How 3D Secure Protects Merchants From Fraudulent Transactions

3D Secure protocol is no novelty to the financial world – the principle was introduced to publicity in 2010. Yet, even after so many years, not all online shop owners understand how important it is to use payment gateways that offer 3D Secure authentication.

While 3DS stays optional for business owners, frauds use this (screamingly apparent) breach to spend money from stolen credit cards. It might seem that the criminals in this situation are evident, but in most cases, the authorized body will put the blame on the merchant due to the inability to reach the actual thieves.

Instead of monitoring all the suspicious transactions on your own and waiting cautiously for the charges to arrive, you can do yourself a favor and gather support from a 3D Secure payment gateway in advance.

3D secure is a protocol that was developed by Visa and MasterCard. It adds a layer of security to Internet purchases, allowing to verify that the money transactions are made with the approval of the card holders.

It is a widely spread procedure that usually goes on like this:

• the customer submits his credit card information to the online shop
• that information is then sent to the payment processor, that determines the emitter (the bank that issued the above-mentioned card)
• the payment processor sends a request to the emitter bank, making sure that the transaction is legit
• the emitter sends the unique generated password on the phone number that is associated with the customer’s account
• the customer receives the message, and, if the payment is made with his consent, he types the unique code in the appeared form
• if the code is correct, the purchase goes on without perplexities – the money is sent to the acquirer bank

As you can see, there are three active participants in the scheme. This is why the protocol obtained the name “3D” – as there are three domains that guarantee the secure transfer of a buyer’s money to a merchant.

3D Secure online payments have stimulated eCommerce greatly. With the protocol taking place, even is some sensitive data was obtained by frauds, no purchases could be made without a customer knowing about them and admonishing them.

Or so everyone thought.

If 3D secure verification exists, then why people still discover their credit cards being robbed?

It is because not all merchants have recognized the importance of the 3D Secure system. Despite the universal validity of the protocol, it is not compulsory, which leads to a number of online sellers sticking up with the traditional insecure acquiring methods.

For the transaction to be protected by 3D secure, it is necessary that:

• the customer’s credit card is issued by the bank that supports 3D secure
• the shop, where the payment is made, has a 3D secure payment gateway

Otherwise, even if the card is protected by 3DS, the transaction will be fulfilled with no additional security measures. And this is where the internet frauds come into play.

Stealing credit cards and purchasing goods allows the actual criminals get off scot-free. Having no way to reach the criminals, the authorities would undoubtedly charge the merchant for the illegal transactions, as this is the procedure the law demands.

There’s no guarantee that the authority will reach the frauds, but there’s a great chance that you, as a merchant, will be made to pay back the lost money. So, at the end of the day, the seller would be left without money and goods, but with a rich criminal history. What are the alternatives?

They’re quite simple: instead of putting under a question your customer’s protection and the absence of illegal money transfers, you can find a reliable 3D payment gateway. Aside from its main function, it would shift the liability from you to the emitter bank, in case any of the transactions would appear fraudulent.

So, even if the payment from the person will be fabricated, and the case will be investigated by the authorized body, you won’t take responsibility for it. The presence of a payment gateway that supports 3D secure automatically protects you from all the possible accusations.

According to the statistics, about 23% of all online purchases aren’t completed because of an unoptimized checkout system. It includes too slow processing speed and additional steps (like 3D secure authentication) due to which the shopping carts are left abandoned.

This leads to merchants preferring old payment methods in prejudice of the protection 3DS principle offers.

A little they know, it is possible to combine both the security and a smooth checkout together, making sure that the credit card transaction is made by its owner. This is what 3D Security 2.0 offers to online sellers.

Seeing the amount of the merchants, who refuse to sophisticate the authentication process, Visa and MasterCard updated 3DS and released the new second version of the protocol.

The first version of the 3D secure system was built in 1999. Therefore, it wasn’t backed with cool technologies – it was a simple tool that fulfilled its functionality with no add-ons or surprises. The newest version of 3DS – the 3DS 2.0 – was announced in 2016. It is an updated, more complex yet less burdensome protocol that uses the principle of risk-based authentication in order to make the process of identity verification simpler.

The 3DS 2.0 analyzes several factors to avoid requesting additional safety measures. Instead, based on:

• IP of the device
• the previous history of customer’s purchases
• unique behavioral patterns
• location of the device
• delivery address

..and around 100 additional characteristics, 3D Security 2.0 computes the size of the risk that on the other side of the screen, there is a fraud rather than a real card’s owner.

If the size of the computed risk doesn’t succeed a certain number, there would be no additional codes/checks – the transaction will simply go further with no interruptions. Such swift processing of the order allows to drastically reduce the highlighted cart abandonment rate – this way, the main problem why merchants refused to use 3D Secure transactions is eliminated.

Using the advanced version of the 3DS2 protocol, the online shop achieves two essential yet conflicting points:

1. proving the ownership of the credit card and the legitimacy of the transaction
2. making the checkout as quick and smooth as possible

This is possible thanks to the automatic analysis of the customer’s buying session and calculation of the risks associated with it. With 3D Secure 2.0, your client wouldn’t even notice that any kind of verification was made, which is an ultimate goal the protocol tried to reach.

So, if you’ve finally decided to both protect yourself from criminal liability and make UX of your website seamless, you can turn to PayOp for help. We take care of your reputation and safety of your clients, which is why we provide 3DS and 3DS 2.0 protocols support to almost all acquiring methods. Wherever you carry on your business, you can be sure that the transactions to your bank account would be as secure and frictionless as you want them to.