3DS2 (3D Secure 2.0) - Everything You Need to Know

June 12th, 2022 by Felix Cheruiyot

3ds2-concept

3D Secure 2.0 (3DS2) is the real deal that tackles fraud and enhances security in online transactions in Africa and other places in the world. People embraced online transactions and internet shopping more during the lockdown; about 2.1 billion people shop online, and this is the same reason merchants, and online businesses improve their security systems. Many software existed before 3DS2; however, the new concept of 3DS2 focuses solely on security: it protects the customers from internet fraud and safeguards the merchant from losing value to internet fraudsters.

There are many advantages of 3D Secure 2.0 over 3D Secure 1.0. Before we talk about the differences and advantages, you should learn the purpose of 3DS2 in internet transactions. The main reason 3DS2 was introduced is for authentication and verification of transactions. Before now, people could do multiple transactions directly with the merchant without verification. But now, 3DS2 ensures the initiator actually initiates the transaction by classifying a transaction as “high risk” or “low risk.” Suppose a transaction is high risk; 3ds2 pends the transaction and focuses on the initiator. It then forces verification through several channels like a fingerprint, face recognition, and 2 authentications, among others.

More amazing things are embedded in 3D Secure 2.0, and this article talks deeply about them. Here, you will learn the purpose of 3D Secure 2.0, its advantages, and how it impacts your business.

What is 3DS2 (3D Secure 2.0)?

3DS2 (3D Secure 2.0) is not the first type of this security system. The predecessor (3D Secure 1.0) was created in 1999 as a security channel, especially when customers use their cards to buy things online. 3DS2 (3D Secure 2.0) is a refined version of (3D Secure 1.0) that aims to solve all the limitations of (3D Secure 1.0).

The 3DS means “Three-Domain Secure.” The three domains are the acquirer area (the vendor and the bank to which the cash is paid), the guarantor space (the bank that gave the cardholder’s card), and the interoperability area (the foundation utilized by the card plan to implement 3DS convention)

What is the purpose of 3DS2 (3D Secure 2.0)?

3DS2 is globally known for online e-commerce security; it was first used in European countries. Now, the 3DS2 is widely accepted in Africa and other places. 3DS1 is the major name created for the security name for all card schemes, and each card has its adaptable name. For example, the concept of 3DS2 for a Visa card is called Visa Secure; for a Master card, it is regarded as MasterCard Identity Check. All card schemes may have varying verification names, but they all fall under one purpose: security.

United Nations Conference on Trade and Development says about 21 million shoppers are in Africa, about 2% of the world population. The purpose of 3DS2 is to protect the identity, funds, and card details of individual shoppers in Africa. The concept of 3DS2 works through authentications and verification of ownership. Aside from protection, another purpose of 3D Secure 2.0 is to get rid of 3D Secure 1.0 – many limitations of the first version of the 3DS make it useless compared to the latest version (3DS2).

3D Secure 1.0 was created in the late 90s, so there were no mobile banking or transaction plans. Thus, the first version of 3DS does not support effective mobile transactions: it does not display useful information and reduces online shopping. Customers leave their goods unchecked, which reduces merchant productiveness, bringing about the concept of the 3DS2. The 3DS2 is a solution to the early version of the 3DS, and this is why it is referred to as the 3D Secure 2.0 – the main purpose is to increase trust and productivity.

Security is important in developing trust in online shoppers. Trust and safety of online shopping are not limited to Africa; about 140 million American citizens say their greatest fear in online shopping is security and fraud. In order words, you can say that 3DS2 is a solution to a global threat. People are afraid to lose their hard-earning funds to fraudsters and online scammers. And also, many people have started shopping online since the pandemic; it is thus necessary for e-commerce merchants and organizations who use an online payment gateway to employ the assistance of 3DS2 in securing their safety and their customers’.

3DS2 fixes the flaws in 3DS1 improves online transactions through the latest technology and stands a greater chance for more opportunities in the future. 3DS1 redirects users to another page where they input their PIN, among other practices. This is a typical process, very slow, and does not guarantee safety. However, 3DS2, upon its arrival in 2015, has created more ground for shoppers to shop on smooth, safe, and fast technology. Technology had evolved since the late 90s’ when 3DS1 was introduced; the 3DS2 works on the new technology for card scheme verification.

Another purpose for developing 3DS2 is the requirement needed to qualify for Strong Customer Authentication (SCA). SCA was introduced in 2018 and served as a measure for your customer safety. SCA is important because customer safety is more guaranteed since it works beyond online verification; it employs question-based techniques like mother’s name, secure code, and fingerprint to verify customer identity.

The combination of 3DS2 and SCA serve a greater advantage to customer safety while it helps merchant maintain a good reputation and scale high among competitors. 3DS2 works with other financial institutions and secures online transactions. Learning how the 3DS2 works gives you the best reason you may need to consider it as a merchant or shop from a website with 3DS2 as a shopper.

How does 3DS2 (3D Secure 2.0) work?

