Tokenization
Learn about the importance of tokenization when it comes to secure online payments.
Learn more
3D Secure is an authentication protocol to improve the exchange of online transaction data and protect consumers. It helps merchants meet the EU’s Strong Customer Authentication (SCA) requirements in place since 2019.
With the European Union’s Strong Customer Authentication (SCA) standards now mandatory for all online transactions in Europe, card issuers and banks must implement two-factor authentication for all card payments. Part of the EU’s Payment Security Directive 2 (PSD 2) regulations, SCA is intended to better protect consumers from fraud and abuse, and applies whenever an EU-based shopper makes a payment.
While some exemptions apply, merchants shouldn’t rely on these exemptions when it comes to accepting online payments in Europe. By adhering to the most secure flows, merchants can ensure the highest approval rates and reduce the risk of a transaction being declined due to non-compliance.
Under the previous regulations governing payment security in Europe, a protocol known as 3D Secure 1.0 was used in order to verify digital payments. With the new regulations, 3D Secure 2.0 is an updated version of the protocol that makes it easier to collect and process customer payment information in accordance with SCA requirements.
Current challenges of 3DS implementation in Europe stem primarily from the failure to complete payment flows. This can be due to unfamiliar authentication processes or technical difficulties, or broken flows at the backend.
PayU’s data analysts recently discovered that many banks did not implement all requirements such as responsive web design, two-factor authentication, and other technological conditions that significantly affected customer experience. Conversion rates due to these gaps have plummeted to 30%-40%.
While SCA is still mandatory only in European countries, other markets are also warming up to the idea of implementing 3DS 2 to increase the security of their payments and offer a more frictionless customer experience.
3DS is beneficial in more than just payments. Adding cards to digital wallets, the use of open banking services, as well as financial services apps are all utilizing 3DS flows. This might soon contribute to the spread of 3DS 2.0 beyond Europe to become an increasingly global standard.
Implementing 3DS protocols and streamlining procedures can be a drag. Through real-time transaction monitoring, PayU’s payment solution helps merchants identify and fix decreases in payment approval rates due to 3DS. Thanks to its intuitive nature, businesses can easily spot and change their routing configurations using PayU’s Smart Routing Engine.
To increase the payment conversion chances PayU can optimize the 3DS authentication type and route the transactions to a better performing 3DS 2 version – while communicating with card schemes and issuing banks to improve UX and troubleshoot issues that arise.
We have two ways of managing soft declines: PayU can step in on behalf of the merchant, or the merchant can handle Soft Declines via the PaymentsOS API.
Learn about the importance of tokenization when it comes to secure online payments.
Learn more
See how PayU can help you remain PCI compliant while maintaining frictionless payments.
Learn more
PayU’s anti-fraud module protects online transactions while maintaining high approval rates.
Learn more3D Secure (3DS) authentication is a security measure that occurs when a cardholder initiates an online payment during checkout. During the 3DS authentication process, the cardholder must authorize the transaction with a security key provided by the bank that issued the payment method used during the online purchase. 3D Secure is a security protocol set in place between merchants, payment acquirers/processors, and card issuing banks meant to secure online credit and debit card transactions.
Strong Customer Authentication (SCA) is a new authentication mechanism based on three layers of transaction authentication. During the authorization of payments via 3D Secure, the cardholder must present the following authentication keys: Something that they know (a PIN code provided by the issuing bank); Something that they own (smartphone or in-app notifications to authorize the payment); Something they inherit (biometric elements – fingerprints, facial recognition).
3D Secure 2 authentication is the updated 3D Secure protocol for online payment authorization, officially released in 2020. The new version was launched to cater to the new requirements enforced by PSD2 and SCA in Europe.
The Payment Service Directive 2 (PSD2) was proposed in 2018 and enacted in 2019 by the European Commission and European Central Bank in order to fight fraud and increase security for eCommerce and online transactions in Europe. The PSD2 updates implemented the Strong Customer Authentication (SCA) process for online transactions which requires cardholders to go through 3 layers (2 are mandatory) of authentication when making an online or e-commerce payment. PSD2 is applicable only for businesses and cardholders located in the European Economic Area (EEA) – but the standards are increasingly shaping authentication practices for online payments globally.
Strong Customer Authentication (SCA) is required after a consumer or cardholder based in the European Economic Area (EEA) is attempting to make a purchase or online payment on a merchant platform also based in EEA.
3D Secure authentication occurs during the checkout. After a consumer or cardholder has confirmed the order, depending on the payment amount or if the merchant has their card details stored on file, they are automatically redirected to the 3D Secure page. On the 3D Secure page, the user must add a password provided by the issuing bank or log into their banking application and confirm the transaction by pressing a button, inserting a password, or presenting their fingerprint.