3D Secure (3DS)
Beginning in 2013, the European Union began implementing new financial regulations under the Payment Service Provider Directive (PSD); among other objectives, these regulations focused on increasing consumer protection against fraud. The second phase of these regulations, termed PSD2, began enforcement in December 2020.
A key part of PSD2 is the Strong Customer Authentication (SCA) regulation, which requires businesses to provide additional authentication measures to ensure that a payment card is being used for a legitimate, authorized purpose. The benefit of these authentication measures, beyond a higher level of security, is that merchants no longer bear liability for a chargeback should the transaction be reported as fraudulent, in which case the card network would be responsible for returning funds to the customer.
3D Secure (3DS) is a payment protocol that adds an additional level of security to online transactions. With 3DS, a card provider (usually a bank, credit union, or card network) will require the customer to provide a particular piece of information before a transaction can be authorized. The use of 3DS satisfies the requirements outlined by SCA; thus, Europe-based organizations using 3DS can claim full compliance with SCA and PSD2 regulations.
Although the function of 3DS doesn't widely vary between card networks, it is known by different names depending on the card brand. These include:
Visa Secure
MasterCard Identity Check
American Express SafeKey
Diners Club ProtectBuy
The exact information required by a 3DS system will depend on the user's card provider or bank, but authentication requests commonly ask for one or more of the following:
PIN
All or part of the card number
User ID information, such as a name, address, phone number, or ZIP code
Authentication codes sent by SMS, email, or an app notification
3DS is automatically implemented if required by a customer's bank or financial institution. The appearance or function of a particular 3DS verification page is not, and cannot, be controlled or altered by Sertifi. Any questions, concerns, or comments about a 3DS page's appearance or function must be directed to the issuing bank or card provider.
3D Secure is only available for portals using ePayments and eAuthorizations. To enable 3DS authentication for your portal, contact your Client Success Manager.
Caution
For technical reasons specifically related to the hospitality industry, there are some situations where Sertifi’s 3DS integration may not allow for the otherwise standard Liability Shift feature. For more information, contact your Customer Success Manager.
Viewing 3DS Results In Sertifi
As of January 2024, Sertifi Next-Gen now automatically runs 3DS authentication when enabled for portals using Payments or eAuthorizations.
You can immediately see the status of a 3DS authentication attempt by looking in the Approval column.
The status of a 3DS authentication is also displayed in the Folder Maintenance window.