3DS 2.0 and Strong Customer Authentication (SCA)

3D Secure 2.0 is an authentication protocol to improve the exchange of online transaction data and protect consumers. It helps merchants meet the EU’s Strong Customer Authentication (SCA) requirements in place since 2019.

The importance of 3D Secure 2.0

With the European Union’s Strong Customer Authentication (SCA) standards now mandatory for all online transactions in Europe, card issuers and banks must implement two-factor authentication for all card payments. Part of the EU’s Payment Security Directive 2 (PSD 2) regulations, SCA is intended to better protect consumers from fraud and abuse, and applies whenever an EU-based shopper makes a payment.


While some exemptions apply, merchants shouldn’t rely on these exemptions when it comes to accepting online payments in Europe. By adhering to the most secure flows, merchants can ensure the highest approval rates and reduce the risk of a transaction being declined due to non-compliance.


Under the previous regulations governing payment security in Europe, a protocol known as 3D Secure 1.0 was used in order to verify digital payments. With the new regulations, 3D Secure 2.0 is an updated version of the protocol that makes it easier to collect and process customer payment information in accordance with SCA requirements.

3D Secure 2.0 and your business

Here’s how PayU helps merchants maintain high payment security standards and comply with the latest SCA requirements.

How PayU can help with your 3DS implementation and SCA compliance


Implementing 3DS protocols and streamlining procedures can be a drag. That’s why PayU helps you monitor your transactions and spot decreases in acceptance rates due to 3DS. Thanks to the solution’s intuitive nature, businesses can easily spot and change their routing configurations using PayU’s Smart Routing Engine feature.

Based on online transaction monitoring, PayU can also optimize conversions by routing 3DS authentication type for the better performing one (3DS 1.0 vs 3DS 2.0) while communicating with card schemes and issuing banks to fix issues, improve UX, and increase conversion rates.  

We have two ways of managing soft declines: we step in on behalf of the merchant, or the merchant can handle Soft Declines via the PaymentsOS API.