Site logo

What is 3D Secure and how does it work?

The E-commerce Attack Rates report by Experian Information Solutions reveals that approximately 6.64% of the U.S. population fell victim to online identity fraud, while incidents of e-commerce fraud attacks surged by nearly 30% in 2018 compared to previous years.

Fortunately, there are effective preventive measures available to safeguard your e-commerce business and customers from payment fraud. If you’re seeking ways to minimize the risk of unauthorized charges in your online business, it’s crucial to consider implementing 3D Secure.

Developed by Visa and MasterCard, 3D Secure, also known as 3DS, is a technical standard that adds an additional layer of security to online credit and debit card transactions.

Various card networks have created their own transaction products based on the 3D Secure framework:

MasterCard SecureCode

Verified by Visa

Discover ProtectBuy


The acronym 3DS stands for 3 Domain Server, which aptly describes the technology’s structure involving three entities in every 3D Secure transaction:

The Acquirer Domain

the merchant's bank accepting card payments.

The Issuer Domain

the organization that issued the card being used in the online transaction.

The Interoperability Domain

payment systems that act as connectors between an Acquirer Domain and an Issuer Domain.

How does a 3D Secure payment work?

The 3D security protocol enhances the security of online transactions by introducing an extra layer of payment protection. To finalize an online purchase, the cardholder is required to verify their identity through various means, such as entering a distinctive password, an SMS code, or a temporary PIN.

Here are the initial steps involved in the 3D Secure process:

Step 1

Card information collection
The cardholder enters their unique credit/debit card data.

Step 2

3D Secure enrollment confirmation
The system checks whether or not the card is registered for 3D Secure.

Step 3

Redirection to provider's 3D Secure page
If 3D Secure enrollment is confirmed the client is then redirected to a 3D Secure page served by the card provider.

Step 4

Additional security authentication
On the provider's website, the client will be asked to enter their unique password or a one-time authentication code which will be emailed to their confirmed email address or sent to their confirmed phone number.

Step 5

Redirection to merchant's website
If the cardholder authentication went successfully the cardholder is then redirected back to a merchant's website for payment confirmation.

Step 6

Payment Confirmation
Once back on the merchant's site, the customer will receive confirmation of a successful payment.

The benefits of 3D Secure

One of the significant advantages of 3D Secure is its ability to safeguard users and merchants against the risks of payment fraud.

For online merchants, the payment liability shift is an additional benefit offered by 3D Secure. By incorporating an extra authentication step through 3D Secure, the responsibility for fraudulent chargebacks shifts to the issuing bank. This means that even if a customer claims an unauthorized payment from your business, the card provider will typically be responsible for handling refunds.

Reducing chargebacks also translates to more financial gain. 3D Secure helps minimize the resources required for dispute management, chargeback penalties, and fees.

However, it’s important to note that the liability shift can sometimes impact conversion rates. While the 3D Secure protocol is highly effective in preventing payment fraud, it can be associated with higher rates of cart abandonment.

As a general guideline, lengthening the checkout process increases the likelihood of customers abandoning their shopping carts. Introducing an additional authentication step often negatively affects both conversion rates and the overall shopping experience.

What is 3D Secure 2.0?

Making the decision between higher conversions and lower fraud risk can be challenging.

The good news is that with the enhanced 3D Secure 2.0 protocol, merchants can now effectively mitigate fraud while providing an improved customer experience.

The primary goal of the new 3D Secure 2.0 protocol is to facilitate better information exchange among the three parties involved in the transaction.

3DS 2.0 simplifies the payment process by replacing the static passwords required in version 1.0 with token-based and biometric authentication methods such as face or voice recognition.

In essence, the introduction of 3D Secure 2.0 technology means a smoother checkout experience for customers, with reduced waiting times, fewer passwords to remember, and, most importantly, fewer steps required to complete a purchase.

Unlike its predecessor, the 2.0 protocol supports non-browser-based payment methods, including wearables, in-app purchases, mobile payments, and digital wallets.

3DS 2.0 also promises enhanced risk assessment capabilities. When assessing a 3DS 2.0 transaction for approval or decline, over 100 data points are transferred to issuing banks. This is nearly ten times the number of data points compared to the previous protocol. By analyzing a greater amount of information during the authentication process, the system improves its ability to prevent fraud.

As a result of these advancements, merchants can expect to see a decrease in cart abandonment rates and an increase in conversion rates. Experts suggest that utilizing 3DS 2.0 can reduce checkout times by 85% and lower cart abandonment rates by 70%.

The importance of 3D Secure

As the landscape of e-commerce continues to advance, the evolution of 3D Secure technology follows suit.

The introduction of the 3D Secure 2.0 protocol marks a significant stride in the realm of online payments. This technology not only enhances the overall shopping experience but also elevates the level of security associated with online transactions.

If you are currently undecided about adopting this protocol, now is an opportune moment to embrace the advantages offered by 3D Secure technology.