including more accurate fraud decisioning with less friction and enhanced chargeback protection.

Learn more about 3DS 2.0, and find out if this fraud prevention tool could help your business.

  • 3D Secure to 3D Secure 2.0: What Has Changed?
  • Advantages of 3DS 2.0 Over 3DS 1.0
  • How Does 3D Secure 2.0 Impact Chargeback Management?

3D Secure to 3D Secure 2.0: What Has Changed?

Originally launched in 2001, 3D Secure was created to provide additional layers of fraud protection for card-not-present transactions. The concept was to request information that only the cardholder would know thus reducing the risk of unauthorized transactions.

The objective was sound, but the way the original technology went about achieving it was not.

After submitting payment information for an online purchase, a shopper was routed to a separate authentication page created by the card issuer (issuing bank). The page asked for a static password that the cardholder was supposed to remember and provide for any transactions covered by 3DS1.

The process had several drawbacks.

What Were the Drawbacks of 3DS 1.0?

Unfortunately, the 3DS user experience wasn’t ideal. There were some notable problems related to the customer experience:

  • Friction: All transactions processed through 3DS required a password. There wasn’t a frictionless workflow for low-risk transactions. Customers were subjected to additional security measures every time.
  • Suspected Fraud: The 3DS page did not have the same look and feel as the merchant’s checkout page. This often made users suspect a fraudster had rerouted them and was attempting to steal sensitive information.
  • Page Loading Errors: Oftentimes, the 3DS page wouldn’t load properly — especially on mobile devices. This made it difficult or impossible for the user to enter the password required to proceed.
  • Forgotten Passwords: 3DS wasn’t widely adopted by merchants and banks, so cardholders only encountered it sporadically. Infrequent use made it difficult for users to remember their static passwords.

When faced with obstacles they couldn’t overcome, users would either try a different payment method or a different merchant. This would result in revenue loss for the bank, merchant, or both.

Updating to 3DS 2.0 is an attempt to solve these issues and provide a better user experience.

How Does 3D Secure 2.0 Work?

Despite the update to 2.0, the technology’s goal remains the same: verify the shopper’s identity to reduce the risk of fraud.

While the original platform relied solely on password validation, the new process prioritizes collaboration and uses security questions for secondary authentication when needed.

With 3D Secure 2.0, a merchant sends information to the customer’s bank (called the issuer or issuing bank) in real time. This information is a combination of transaction-specific information like card details and contextual information such as the customer’s device ID or order history.

The issuer uses machine learning to review the information provided and determine the likelihood of fraud. Based on the assessment, the bank does one of two things:

  • Approves the transaction: If the bank believes the cardholder is the person making the purchase, the bank will authorize the merchant to proceed.
  • Challenges the transaction: If the information provided doesn’t match the norm or seems suspicious, the bank requests additional authentication. The customer needs to share a one-time password obtained via email or text. Or, the customer needs to provide biometric identity verification like a fingerprint or facial scan. If the customer is authenticated during the challenge process, the merchant is safe to proceed. If not, the transaction is flagged as a high risk for fraud.

The process looks like this:

Imagen
3D Secure 2.0 Flowchart

Advantages of 3DS 2.0 Over 3DS 1.0

There are several advantages of 3D Secure 2.0 over 3D Secure 1.0.

3D Secure 1.03D Secure 2.0
METHODStatic passwordDynamic passwords & biometrics
FRICTION100% of transactionsAbout 5% of transactions
INTERFACEBrowserBrowser & in-app
DATA15 data elements150+ data elements
REGIONDomesticDomestic & international

New Frictionless Flow Reduces Cart Abandonment

Perhaps the most noteworthy feature of the new 3DS 2.0 authentication process is the frictionless flow.

If there is sufficient information to verify the cardholder’s identity, the transaction is authenticated without additional input from the shopper. Gone are the days of challenging all card transactions!

Visa estimates that 95% of debit and credit card transactions can be funneled through the frictionless flow. As a result, customers have a better checkout experience and merchants have greater earning potential.

