3D Secure (3-domain structure), also known as a payer authentication, is a security protocol that helps to prevent fraud in online credit and debit card transactions. This additional security was initiated and created by Visa and MasterCard and it’s branded as ‘Verified by Visa’ and ‘MasterCard SecureCode’ respectively.
The payer authentication is a three-part process, so there are three parties involved in the process: the issuer (such as Visa or MasterCard), the acquirer, and the interoperability domain (such as payment system).3D Secure (3DS) adds an extra layer of protection to online shopping. With 3DS enabled, you have 2-step authentication on every online purchase—so no payments will ever go through unless you authorize them yourself.
How 3D Secure works
When you make a payment for an online purchase, 3DS technology gauges if further safekeeping is needed to make sure that you are the rightful card owner. If so, you’ll be directed to a 3DS page and asked for a password or PIN.
Simultaneously, your bank generates a one-off PIN and sends it to your phone via SMS. This is the PIN you’ll need to enter before you can complete the transaction.
When you, as a merchant, have 3D Secure enabled on your website and your customer uses the card that is enrolled in the 3D Secure program the process looks as follows:
- The customer enters their credit or debit card information in the payment form
- The merchants card issuer contacts a directory server and gets the message that the card is registered in the program
- The customer sees the 3D Secure page when they need to authenticate themselves to the issuing bank by entering the password or a one time PIN
- The result of the 3D Secure authentication goes to the merchants card issuer and then the transaction details to the acquiring bank
- The transaction is authorized by the acquirer
- The customer can see the response about whether the transaction is successful or failed
Advantages of 3D Secure
One of the advantages of 3D Secure is that it reduces fraud. It also makes shopping/commerce safer online, nourishes brand loyalty, it is easy to use, customer confidence improves on websites and therefore increases spending online. The process was developed by Visa and is now licensed to Mastercard, so most major card providers already use this technology. And just because 3D Secure is enabled doesn’t mean you’ll always have to enter a PIN—you’ll only have to complete this step if your bank notices a possible security issue.
Service Restrictions
3D Secure has certain limitations: first, not all cards are currently participating in the program authentication payer scheme and secondly, it does not restrict chargebacks to happen but reduces the cost of fraudulent chargebacks.
Some users can find it difficult to tell if a 3D Secure pop-up is legitimate, as they can direct you away from the payment site. Users often mistake these pages for phishing scams. But 3D Secure only uses one-off codes, so none of your other details should ever be at risk.
3DS also adds time on to the checkout process when you verify yourself—but isn’t keeping your information safe worth a few extra seconds?
Chargeback Liability of 3D Secure
As regards to chargeback liability, 3D Secure should be seen as an additional layer of protection provided by the card issuer. In fact, in the case of a fraudulent transaction, it becomes authenticated through 3D Secure, is very likely that liability will shift to the acquirer. In short, retailers are protected against misleading chargebacks since the liability is transferred.
Credit: Source link