3DS payment gateway
What is 3DS?
3D Secure represents a user authorisation protocol for card-not-present operations. Visa and MasterCard created it to provide an additional layer of security for e-commerce transactions. This protocol allows for exchanging data between the merchant, the card issuer and, if necessary, the consumer to confirm that the original account holder initiated the transaction. The 3D Secure payment protocol is an effective preventive measure to be taken by e-commerce business owners to protect their businesses and their customers from potential fraudsters and decrease the likelihood of unauthorised charging and chargebacks.
The concept of a 3D Secure technology arose since three domains are involved here: a merchant or an acquirer, who requests the payment card data, a payment system that redirects the payer to a password confirmation page, and the card issuer’s domain or a specialised service, where a confirmation page is formed, and the entered security codes are checked.
What is a 3D Secure payment gateway?
A 3DS payment gateway is a gateway that utilises the 3D secure protocol for users' authorisation when they pay for their purchases in an online store. Making an online payment via a 3DS payment gateway, a cardholder should prove their identity by entering a code, temporary PIN, or password.
How does 3DS payment gateway work?
So, when you use a 3D secure payment gateway, the process of authentication comprises the following steps:
- Collection of card data. It requires the credit card number, expiration date, cardholder's name, and authentication code (for example, CVC2).
- 3D Secure registration check. The system checks if the card is registered for 3D Secure authorisation.
- Redirecting to the 3D Secure page. If the outcome of the previous step is positive, the purchaser is redirected to their card provider's 3DS page.
- Additional security check. The client should provide a unique one-time code sent via email or message.
- Redirecting back to the website. After the successful authentication, the client is returned to the merchant's website to proceed with the purchase.
- Confirmation of payment. After the redirection to the website, the purchaser is informed of a successful payment.
The importance of using 3D Secure payment gateway
The 3D Secure payment technology minimises card fraud risks for merchants due to the liability shift issuing bank is responsible for the transactions performed with this type of verification. All the authentication data provided by the customers is stored on the payment server of the issuing bank. The online store does not have access to it, except for a part of the information on the payment card details, but in the amount allowed by PCI DSS.
Payment gateway providers take these measures to increase cardholders' data security. If to look at the advantages of 3DS payment gateways for merchants, the main one is decreasing the likelihood of chargebacks. It is important for high-risk merchant accounts and for general business performance health.
What is 3D Secure 2.0?
3DS 2.0 is a next-generation version of the 3DS protocol developed and owned by EMVCo. It aims to eliminate the pain points of version 1.0 and significantly increase the attractiveness of the technology for market participants, the quality of the assessment of the transaction legitimacy, and the need for its authentication.
Compared to 3D Secure 1.0, the following changes have been implemented in version 2.0:
- Support for various devices and channels was added. The new mobile SDKs allow authentication directly in the mobile application without redirection to the card issuer's website.
- More convenient authentication methods, such as biometrics and tokens, are used instead of static passwords.
- The amount of data transmitted for authentication has been significantly increased, allowing for high-quality Risk-Based-Authentication (RBA).
The benefits of implementing 3DS 2.0
With 3DS 2.0 updates, merchants can receive more data when interacting with issuing banks and payment gateways. It allows them to collect valuable insights about the transactions after the order is made. For instance, the number of times a customer was redirected to the 3D secure payment page, as well as the percentage of authenticated payments, can provide a complete picture of customer behaviour. This, in turn, provides analysts with important statistics on fraudulent transactions and activities, helping to improve the protection system.
The transition to 3DS 2.0 is objectively necessary against the background of a fragmented payment landscape, including the widespread use of mobile devices, unpredictable changes in user behaviour (for example, due to a pandemic), and higher requirements for usability, stability, and speed of payment instruments.
- Adaptive payment process in mobile phone browsers, as well as mobile applications.
- The ability to embed the authentication process into applications (without going to the browser).
- Ability to approve a transaction without manual data entry.
- Additional authentication methods using biometrics and security tokens.
- Increased convenience for consumers, resulting in lower shopping cart abandonment rates.
At Corefy, we empower clients to switch to the new 3D secure payment standard and access its unique advantages. Our integration team has been actively adapting our PSPs connectors to 3DS2, trying to make the transition seamless for a customer. The more providers offer support for 3DS2, the more connectors we can adapt to the new standard.
Ready to boost your business to the next level?
Get in touch with us and we will try to provide you with the most relevant offer.