Every year, the number of debit and credit card holders is growing. Users make thousands of payment processes per day: someone pays for purchases in online stores or transfers money, while others make transactions between their accounts. Along with this, new ways of fraud appear when money is debited from the account without the knowledge and consent of the owner. Therefore, in order to minimize risks, protect personal data, and keep funds safe, 3D Secure technology was invented.
What does 3D Secure mean?
3D Secure is a two-step verification technology used to increase the safety of online payments. When making an online transaction, the user receives a message with a unique one-time password. With this password, the user confirms that the payment is being made by him and not someone else.
Why is the 3D Secure protocol called that way?
3D does not mean that the operation is carried out in some three-dimensional space. The term comes from the abbreviated names of the Three Domains. They are involved in the money exchange procedure and provide protection for the funds transfer from the owner to the seller.
- The issuer domain is the bank that issued the card being used.
- The acquirer domain is the merchant’s or the bank’s system where the money is transferred.
- The interoperability domain is the infrastructure that is applied when paying with a card to support the 3D Secure protocol.
What is the difference between 3D Secure 1.0 and 2.0?
3D Secure 2.0 was developed as a replacement for the 1.0 protocol. The developers took all the shortcomings of the previous version into account and added new features to improve and speed up the protocol.
1. Enhanced user experience
Merchants can now integrate a faster and easier authentication process when making a payment on their website and maintain a high level of security.
In the previous version, authentication occurred using PINs or passwords, and in 3D Secure 2.0, clients can be authenticated using biometric data (fingerprint/facial recognition), sending a code to a mobile phone, or providing tokens. In addition, redirection to a third-party website is not required with this authentication method.
This new feature helps merchants solve the responsiveness issue, speed up the process of making payments for customers, and significantly increase the conversion rate.
2. Implementation of risk-based and frictionless authentication.
Another important difference between 3D Secure 2.0 and the previous version is the procedure for verifying transactions. Nowadays, all financial transactions are subject to validation, and there are also methods for automatic transactions verification based on risks — RBA (Risk based authentication).
If the transaction is determined to be non-risky, then the issuing bank will apply frictionless flow (automatic confirmation) and will not request additional verification using manual entry of information by the cardholder. However, manual cardholder validation has always been required in 3D Secure 1.0.
Notwithstanding, if the risk of fraud in this transaction is above a certain threshold, the bank will ask the client to provide additional information to verify the correctness of the payment.
3. Changing the responsibility of merchants in chargeback cases.
In 3D Secure 2.0, the chargeback liability rules have changed. Issuing banks conduct a more complete and extensive verification of transaction data to assess the risks of a financial transaction more accurately, so if the transaction was successful, then it is the issuing bank that is responsible for chargebacks. Nevertheless, if the issuing bank did not approve the transaction or recorded an error, then the merchant is responsible for the chargeback.
4. Support of various devices and channels
Furthermore, 3D Secure 2.0 provides comprehensive interaction with the client via various payment channels, including payments through mobile phone browsers, transactions via digital wallets, as well as payments in applications.
UniversePAY keeps up with the times, thus we set up all payment integrations with the ability to support the 3D Secure 2.0 protocol.