Back to Insights

3D Secure 2.0 is the new payment gateway standard changing the game for eCommerce

an overview of the new payment gateway standard

for 3D Secure 2.0 is the new payment gateway standard changing the game for eCommerce at NIU Ltd.

What is 3D Secure 2.0?

3D Secure 2.0 is a new payment gateway standard. It brings a new approach to authentication. This is done through a wider range of data and biometric authentication.  3D Secure 2.0 results in an improved online experience. Through this new protocol, many of 1.0’s issues are addressed. In doing so it brings a host of benefits on all sides. This is achieved through the support of rich data being submitted during transactions to enable issuers to make risk-based decisions prior to authentication. 

What are the benefits?

Some of the benefits include:

  • Improved decisions on authentication leading to better acceptance 
  • Enhanced security 
  • Innate support for mobile applications 
  • Support for non-payments transaction authentication 
  • Better customer experience

3D Secure 2.0 – Important Timelines

EU Issuers and Acquirers are expected to offer 3D Secure 2.0 from mid-2019 onward

PSD2 requirements for SCA (Strong Customer Authentication) comes into effect on the 14th of September 2019. It’s good news that the built-in 2-factor-authentication support within 3DS 2.0 will bring transactions in-line with PSD2 requirements.

Increasing authorization rates with data sharing

3DS 2.0 is much more than a redirect. The combination of certified SDKs in the checkout flow, paired with data sharing APIs, means that 3DS 2.0 can be used as a tool to share rich data between businesses and banks. Over 100 potential data points are shared with issuing banks. This means that the information you and card issuers know about your mutual customers can be used to make better risk decisions. The more information you have to support authentication cases, the higher the chances of authorisations.

With 3DS 2.0 it is possible to share data between banks and merchants silently in the background. Authorisation rates can be increased with no perceivable change to the checkout flow by customers. Furthermore, a Dynamic 3DS service will help businesses decide when to send additional data to banks, automatically targeting transactions that are likely to see an uplift if data is shared.

This is interesting for businesses that don’t need to use 3DS 2.0 for fraud prevention. A business which has low fraud rates, but wants to achieve the authorization uplift benefits of 3DS 2.0 can implement data sharing. This is achieved without changing the seamless checkout flow their customers currently enjoy.

Superior authentication experiences for customers

In many cases, device information is enough to authenticate without an extra step for the customer. Some transactions that have higher risk or regulations such as PSD2 require active approval. 3D Secure SDKs will help you build these flows and there are three primary types to consider:

  • Passive – The SDK and servers exchange all necessary information in the background. The customer sees nothing. 
  • Two-Factor – The user is asked to provide a two-factor authentication code sent via email or SMS. 
  • Biometric – An app-switch to an issuing-bank app is facilitated by the SDK. The user can use their fingerprint or face in the issuing bank app. 

By offering more authentication flows, customers will be able to choose their authentication method of choice. This means increasing security while reducing drop-off rates seen in older solutions that were based on static passwords. 3DS 2.0 SDKs will help you easily build these authentication flows natively into your apps and websites. The different authentication flows with 3DS 2.0 offer more flexibility. This allows banks to continue innovating in the future while continuing to make authentication simple and more secure. This is good news for businesses who are more vulnerable to fraud, and who already use 3D Secure. It’s also a plus for businesses operating in regions that are introducing authentication requirements.

A unified authentication solution

Integration with our 3DS 2.0 authentication platform works with any partner that follows the 3DS 2.0 specifications. This way, businesses can have their authentication solution in one place, while keeping the flexibility and freedom around which partners they choose.

Want to learn more?

This video by Visa gives a visual overview.

Want to learn about this topic? Do you need help implementing the required change? Contact us and we will be happy to help you.