3D secure 2.0 admin April 13, 2022

3D secure 2.0

3D secure concept 2.0


3D secure is most popularly known as MasterCard Identity Check, Visa Secure, or American express SafeKeys. It works to safeguard your digital payments and keep you away from theft and fraud.

Introduced in 2001, to secure the path of payments process is done via Cards (debit/credit), which were and still are considered the first option of payments. And have the highest traps laid by Con artists. 3D secure 1.0 allowed the card network and bank to add a step to clear the process by verifying a code sent to the card registered contact details to complete the payment.

The new version 3D 2.0 has added more layers of security to provide frictionless authentication for payments authentication. Most payments are carried out via cards and need to meet (SCA) Strong Customer Authentication requirements in Europe under the second Payment Services Directive (PSD2). The latest update allows the banks to verify the card owner’s details during a transaction.

Banks already started implementing this system integration in their services in early 2019. And now, businesses are required to update payment networks to utilize the benefits of this security.

3D Secure 2.0 differences from 3D secure 1.0?

The previous 3D secure version helped to bring together banks, payment networks, and customers for authenticating payment paths. By sharing data and verifying data for card payments mainly.

When any customer opted online payments, the transaction will jump onto a new page, co-hosted by the bank and the card provider to verify a code sent to the user’s registered number in a given time to complete the payment.

The new update 3D secure 2.0 was released by EMVCo, to improve the system for mobile payments. It’s a fact that the original version 3D 1.0 was not outlined for smartphones. Thus new versions of 3D secure systems work were released to work with native iOS & Android SDKs.

And help overcome the challenges of app change, OTPs verifications are sent on SMS by making banks utilize large data points (email/ billing address/other data taken from user’s devices and browser) in a risk assessment and determine the results.

In simple terms, if the bank can access sufficient data from the customer for verifying the authenticity of the transfer attempted. Then transfer will need fewer authentication steps to be carried out.

illustrate define difference between 3D secure 1.0 and now 3D secure 2.0 by esurgent

How does this update help businesses?

In Europe, businesses need to comply with PSD2 rules for Strong Customer Authentication requirements, which are covered by updating to 3D secure 2.0.

Furthermore, the EMV 3-D Secure, 3D Secure 2.0, or 3DS2 aims to resolve the shortcoming of the original system and provide a seamless authentication experience to the customers.

Visa reports that businesses, after implementing 3D 2.0 experienced about 85% payment process time reduction that led to a 70% less cart abandonment ratio.

Thus, the update help business shields themselves way better from any phishers or scams and even shift the responsibility to banks in case of any fraudulent payment transactions.

What is the timeline to update to 3D secure 2.0?

3Dsecure2 lays out its timeline and states the Global Activation for 3D secure 2.0 will be carried 2019 -to 2020.

However, it may still seem like the early stages for the bank to adopt this system. We must be ready as the broader implementation of 3D secure 2.0 is overtaking the market.

How can Esurgent help you update to 3D secure 2.0?

The integration of 3D secure 2.0 usually takes about 2-5 days, depending on the service provider. It requires a developer to help you code in JavaScript. We have already helped our existing clients update their payment system requirements binding to the rules with the latest security systems.

And if you are planning to build a new mobile/ web application we can help you develop an in-app authentication process to provide a native app authentication experience with no need to have redirection outside of your application.