85% reduction in checkout time
70% decrease in cart abandonment

Increased Data Improves the Accuracy of Fraud Decisioning

The 3D Secure 2.0 platform delivers 10 times more data than the original 3D Secure 1.0 technology.

3D Secure 1.0 data
3D Secure 2.0 data

By increasing the amount of data that is shared, the technology’s fraud decisioning capabilities are more accurate. Merchants experience a decrease in false declines (good transactions that are incorrectly labeled as fraud and unnecessarily declined). Plus, more fraud attempts are successfully blocked. Visa estimates merchants experience 40% less fraud.

In-App Capabilities Enhance the Mobile User Experience

With 3D Secure 1.0, the desktop user experience wasn’t ideal. But on mobile websites and apps, it was often completely dysfunctional. 3D Secure 2.0 includes a total redesign of the mobile experience.

In many situations, the available device information is enough security authentication to approve the transaction without any additional input from the customer.

But if the transaction does need to be challenged, the process can be completed within the app. Merchants can incorporate 3DS2 into their mobile apps, ensuring the look and feel of the checkout experience remains constant from beginning to end.

Imagen
3D Secure 2.0 flow on a phone

Standardization Enables International Use & Compliance

It was especially challenging for international businesses and consumers to use 3D Secure 1.0. Payment processes, legislation, and security requirements vary by region, and 3DS 1.0 wasn’t universally compliant.

Updates to 3D Secure 2.0 addressed these concerns, and the technology is now able to be used more consistently across international markets.

In fact, merchants can use 3D Secure 2.0 to comply with Europe’s updated payment services directive (PSD 2) when strong customer authentication (SCA) is required.


How Does 3D Secure 2.0 Impact Chargeback Management?

If you, as a merchant, are considering adding multi-factor authentication to your chargeback prevention efforts, there are a couple of things to note.

Potential Benefits

There are several different tools and tactics that can help prevent chargebacks. 3D Secure 2.0 is a viable option, along with address verification service (AVS), card security codes (CVV, CVC), chargeback prevention alerts, order validation, and more.

One thing that makes 3D Secure 2.0 different from most other available tools is that it includes a liability shift. If fraud does happen, the less protected party is responsible for the financial loss.

This means 3D Secure 2.0 can be a useful way to prevent both fraud and the resulting chargebacks. And if authenticated transactions are disputed, they should be easy to fight and win.

Potential Drawbacks

Just like all fraud detection tools, 3D Secure 2.0 does have its faults.

First, it’s possible that 3D Secure 2.0 could turn away good customers and limit your earning potential. Even though 3DS 2 is a more seamless process than 3DS 1, it can still cause friction. And, you run the risk of false positives with any fraud tool you use.

Second, 3D Secure 2.0 might have a negative ROI for your business. If you have tight profit margins, the extra cost per transaction might be more than your bottom line can handle.

Lastly, the technology may only be effective at preventing a small portion of your chargebacks. 3D Secure 2.0 is only capable of verifying the shopper’s identity. It can’t, for example, prove you sent the right size sweater or delivered the ebook like you promised.

Best Practices for Using 3DS 2.0 to Prevent Chargebacks

Because there are pros and cons associated with all chargeback prevention tools, you can’t rely on a single tactic to manage risk. Rather, you should create a multi-layer chargeback prevention strategy.

Using multiple tools at various stages of the transaction lifecycle creates the most comprehensive protection possible.

Yet managing several different tools and strategies can be a complicated task. Fortunately, with Kount’s help, you can simplify processes, automate responsibilities, and consolidate data.

If you’d like help creating an effective yet efficient chargeback prevention strategy, contact our team of expertscontact our team of experts. We’ll help you determine which tools and tactics are right for your business.

Schedule a call

Related content

See more related content

AUTHOR

Jessica Velasco

Content Manager for Marketing

For nearly a decade, Jessica Velasco has been a thought leader in the payment dispute industry. She aims to provide readers with valuable, easy-to-understand resources.