Why Do You Need 3D Secure 2 for Your Business?

If you need to accept online payments from your customers, you should think of a reliable security technology that you are going to use.

One of the options you can consider is 3D Secure 2 (3DS2). Find essential info on this protocol in this article.

What Is 3DS2?

It is an authentication protocol used for online payments made by cards. It provides an extra security layer for such transactions. The name comes from the use of three domains, including the following:

  • Acquiring

  • Issuer

  • Interoperability (it works like glue between the previous two domains)

3DS2 is a second better version of the protocol. It was created to sort out the following drawbacks of 3DS:

  • The inability of some users to undergo the 3DS authentication procedure on their devices

  • Compatibility issues with some mobile browsers

  • Sometimes too slow loading speeds

  • Quitting a purchase procedure due to an additional step that customers had to take

  • Others

Is 3DS2 Mandatory?  

According to the new PSD2 legislation, it is not mandatory to utilize this protocol. It requires the use of Strong Customer Authentication (SCA) for processing payment transactions online. 3DS2 includes SCA. This protocol is going to become obligatory by the end of 2020. This means that it is also a matter of time when all the merchants will need to implement this protocol. The sooner you do this, the better it will be for your business.

How Does the Protocol Work? 

Buyer enters their bank card details during the checkout procedure. An authentication request is then sent to the issuer. It includes certain essential data, such as the amount of transaction, device, and others. The next stage is determining the level of risk of this transaction. In case the payment is considered high-risk, additional actions are required from the cardholder, such as identity verification using biometrics or other reliable security measures.

If the transaction falls in the low-risk category, no further actions are required. The authentication result is sent to the merchant who submits the transaction for authorization with the relevant info on the authentication result.

The Reasons to Opt for 3DS2

Every merchant that opts for a global payment processing solution to be able to accept payments from customers also needs to think through other matters, such as sufficient security. 3DS2 is a good option, and it also comes with plenty of great benefits.

Rich Data Exchange

3DS2 allows going through authentication procedures based on the level of risk. It uses various types of data to access it, including the following:

  • Geo-location

  • Shipping address

  • Device ID

  • Others

For low-risk transactions, no additional actions are required from customers, which ensures a secure and convenient shopping experience. However, in case of high risk, additional actions from a customer will be required, which is essential for the protection of both the merchant and the cardholder. According to the information from Visa, additional verification will be required in less than 5% of cases.

Lower Risk of Fraud

The number of fraudulent attempts to use credit cards is increasing rapidly. Therefore, it is essential to use additional security methods, such as 3DS2. This protocol allows online vendors to accept payments only from legitimate buyers. The thing is that if a scammer uses someone else’s card details, one will not be able to undergo additional verification procedures, such as entering PINs.

No Chargeback Liability due to Fraud

One of the major benefits that merchants can enjoy by opting for 3DS2 is that they are no longer liable for satisfying chargebacks due to fraud. It is now the responsibility of the cardholder’s bank. In fact, that is one of the reasons for additional verification procedures that buyers must undergo. It is particularly related to transactions involving large amounts of money, such as when purchasing airline tickets.

Issuing banks supporting 3DS2 provide merchants with guarantees of payments. In case of a chargeback from a cardholder due to fraudulent reasons, the seller will not have to return any money, since this must be done by the bank.

However, this does not mean that you, as a merchant, will not be dealing with any chargebacks ever again if you switch to 3DS2. The thing is that all chargeback requests are divided into two separate categories, including the following:

  • Non-fraudulent

  • Fraudulent

The first category includes chargebacks requested by legitimate buyers. The most common reason for such requests is that a buyer is not happy with a purchase or service that he/she opted for. Fraudulent chargebacks include attempts of a buyer to get money back despite being satisfied with the good/service or use of someone else’s credit card details.


The implementation of 3DS2 is unavoidable for online merchants. They will have to switch to the use of this technology anyway, so why wait? This protocol also allows enjoying a range of great benefits, such as enhanced fraud protection, better customer experience, and more.