Online fraud has kept everyone on their toes: banks, merchants, and consumers. Card-issuing banks follow a strict process when authenticating payments to ensure all parties are safe from fraud. But this process is often complex and long-winded and causes a lot of friction. There has been a lot of talk about how 3D Secure 2.3 (3DS 2.3) makes e-commerce payment authentication smoother and more secure. EMVCo has made several updates in this latest version. The focus is on improving the 3DS experience for cardholders across devices and channels for all card-not-present (CNP) payments.
So, what’s new with 3D Secure 2.3?
With 3DS 2.3, merchants can seamlessly use 3DS across many devices and channels. On the other hand, it helps card-issuing banks to detect fraud more accurately and quickly. The new version aims squarely at improving the customer’s payment experience by making the authentication process much smoother. So, how does all this happen? Read on to know more.
1. Reduces friction in the SCA process
3DS 2.3 allows merchants to share more data – about transactions, payment methods, and devices preferred by customers, tokens, etc. – with issuer banks. When issuers have more data at hand to verify transactions, customer authentication becomes quicker and easier. An issuer can assess the risks related to a transaction and apply the right level of authentication. This lowers friction and leads to higher transaction approval rates. For transactions identified as higher risk – such as those made from a new device or for a high amount – 3DS 2.3 simplifies the challenge process so that customers can confirm the transaction with minimal friction.
2. Better payment experience for customers
3DS 2.3 comes with an improved user interface (UI) that allows merchants and issuers to communicate clearly with customers and guide them through the authentication process. 3DS 2.3 comes with automated out-of-band (OOB) transitions. This feature allows a customer to easily confirm a transaction that requires authentication in a separate channel. With older versions of 3DS, this is a manual process involving many steps. For e.g., a merchant sends a push notification to a customer’s mobile banking or e-wallet app to approve a payment. The customer leaves the merchant app, logs in to the banking or wallet app, and then reviews and authenticates the payment.
But with 3DS 2.3, the transition between the merchant app and the banking app happens automatically every time OOB authentication is needed. This makes checkout faster and simpler for the customer. 3DS 2.3 also supports device binding. With device binding, consumers can specify that they would like to be remembered on their devices, meaning quicker authentication for future purchases.
3. Seamless use of 3D Secure across devices and channels
3DS 2.3 allows merchants to easily implement 3DS across many devices and channels, including IoT devices, such as smart speakers. It also provides added support for OS and platform partners. 3D Secure 2.3 supports various industry-specific use cases with extensions.
4. Improves security and fraud prevention
3DS 2.3 builds on the security features of earlier versions to protect merchants from fraud-related chargebacks. It allows merchants to comply with the PSD2 and Strong Customer Authentication (SCA). 3DS 2.3 supports a range of authentication methods that merchants can use to pre-screen customers and reduce the risk of fraud, such as FIDO authentication and Web Authentication. FIDO (Fast Identity Online) is a globally-accepted authentication method that allows users to authenticate using security keys or biometric (fingerprint, voice, iris) scans rather than passwords. Merchants can use it across websites and apps. With 3DS 2.3, merchants can apply FIDO authentication after registering the cardholder and the device at a merchant page. This process can be embedded during checkout or sign-up so that customers can authenticate quickly and securely.
How Can Novalnet Help?
Novalnet is a global PSP with deep experience in processing payments for the European industry. Many of Europe’s leading brands trust us with their payments. We can guide you on how to use 3D Secure 2 and make your payments more efficient. Our technology helps you to accept payments globally in 125+ currencies in 150+ automated country-specific payment methods. Using our instant payment plug-ins, set up your payments within minutes with minimal coding. With our AI-based risk management solutions and advanced analytics, you can design the best payment experiences for your customers, all in a fully secure PCI DSS environment.
Reach out to us to know more about upgrading to the latest version of 3D Secure 2.
Gowri Shankar is the IT Application Security Manager at Novalnet with versatile knowledge in Programming and System/Security architecture. Having 11+ years of experience in the financial services industry, Cybersecurity, Payment Card Industry Data Security Standard (PCI DSS). Certified in Advanced Payment Card Industry Security Implementer (CPISI 2.0), Secure Software Lifecycle Professional (CSSLP) from (ISC)².