With the increase of devices becoming payment devices, Digital commerce is now the fastest growing area of payments. Consumers have much more ways to pay than before, whether via an internet browser, mobile application, or connected device. However, whenever a consumer is making a digital purchase as opposed to purchasing in a traditional store, verifying the transaction and the consumer\u2019s identity transforms into an increasingly important and even challenging task. Industry researchers estimate that half of the digital commerce transactions declined due to suspected fraud are actually legitimate.<\/p>\n\n\n\n
Paying online with credit\/debit cards entails transferring sensitive information, which is why special precautions need to be taken to maximize customer safety. For that same reason, it\u2019s more crucial than ever that the industry continues to invest in new approaches to prevent fraud while also maintaining the speed and convenience that customers love about online shopping. Helping merchants and issuers distinguish good transactions from bad will mitigate fraud while at the same time allowing transactions to continue happening at the speed of light.<\/p>\n\n\n\n
Following the Payment Services Directive in the European Union (PSD2), the European Union (EU) has stronger demands on payment systems on the Internet. 3D Secure 2.0 is an important advancement in this effort that will help prevent fraud and accelerate digital commerce with fast, secure authentication. That will improve customer protection globally.<\/p>\n\n\n\n
It\u2019s important to note that your bank provides 3D Secure, not FastComet.com. It serves as an extra layer of security for all online transactions. 3D Secure is also commonly referred to as \u201cMastercard SecureCode\u201d or \u201cVerified by Visa.\u201d<\/p>\n\n\n\n
Similar to what happened with GDPR in 2018, Payment Services Directive 2 (PSD2) is an EU directive that doesn\u2019t affect only businesses based in Europe. PSD2 also applies to all internet businesses that process payments in the EEA, meaning this normative triggers whenever both the credit card holder\u2019s bank and the payment processor are situated in Europe. Most payment processors have a European subsidiary, and thus, even if one uses American payment processors such as PayPal or Stripe, they will be affected by the PSD2 directive.<\/p>\n\n\n\n
When Strong Customer Authentication triggers, your payment processor is obligated to verify the payment with at least two of three verification methods:<\/p>\n\n\n\n
Solutions like Apple Pay or Google Pay already have biometric customer verifications placed in hand (like Touch ID or Face ID). For this reason, they work with SCA out of the box.<\/p>\n\n\n\n
The general rule is that all payment transactions initiated electronically by the payer have to be SCA. PSD2 has defined cases in which Strong Customer Authentication of the cardholder does not apply:<\/p>\n\n\n\n
PSD2 allows for certain exemptions where the cardholder does not have to perform SCA. The goal is to improve the user-friendliness for the cardholder thanks to a smooth and frictionless user experience.<\/p>\n\n\n\n
NOTE: None of the above factors that suggest SCA may not be required is any guarantee that SCA will indeed not be one of the requirements for the customer purchase. This ultimately depends on the discretion of the bank or the payment method used to make the purchase.<\/p>\n\n\n\n
In 2000, VISA took the initiative to create a procedure that would make using credit cards on the Internet more secure. The technology, named \u201cVerified by VISA,\u201d is used by the company itself. Following the example of VISA, other credit card providers have implemented the security mechanism as well. 3D Secure is known with various names for different credit card providers. Some examples are:<\/p>\n\n\n\n
When you go to pay on a website and enter your payment details, you then get redirected to your debit or credit card provider\u2019s 3D secure web page. It\u2019s here where you are normally asked to provide either:<\/p>\n\n\n\n
Sometimes you won\u2019t be asked to provide any details at all. After you enter the right details and the payment is approved by the card provider, you\u2019re then automatically sent back to the website with an order confirmation message. It\u2019s a quick and simple process.<\/p>\n\n\n\n
Before 3D Secure, paying with your credit card on the Internet was much simpler but much less secure. All you had to do was enter your credit card information and then confirm possession of the credit card by entering your three-digit security Card Validation Code (CVV, CV2, or CVV2 code), which is placed on the back of your card.<\/p>\n\n\n\n
With the continuous growth in eCommerce, more and more people need to use online paying methods. Typically, interest in online fraud has also increased. Some of the common ways for criminals to access data are phishing and social engineering. The goal of 3D Secure was to prevent such fraud.<\/p>\n\n\n\n
In addition to the information contained on the credit card, the 3D Secure authentication procedure requires further information – a password that only the card owner knows. That method is known as two-factor authentication because it requires two steps to complete the card transaction.<\/p>\n\n\n\n
