What is 3D-secure and How Does it Work?
According to PwC’s Global Economic Crime and Fraud Survey 2020 US companies reported that for the last year they lost 42$ billions because of online fraud. The main reasons that occur are: customer fraud, cybercrime, asset misappropriation.
However, don’t panic. There are a number of measures to ensure the security of online payments in any area of business, if you want to reduce the number of fraudulent transactions, then 3D secure technology can help.
3D secure is a security protocol developed by major payment systems and is actively used around the world.
- MasterCard Secure Code;
- Verified by Visa;
- American express SafeKey;
- Diners Club International ProtectBuy.
This technology is based on a three-domain system and provides an additional security layer when processing transactions and transferring payment data:
- Acquiring bank domain;
- the domain of the issuing bank;
- the domain of the payment gateway that links the acquirer and the issuer.
How 3D-secure works?
In order to authenticate the cardholder, several additional steps are added during the transaction, which, although they require additional steps, can significantly reduce the risk of online fraud:
- The cardholder enters payment information on a webpage;
- The payment provider sends a request to find out if 3d-secure technology is active;
- In the case of a positive answer, the customer is redirected to the 3d secure page;
- Further, the cardholder receives a one-time password, which must be entered in the appropriate field.
- The result comes in the form of a response to the server of the payment provider;
- The payment provider transfers the information to the acquiring bank;
- The acquiring bank authorizes the transaction and sends a response whether the transaction was approved or not.
Benefits of 3D-secure
Using a third-party payment processor with 3D secure features significantly reduces the percentage of online credit card fraud.
One of the advantages of this technology is that after a customer has entered a one-time password, they do not need to worry about the security of the transaction. Instead, the responsibility falls on the issuing bank. Thus, it is much more profitable for merchants and their clients when all disputes are resolved through a bank.Thanks to this system, merchants will help fight any payment fraud by keeping customers’ card details safe. Customers, seeing an additional level of protection, understand that the merchant cares about the security of payments, and can be trusted.
What is 3D-secure 2.0?
3D Secure 2.0 is an updated version of 3D Secure 1.0. The main differences are the ability to transfer large amounts of information, a smoother authentication process, and an improved design.
3D Secure 1.0 was developed back in 1999 when computers were the only method of accessing the Internet and making online transactions. Besides, some users had to register in the 3D Secure system separately. This was required to link a static password with a payment card.
Although this type of protection removed full responsibility from the merchant, it had several disadvantages:
- 3D Secure 1.0 had poor integration with mobile apps. As a result, failures often occurred.
- The necessity to remember a static password also negatively impacted the purchase process: customers often abandoned the checkout page without purchasing an item. Also, the static password was often forgotten.
3D Secure 2 has eliminated all the shortcomings of the previous version. Now, most of the processes are being provided in the background, invisible to the average customer.
By the end of 2020, 3D Secure 2.0 will become the official method for authenticating online transactions. This requirement is not mandatory, but the advantages of 3D Secure 2.0 over the previous version are undeniable.
If your issuing bank is located in the European Economic Area then you need to provide strong user authentication, including 3D Secure 2.0.
Can 3D-secure provide a complete fraud protection?
The biggest advantage of 3D Secure in general is the transfer of responsibility for chargebacks to the issuing bank.
Issuing banks provide merchants with guarantees of payment for certain transactions if they have passed 3D Secure authentication. Thus, in case of any possible disputes related to a specific transaction, the merchant will not have to pay funds to the client.
However, this technology is not a panacea for chargebacks.
Chargebacks arise in a certain number of cases:
- The service was paid for, but was not received, or the client did not receive the goods;
- The seller may refuse to accept the goods;
- Double debiting of funds from the card;
- The declared characteristics of the goods do not correspond to the actual ones;
- The cardholder claims that he did not complete the transaction.
In such cases, the bank checks the legality of the transaction. In the event of a non-fraudulent reverse payment, the bank is not liable and the merchant, in case of loss, is obliged to return the funds.
The bottom line
PayOp offers its customers only modern methods of online fraud prevention based on artificial intelligence.