3D Secure (3DS) is a security protocol used to verify customers when they make purchases online. Here is how it works: if a merchant doesn’t use the 3D Secure protocol, all their clients will need to enter when buying something on their website is their payment details (credit/debit card number, CVV, etc.). But, if a 3DS is enabled, customers will also need to verify that the payment information they provided truly belongs to them. To do so, they need to enter an OTP or a permanent 3DS password.
In 2016, the 3D Secure 2.0 version (3DS2) was introduced. The 3DS2 version brought on new features, like biometrics authentication, and enabled mobile device integration. 3DS2 also can evaluate transactions based on 150 data points, compared to 15 data points in the 3DS version. This means that 3DS2 is more likely to detect fraudulent transactions and improve customer experience.
The key differences between 3DS and 3DS2 are authentication method, integration with a mobile phone and the amount of data gathered:
- 3DS2 introduced authentication through OTPs or biometrics, which is much more comfortable: you don’t have to remember anything; hence the transaction goes faster and smoother, and this data has minimal chances of being stolen from you;
- the 3D secure 2.0 version is integrated with both mobile apps and browsers;
- the updated protocol has access to 150 data points to evaluate the transaction, while the old one only had 15 of those; in this case, if the transaction seems just right, a card owner will not be subjected to the verification, spending less time to complete the purchase.
There are three scenarios 3DS2 sale can follow:
- Challenge - the customer has to verify transaction through OTPs or biometrics.
- Frictionless - the authentication is done based on gathered information without any additional actions from customers.
- Fallback - the card does not support 3DS2 so the transaction will be processed as 3DS.
Taking all these into consideration, it is clear that, thanks to the update, 3DS2 payment processing makes the verification process faster and more customer-friendly with less friction and cart abandonment issues. Thus, more merchants give the security protocol a shot. Moreover, in some countries, the use of 3D secure is a must because of the regulation, and we’ll discuss it in the next part of the blog post.