3D Secure is a security protocol used as an additional layer of security for online credit card transactions prior to authorization in order to prevent fraud. 3D Secure comes from the three-domain model used to provide the additional layer of secure authentication between the financial authorization process and online authentication process. The service is provided by Visa and MasterCard under the name Verified by Visa and MasterCard SecureCode.
3D Secure 1.0 enables customers to validate transactions they make over the internet by requesting an authentication method (usually a a password-based method sent over mobile or email address is used), thus reducing the risk of fraudulent use by unauthorized individuals.
Although the introduction of 3D Secure 1.0 has helped merchants fight fraud, it also came with a negative impact on the user experience, adding extra steps and supporting only browser-based transactions.
This is why the new 3D Secure 2.0 has come into effect to answer and to resolve the security issues and to implement the strong customer authentication (SCA).
SCA requires merchants to integrate into the checkout flow a two-factor authentication that is based on the use of two or more elements categorised as:
- knowledge (something only the user knows, i.e password);
- possession (something only the user possesses: i.e.,phone, token, certificate tec.);
- inherence (something the user is: i.e. fingerprint, Face ID).
For more information about the PSD2 Directive and Strong Customer Authentication (SCA) visit our section: PSD2 and Strong Customer Authentication (SCA).