3ds2-process

3DS2 (3D Secure 2.0) works during an online transaction initiated by a cardholder. The card connects with the merchant servers at the checkpoint, resulting in the analyses of merchant conceptual data; the 3DS2 serves as an extra security layer for the information supplied by the customer. The 3DS2 simply connects the active merchant server (3D Server) with the access control server (Issuer). The connection is possible via the authentication request and response from the servers.

The Merchant Server reaches the Issuer through the DServer (Directory server). The DServer connects with the Merchant Server by authentication request from the Merchant Server; the Merchant Server receives an authentication response from the DServer.

DServer connects with the Access Control Server (Issuer) via authentication request from DServer, and DServer receives an authentication response from the Issuer. The connection is simplified as Cardholders – Merchant Server – DServer – Issuer. The connection between the cardholders to the Issuer is the primary security concept of the 3DS2.

3DS2 strengthens security by connecting the Issuer domain with the Interoperability Domain (Credit Card Network) via an authorization message. The Acquirer Domain also receives authorization messages from the Interoperability Domain. The next stage is simplified as Issuer – Credit Card Network – Acquirer. The Acquirer connects to the payment gateway and finalizes the payment request.

The implication of all the connections between the payment channels is for 3DS2 to classify a transaction as risk or non-risk – a high-risk transaction goes through a test. It prompts the cardholder to confirm their personality utilizing biometrics and two-factor validation, for example, a one-time password. A low-risk transaction requires no further activity on the cardholder’s end. The Issuer sends the verification result to the vendor, who thus presents the exchange for authorization with a message showing the confirmation result.

3DS2 (3D Secure 2.0) advantages and impacts on business

Build credibility

Credibility is the value you build in your customer that makes them trust you. If you employ 3DS2, you will build a high credit score compared to your competitors. Many competitors do not know more about 3DS2, and if you employ the practice today, you will do outstandingly in the e-commerce business. Aside from credibility, it is a useful tool that makes the customer shop again.

Safe and easy to use

3DS2 is easy to use because of the latest technology employed in developing the software; it also resolves the limitations of 3DS1. 3DS2 is easy to use because it is mobile-friendly and does not leave the merchant webpage – customers finish all the tasks involved in a transaction on the same merchant page.

Liability shift

The greatest advantage of 3DS2 is the chargeback liability shift; it moves the responsibility for chargebacks because of misrepresentation from the vendor to the cardholder’s bank. This extra assurance is why users frequently face the 3DS2 test during critical transactions. 3DS2 additionally upholds liability shift. As the convention transaction goes on, various card plans choose their principles regarding when to carry out liability shifts. Mastercard has support responsibility shift based on month, while Visa would actuate risk shift contingent upon the merchant’s locale.

Reduces fraud and offers protection

The main reason merchants decide to add 3DS2 to their e-commerce website is the extra protection from fraudsters. There are many fraudsters today, and 3DS2 reduces the chances of fraud during internet transactions; and this is possible because of the several security approaches employed by 3DS2. Because of the protection, customers shop more online and believe in their vendors who have installed 3DS2 into their e-commerce platform.

No extra cost to your business

You do not need to pay extra for 3DS2 if you choose a plan that supports 3DS2 during the building of your e-commerce platform. Thus, it does not cost you an extra maintenance fee after you must have used it for a while.

High customer satisfaction

Excellent products and customer service are not the only things that increase customer satisfaction. Online shoppers may not meet your customer representative before they transact online; 3DS2 improves customer satisfaction through your website’s user-friendly interface and easy-to-use network. Another thing is the case of online reviews. Reviews are important for new customers: they read them and decide if they can shop with you. It is important to impress your online customers always; you can do this via 3DS2.

Smooth business

Frictionless flow is the greatest improvement made to 3DS2. By performing risk-based validation in the access control server (ACS), issuers are currently ready to endorse a transaction without the requirement for input from the cardholder. That implies no more irritating display and recalling static passwords, eliminating friction from the checkout page; thus, “frictionless flow.”

Fewer disputed transactions

3DS2 increases sales and reduces disputed transactions. Since transactions are of frictionless flow, customers and merchants have no reason to cause disputes or query a transaction. 3DS2 has greatly affected the output generally: giving satisfaction to customers and scaling merchant’s business positively.

Conclusion

3DS2 has an absolute advantage for merchants and customers: aside from the security advantage, it also increases trust in business. The trust issue is never underrated in a business setup; if you fail to earn your customer’s trust, you may not do well compared to your competitors. Customer satisfaction is an important factor for all merchants, and this also allows you to beat the competition, especially in an e-commerce setup. All in all, 3DS2 gives better advantages as a merchant and provides a higher chance to stay on top of the competition. 3DS2 working principle is clear and transparent, thus, protecting merchants in the case of the liability shift. The merchant does not always reply on a self-hosted server; having a 3DS2 protects identity and reputation. Despite all the advantage, 3DS2 is affordable in Africa and require low or no maintenance fee. IntaSend integrates 3DS2 in it payments workflows, learn more about how we can help you securely accept online payments.


© 2022 IntaSend. All rights reserved.