FIS Modern Banking Platform
Advance your bank with a modern core platform.
Worldpay Editorial Team
June 03, 2018
3DS allows customers to authenticate high-risk transactions with confidence and with the added benefit of liability shift. But if not used selectively, 3DS authentication will increase friction for all your customers. The experience on mobile devices is also sub-par, leading to a lack of adoption through this channel. To address these points, the industry is introducing 3DS2, a new approach that puts shoppers at the center of the authentication process and aligns with the latest technologies that shoppers use.
Introduced in 1999, 3DS was introduced to reduce fraud for online transactions. It works by allowing the cardholder’s bank to prove that the shopper attempting a purchase is the legitimate user of the credit or debit card.
The primary benefit of 3DS is the additional layer of security that reduces the chance of chargebacks. Usually, if a chargeback does occur, the liability will be shifted to the cardholder’s bank where a successful authentication has occurred
When 3DS1 was first introduced, technologies that are commonplace today hadn’t been invented (the first iPhone wasn’t released for another four years). While 3DS1 has been a powerful and widely adopted anti-fraud solution, shoppers are still put off by browser-based challenges. Examples of 3DS1 include:
While many banks have moved to a risk-based approach – which means shoppers do not always get challenged – when a challenge does occur, it often requires a shopper to remember a number of characters from their static password. This leads to shoppers dropping out of the payment journey and merchants losing transactions.
3DS2 looks to introduce a solution that not only works with the technologies that shoppers use today but also anticipates future ways for shoppers to authenticate themselves.
There are three key areas where 3DS2 will optimize the user experience:
By putting the shopper experience at the forefront of authentication, 3DS2 can be adopted without fear of drop off. Merchants will be able to process more successful transactions while being able to benefit from full liability for transactions where fraud is detected.
Although 3DS1 and 3DS2 will coexist for several years – if you accept payments where the card issuer and the acquirer are based in the European Economic Area (EEA), you need to apply Strong Consumer Authentication (SCA) to your payments. Where card payments are involved, the most common way to achieve SCA will be through the adoption of 3DS2.
SCA makes transactions more secure by requiring two of three:
The EU’s newly revised PSD2 requires SCA for all but a defined set of exempted transactions as of 1 January 2021 for EEA and 15 September 2021 for the UK.
The European Banking Authority (EBA) is the EU’s supervisory authority over the common rules for financial institutions in the EU. The EBA issues periodic opinions on compliance matters that answer common questions about the compliance of specific SCA implementation.
Outside of the EEA, we recommend that you support 3DS2 so that you can leverage the benefits offered by the new protocol.
Even before 3DS2 is available, Worldpay’s 3DS Flex offers an advanced MPI so you can adopt 3DS1 today. 3DS Flex allows for increased uplift of 3DS1 transactions through features such as mobile optimization. Additionally, Worldpay can offer a highly tailored rules approach to optimize 3DS for every transaction. This allows you to achieve a balanced approach of shopper friction versus authentication aligned to your risk appetite.
In addition, we can help you get ready for 3DS2. Worldpay will be among the first Payment Service Providers to support 3DS2, allowing our customers to be the first to benefit from the increased value this new solution provides.
Look for Worldpay’s upcoming webinars on 3DS2 or reach out to your Worldpay account team to find out more.
Let's work together to reach your goals. Contact us at the links below and a representative will be in touch.
We are here to help you and your business. Contact us using the button below.Learn more