Seamless Payment Experiences With 3-d Secure 2.0

By Author: sifip
Total Articles: 686
Comment this article

3-D Secure 2.0 has bridged the gap between safe payments and exceptional customer service. Discover how this updated protocol enables frictionless payments through online payment gateway while increasing the speed and security of digital transactions in browsers, mobile apps, and connected devices.

Digital commerce appears to be expanding at an incredible rate. Payment options are rapidly expanding as the Internet of Things (IoT) expands. According to IoT Analytics, 14 billion connected devices are expected in 2022, with a projected increase to 27.1 billion by 2025.

Consumers are using card-not-present (CNP) payments in greater numbers than ever before, making it more difficult to verify the consumer's identity and the transaction's validity. This is especially true in the post-EMV era, when widespread POS fraud elimination has pushed criminals to the CNP channel. Add to that the problem of false positives, where more than half of all declined transactions are legitimate, and merchants risk losing a lot of money.

It just goes to show how important new methods of preventing fraud are now more than ever. The ...
... key is to find effective fraud prevention mechanisms that do not interfere with the customer experience. Online payments should be quick, simple, and secure for customers. This is where 3-D Secure 2.0 comes into play.

What is 3-D Secure?
For many years, the original 3-D Secure (Three Domain Secure) authentication was used as an additional security layer for card-not-present (CNP) transactions. It acts as a channel of communication between the three domains involved in these transactions: financial institutions, online merchants, and payment processing technology/networks. The first version, which was intended to increase consumer trust in online transactions, introduced unnecessary friction and false positives, resulting in increased purchase abandonment.

The holy grail of every merchant is to facilitate as many legitimate transactions as possible while preventing fraud. The original protocol's flaws have been addressed in the release of the newer version, which enables a secure, real-time information-sharing mechanism. The 2.0 version enables merchants to share a large number of transaction attributes with issuers in order to authenticate customers more efficiently and effectively.

3-D Secure 2.0 – An Evolving Protocol for Frictionless Payments
Merchants can still purchase Version 1 as an option. Merchants should, however, upgrade to the latest version, which supports token-based and biometric authentication over static passwords. This newer version, also known as EMV® 3DS or 3DS2, enables the transmission of rich data in transactions, enabling risk-based decisions on whether or not to authenticate a transaction. 3-D Secure 2.0 will use token-based and biometric authentication, eliminating the need for customers to remember static passwords and eliminating the need for initial enrollment.
Allowing for additional data during transactions will enable risk-based decisions on whether or not to authenticate. As a result, the customer experience should be enhanced and simplified, resulting in fewer abandoned transactions and a more frictionless consumer experience.

The new version also supports "frictionless flow," which is enabled by the replacement of the Merchant Server Plug-in (MPI) with the 3DS Server, which is part of the "3DS Requestor Environment" (aka the merchant's domain's collective components). In essence, rather than cardholder interaction, the issuer can approve a transaction using risk-based authentication on the Access Control Server (ACS).

This risk-based authentication also gives the merchant more control over the outcome of the transaction. The 2.0 protocol allows merchants to share a wealth of information (device ID, historical payments, location, registered users, and so on) with the issuer, which also has a wealth of information and can vouch for its cardholders.

Finally, 3-D Secure 2.0 shifts liability from the merchant to the issuer in the event of a dispute or chargeback. As long as a transaction is authenticated, the merchant is not liable for disputes or chargebacks (or attempted authentication occurs).

New Version, New Benefits
The protocol has evolved to meet the needs of consumers and merchants, resulting in increased security and a better customer experience. Some of the ways the new version improves the overall experience are as follows:

Stronger Authentication
The newer 3DS uses biometric authentication via face or voice recognition rather than a static password for authentication. There are several benefits here. For starters, it frees the customer from having to remember a static password. It also eliminates the possibility of fraudsters stealing passwords by removing them from the equation. Perhaps most importantly, it removes some of the friction from the customer experience, resulting in fewer purchase abandonments from dissatisfied customers who have been asked to jump through too many hoops.

Enhanced Customer Experience
Customers will no longer need to remember static passwords or go through the initial enrollment process while shopping, thanks to the new protocol. Fewer interruptions mean fewer chances for a customer to back out of a purchase. Furthermore, merchants can now provide a consistent look and feel to the user interface across devices, eliminating the vexing pop-up box of the past. The newer version is undeniably more customer-oriented.

Various Devices Support
A framework for cross-device authentication is also included in the new version. The 3-D Secure protocol can thus be used with browsers, applications, mobile devices, and other connected devices.
This extends the protocol's authentication capabilities beyond card-based transactions. This means that 3-D Secure 2.0 will be able to accept mobile payments, the best online payment gateway, digital wallet payments, and in-app payments.

In Conclusion
The bottom line is that the new 3-D Secure 2.0 protocol provides rich data-backed authentication to merchants and issuers, allowing them to make intelligent authentication decisions based on their knowledge of customer behavior. All parties benefit: the legitimate cardholder can make frictionless purchases, and the merchant and issuer can prevent fraud without impeding legitimate sales. As a result, revenue rises, operational costs fall, and fraud-related losses fall. In short, merchants and issuers combat fraud while allowing legitimate transactions to proceed.

It's also worth noting that the inherent multi-factor authentication (MFA) of 3-D Secure 2.0 makes it an appealing tool for the European market, which operates under the revised Payments Service Directive (PSD2), which requires MFA for all transactions. In fraud cases, merchants who do not enable or facilitate multi-factor authentication are held liable, making 3D-Secure 2.0 an ideal solution for reducing liability.

Early adoption of this technology has already begun, with Visa rules for merchant-attempted 3-D Secure transactions being pushed to 3-D Secure 2.0 in April 2022. Merchants can then test and fine-tune their implementations. Lower fraud and abandonment rates for merchants should result in a better, more frictionless experience for customers.