3D Secure(3DS)
An authentication protocol that adds an extra security layer for online card transactions, reducing fraud and chargebacks while meeting regulatory requirements.
What is 3D Secure?
3D Secure (3DS) is an authentication protocol designed to provide an additional layer of security for online credit and debit card transactions. Originally developed by Visa as 'Verified by Visa,' it has since been adopted by all major card networks including Mastercard (SecureCode), American Express (SafeKey), and Discover (ProtectBuy).
The protocol works by requiring cardholders to complete an additional verification step during checkout. This step typically involves the customer's bank sending a one-time password (OTP) via SMS, prompting biometric authentication through a banking app, or displaying a security question that only the legitimate cardholder would know.
3D Secure 2 (3DS2) is the latest version, introduced to address the friction problems of the original protocol. 3DS2 uses risk-based authentication, allowing low-risk transactions to proceed without customer interaction while applying stronger verification to suspicious transactions. This approach significantly improves the customer experience while maintaining high security standards.
For merchants in the European Economic Area (EEA) and UK, 3D Secure is essential for complying with Strong Customer Authentication (SCA) requirements under PSD2 regulations. Transactions authenticated with 3DS also benefit from liability shift, meaning the card issuer becomes liable for fraud rather than the merchant.
Key Benefits of 3D Secure
- Reduces fraud by up to 80% on authenticated transactions
- Shifts liability for fraudulent chargebacks from merchant to card issuer
- Meets Strong Customer Authentication (SCA) requirements in Europe
- 3DS2 provides frictionless authentication for low-risk transactions
- Builds customer trust with visible security measures
- Lower interchange fees with some payment processors
Real-World Examples
See how 3D Secure works in different payment scenarios.
E-commerce Purchase
A customer buying a €200 product online is redirected to their bank's authentication page, enters a one-time code sent to their phone, and completes the purchase securely.
Subscription Signup
When starting a new monthly subscription, 3DS authentication verifies the cardholder once. Future recurring payments can be exempted from additional authentication.
High-Value Transaction
A €2,000 purchase triggers 3DS2's risk engine to require full authentication via the customer's banking app with fingerprint verification.
Low-Risk Payment
A returning customer making a small purchase from a trusted merchant passes through 3DS2 frictionless flow without any interruption to checkout.
Mobile App Payment
In-app purchases use 3DS2's native mobile SDKs for seamless authentication without leaving the app, often using device biometrics.
Cross-Border Transaction
International purchases benefit from 3DS's global adoption, with authentication handled by the customer's local bank in their preferred language.
3D Secure with PayRequest
PayRequest automatically handles 3D Secure authentication through our integrated payment providers, ensuring secure transactions without additional setup.
Automatic 3DS Implementation
3D Secure is automatically enabled for all card payments through Stripe, Mollie, and PayPal, with no additional configuration required.
Smart Risk Assessment
Our payment providers use advanced risk scoring to apply frictionless 3DS2 authentication when possible, minimizing checkout abandonment.
SCA Compliance Ready
All PayRequest transactions meet Strong Customer Authentication requirements for European regulations, keeping your business compliant.
Reduced Chargebacks
3DS-authenticated transactions shift fraud liability to the card issuer, significantly reducing your exposure to fraudulent chargebacks.
Related PayRequest Features
Explore features that work with 3D Secure to protect your payments.
Related Glossary Terms
Start accepting secure payments today
Get 3D Secure authentication out of the box with PayRequest. No complex setup required.