3D Secure: How to Level Up Your Payment System

Sep 06, 2022
4 min
Table of Contents

    With the rising number of eCommerce platforms, the majority of transactions that would have previously occurred in cash now take place online. The history of online payments can be traced back to 1994 when the Standford Federal Credit Union offered its clients an online payment system. The rapid growth of online shopping, online banking, and other services coupled with technological advancements has led to a spike in digital payments. According to Statista, the total value of digital transactions is projected to reach $13.91 trillion by 2026. 

    With the rise of online transactions, so too comes growth in the rate of online payment fraud. According to estimates, eCommerce lost around $20 billion in 2021. To reduce the risk of loss, fraud, and identity theft, payment systems are introducing new authorization technologies. And 3D Secure (3DS) is one of them. Let’s explore what exactly 3DS is and how it works. 

    What is the 3D Secure Protocol and how does it work?

    3DS is a security protocol that acts as an extra layer of security for online card payments and is used for user authentication. For example, a user needs to make a payment on an eCommerce platform. The user enters their data and CVV code and then needs to enter the code sent to their phone number on a pop-page page. This is confirmation that the user behind the screen is the real owner of the card since the given telephone number is associated with the card.

    The name “3D secure” has nothing in common with the notion of augmented reality. It stands for three domains — the acquiring domain (an eCommerce platform), the issuing domain (the banks), and the interoperability domain. 

    1. Issuing domain refers to banks where users can issue their cards and then use them for buying different products or services. Within the 3DS protocol, the issuing bank has to deploy an Access Control Server (ACS) to process 3D Secure messages and authenticate a user. 
    2. Interoperability domain is the mediating layer between the issuing and acquiring domains. The domain allows for exchanges of information between parties via the Directory server and supports the 3DS process. The Directory Server receives messages from the MPI and verifies the card number against the BIN range directory before sending the message to the correct issuing bank. The issuing bank then takes its part and authenticates the user. 
    3. Acquiring domain refers to the payment gateway, the merchant, and acquiring banks. It initiates the transaction that needs to be verified. An MPI (a merchant plug-in) needs to be deployed.

    3DS was first introduced in 2015, but it implied that every customer should go through the authentication process and get forwarded to a security popup form. Since customers needed to complete many steps every time they shopped online, the rate of cart abandonments began to rise. 

    3D Secure 2.0

    The next generation of 3DS is 3D Secure 2. 3DS2 allows for a frictionless flow that doesn’t require forwarding and redirecting while easing the control process for vendors.

    3DS2 doesn’t rely on static passwords, it allows for dynamic authentication via tokens or biometrics. Thus, there is no need for manual data input. The protocol is fully integrated into the merchant’s checkout experience and creates a seamless payment flow for shoppers. All the authentication activities happen in the background. This means drop-off rates will fall dramatically and customers will be more likely to come back to the merchant’s platform. 

    At this time, it’s better to support both protocols, 3DS 1.0 and 3DS 2.0 as some regions are still using 3D Secure 1 authentication. 

    Why implement 3D Secure 2.0 authentication?

    3DS 2.0 is a better version of 3DS 1.0 as it provides consistent payment experiences to consumers regardless of the devices they are using. Merchants can highly benefit from the changes brought about by 3D Secure 2 to drive their sales. Here are some of the benefits for online merchants:

    More approvals

    Since merchants get access to more data points, they can simply authorize legitimate transactions and reduce false declines. 

    Lower drop-off rates

    3D Secure 2 provides a frictionless transaction flow for online customers. No popup screens can disrupt the user journey, and the user is more likely to pay for goods without abandoning their carts. With the introduction of a risk-based approach, there has been a 70% reduction in the drop-off rates in UK transactions.

    But before you can reap the benefits of this new authentication platform, you need to integrate it into your payment system. From a technical point of view, there could be some challenges. That’s why we recommend going with a white-label payment solution like Akurateco that provides you with everything you need to deliver a smooth and secure payment experience. 

    Akurateco and the new 3DS 2.0 authentication protocol 

    Akurateco features an integrated 3DS authentication protocol to keep all transactions secure. Moreover, the platform also supports cascading payments to create a smooth and seamless payment experience. It was designed due to the problems a vast majority of clients faced with the transition to 3DS 2.0. Merchants could face unidentified payments’ declines since not all card issuers support 3DS 2 which led to verification declines and issuers failing to process verification. 

    With Akurateco feature of payments’ cascading, all transactions declined within the 3DS 2 flow are automatically routed to the 3DS 1 flow for processing. All the cascading processes are invisible to cardholders, they are processed in the background by our system. Users only see the final “success” status of their financial transactions. 

    Payment cascading for regular and 3DS transactions
    Read now

    Akurateco can also help with the integration of 3DS 2.0. A few months ago, our team helped a client with integrating the 3DS 2.0 authentication protocol and fine-tuning the integration to payment connector in order to maximize the conversion rate. The client had no experience with the new protocol and needed the help of battle-tested payment professionals. Our specialists resolved the integration issues and the client can now receive and process payment within the 3DS 2.0 authentication protocol. The adoption of Akurateco’s white-label payment gateway and cascading payments have resulted in a higher approval ratio and improved the cardholder shopping experience.

    Summing up 

    The banking world is developing and offering more and more new products that are transforming the online payment ecosystem. No one can deny that the 3DS system is a sophisticated payment authentication solution that has the potential to greatly improve transaction security and the user journey. These factors are vital for customers and for keeping conversion rates high for merchants. So implementing the 3DS 2.0 authentication protocol is a win-win for both parties. 

    Would you like to upgrade your payment system with cutting-edge technologies and security standards?
    Contact us to book a Free Demo with Akurateco experts and start providing a top-of-the-line payment experience for your customers from day one.
    Request a Demo


    Related Articles

    Request a Quote Request a Demo