Developed more than ten years ago, 3D Secure 1 was welcomed, but not exactly user-friendly, widely adopted and recognised when a pop-up window appeared with ‘Verified by Visa’ (later rebranded as Visa Secure), ‘SecureCode’ from Mastercard of Safekey from Amex. The system was somewhat convoluted, complex and was often plagued by compatibility issues. A protocol designed to be an additional security layer for online credit and debit card transactions, the name refers to the “three domains” which interact using the protocol: the acquirer domain, the issuer domain, and the interoperability domain.
Over time, many merchants or etailers came to see 3DS as a security benefit that gave them peace of mind when shopping online. Which makes the arrival of 3DS 2.0 a welcome upgrade, one that introduces some significant improvements to online payment processing and security.
This shift to 3DS 2.0 is aligned to the increased growth in eCommerce, the need for additional security parameters, and the demand for seamless user experiences. All these factors are essential to the continued growth of eCommerce and the retention of a growing online customer base while ensuring that customer security concerns, and risks, are addressed as intelligently and carefully as possible.
Over the next few months, most card schemes will require payment platforms and retailers to migrate to the new standard. This has made the move mandatory, but ultimately delivers measurable benefits that make the move worthwhile.
Karen Nadasen, CEO of PayU South Africa, explains, “One of the most important benefits is trust – in the transaction, the process and the service provider. This is why the enhanced 3DS 2.0 has put user experience and additional security at the heart of its processes. Authentication processes will primarily be managed behind the scenes as the data used by the platform and retailer moves to authenticate at speed, and at a high level of security. Factors such as biometrics can also be integrated to provide a more robust framework for service providers, cardholders and payment platforms.”
The new solution also uses more data to assess the risk associated with a transaction. Transactions that are considered low risk by the cardholder’s bank can potentially be authenticated without the need for an OTP (One Time Password) or other forms of authentication that banks use. This reduces the friction currently experienced by customers in the checkout process without compromising on security and therefore potentially reducing abandonment.
With 3D Secure 2.0, the customer follows a journey that increases engagement and reduces friction, adding that all-important stickiness to the merchant and customer relationship. Additional information gathered from the customer or received from the merchant will be used by the bank to determine whether or not the transaction requires further authentication. If yes, they will follow the usual authentication process, but using a more seamless approach dependent on the authentication methods offered by their financial institution. If not, the transaction will be completed immediately.
This intelligent application of technology and process to eCommerce transactions can transform eCommerce. It’s also why PayU is currently switching all merchants over to the 3DS 2.0, and ensuring that the new standard is accessible to all customers. Merchants don’t have to undergo any additional changes, although they do have the option to submit additional data related to customers and transactions to further streamline purchasing.
Nadasen, who is also the Chairperson of The Ecommerce Forum of South Africa (EFSA), concludes, “As we say farewell to 3D Secure 1.0, we can be grateful for its immense contribution, but as is always the case with eCommerce, technology is incredibly dynamic and iterates continuously. It has run its course. With the surge towards online shopping since the pandemic started, the timing of 2.0 to further protect consumers, merchants and enhance their online experience couldn’t be better.”