3D secure
3D secure is a protocol used in credit, debit, and other card transactions as an additional method of security. The technology was first deployed by Visa. Now it is also implemented by MasterCard and other networks. We recommend using this protocol for increasing the security of payments.
The classic way of card verification, based only on the card number, expiration date, CVV number, is not very effective for security. Anyone who got these numbers or stole the card could make transactions without the permission of the original cardholder. With the help of 3d secure verification, it would be much harder to use the card of another person without permission, even if its CVV and other details are known to other people.
The goal of this method is to add more steps of verification during the payment. To buy something online, a cardholder doesn’t only need to use the card number, expiration date, and CVV, but also need to confirm their identity by phone or enter the code from SMS. Even if another person steals the original card and wants to use it for buying something but 3d secure authentication failed, they cannot finish the transaction if they don’t have access to a cardholder’s phone.
When to use this approach
This method helps to protect cardholders from fraudulent payments. However, we don’t recommend to use it with absolutely all cards and payments. 3D Secure makes people take more actions, like answering a phone call or entering the code. It also doesn’t let them finish the payment if they temporarily don’t have access to their phones. Many people find it annoying, even if they know that the 3D secure authentication is increasing their safety.
It is best to find the balance and use this protocol only for specific type of cards or for the riskiest transactions. For example, additional verification may be required if a user logs in from an unusual place or another country where they don’t live.
What is Version 2.0?
The specifications for the 2.0 version of this protocol came out in 2016. 3D secure 2.0 has such advantages as improved messaging, fast performance in message processing, non-payment authentication of online users, and specific extensions to meet custom regulations and requirements.
This version of the protocol also has better datasets for authorization based on risks, prevents payments made by thefts if a card was stolen, and allows the merchant-initiated verifying of user accounts. It provides better support for different devices used for payments.