There\u2019s a security risk when using static passwords. If a third party gets access to the password, your security is compromised. That is why dynamic methods that adapt to every process are the better choice. A good example is when you get a text message with a specific security code generated through cryptic procedures and can only be used once for that particular payment.<\/p>\n\n\n\n
Even if security was better than before, both customers and online retailers were dissatisfied with 3D Secure\u2019s first version. The website where you enter the additional security factor did not have a very good design, but more importantly, the application and use of the required password were not as clear as they should be. What\u2019s more, the whole process couldn\u2019t be integrated into mobile applications. Some customers were frustrated and even canceled orders, which had an impact on online retailers.<\/p>\n\n\n\n
The new and second version of 3D Secure (3DS2) addresses those issues while also improving security. All new features also comply with the new EU Payment Services Directives. Furthermore, all credit card companies are responding to technical developments with 3D Secure\u2019s new version. Modern devices such as smartphones and tablets use authentication methods with data (fingerprint or face recognition).<\/p>\n\n\n\n
The newest and latest 2.0 version of the technology enables a real-time, secure, information-sharing pipeline that merchants can use to send an unprecedented number of transaction attributes that the issuer can use to authenticate customers more accurately without asking for a static password or slowing down commerce.<\/p>\n\n\n\n
3D Secure 2.0 is specially designed so that online retailers can integrate the procedure into the payment process, resulting in a pleasant shopping and user experience for each customer. Additionally, this new version should be an intelligent system. The authentication method adapts to the risk – lower security requirements apply to small payments, and higher requirements apply to large payments. Furthermore, 3DS2 can be used for mobile payments, in addition to working with bank applications.<\/p>\n\n\n\n
The 3D Secure process has both advantages and disadvantages for customers and online retailers.<\/p>\n\n\n\n
Advantages:<\/strong><\/p>\n\n\n\n Disadvantages:<\/strong><\/p>\n\n\n\n For customers, even though they would need some more time for the whole process, the 3DS2 process will make it easier and better to pay online. Now they can benefit from a modern, more secure process. Here\u2019s what customers should know:<\/p>\n\n\n\n Most of the time, you will log in or pay with PayPal by entering your email address and your PayPal password as usual. PayPal may sometimes ask you to confirm your identity. The easiest way is via the PayPal App. Make sure you authorize push notifications from the PayPal App. You’ll also have the option to enter a one-time passcode which we will send by SMS to the phone number you’ve registered with us or via a phone call if you have a landline.<\/p>\n\n\n\n Note: Even with 3D Secure, you should pay attention when paying with your credit card on the Internet. Only enter the data when you are sure you are on the correct website. A valid SSL Certificate is an indication that the website can be trusted.<\/p>\n\n\n\n If your organization is based in the EEA and accepts eCommerce transactions or other digital payments from the EU, the EU\u2019s PSD2 stated that from September 14, 2019, online payments must meet special security standards. 3DS2 meets those requirements. To use the procedure, online merchants have to contact their payment service provider (PSP). The PSP should offer a proper technical solution that retailers need to implement in their online stores.<\/p>\n\n\n\n Merchants should offer 3D Secure in their online stores. The new system is much more customer-friendly, takes place entirely on the online merchant\u2019s website, and increases consumer confidence in eCommerce. This, in turn, should lead to more conversions and, therefore, more sales.<\/p>\n\n\n\n Security should always come first, especially when it comes to online payments. The 3D Secure 2.0 makes everything better when compared to its first version. Online payments are becoming more and more the go-to method, and such security updates are inevitable. The special security standards make the Internet more secure, minimize online fraud, and help both customers and marketers feel safer<\/p>\n","protected":false},"excerpt":{"rendered":" With the increase of devices becoming payment devices, Digital commerce is now the fastest growing area of payments. Consumers have much more ways to pay than before, whether via an internet browser, mobile application, or connected device. However, whenever a consumer is making a digital purchase as opposed to purchasing in a traditional store, verifying […]<\/p>\n","protected":false},"author":2,"featured_media":6506,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[140],"tags":[4637,16,9],"class_list":["post-6501","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-3d-secure","tag-ecommerce","tag-security"],"featured_image_src":"https:\/\/www.fastcomet.com\/blog\/wp-content\/uploads\/2021\/06\/3d-secure-mastercard-and-visa.png","author_info":{"display_name":"Elena","author_link":"https:\/\/www.fastcomet.com\/blog\/author\/elenatileva"},"yoast_head":"\nWhat Customers Should Expect<\/h2>\n\n\n\n
Implications for eCommerce<\/h2>\n\n\n\n
Conclusion<\/h2>\n\n\n\n