Skip to main content

Sertifi Support Site

3D Secure

Beginning in 2013, the European Union began implementing new financial regulations under the Payment Service Provider Directive (PSD); among other objectives, these regulations focused on increasing consumer protection against fraud. The second phase of these regulations, termed PSD2, began enforcement in December 2020.

A key part of PSD2 is the Strong Customer Authentication (SCA) regulation, which requires businesses to provide additional authentication measures to ensure that a payment card is being used for a legitimate, authorized purpose. The benefit of these authentication measures, beyond a higher level of security, is that merchants no longer bear liability for a chargeback should the transaction be reported as fraudulent, in which case the card network would be responsible for returning funds to the customer.

3D Secure (3DS) is a payment protocol that adds an additional level of security to online transactions. With 3DS, a card provider (usually a bank, credit union, or card network) will require the customer to provide a particular piece of information before a transaction can be authorized. The use of 3DS satisfies the requirements outlined by SCA; thus, Europe-based organizations using 3DS can claim full compliance with SCA and PSD2 regulations.

Although the function of 3DS doesn't widely vary between card networks, it is known by different names depending on the card brand. These include:

  • Visa Secure

  • MasterCard Identity Check

  • American Express SafeKey

  • Diners Club ProtectBuy

The exact information required by a 3DS system will depend on the user's card provider or bank, but authentication requests commonly ask for one or more of the following:

  • PIN

  • All or part of the card number

  • User ID information, such as a name, address, phone number, or ZIP code

  • Authentication codes sent by SMS, email, or an app notification

3DS is automatically implemented if required by a customer's bank or financial institution. The appearance or function of a particular 3DS verification page is not, and cannot, be controlled or altered by Sertifi. Any questions, concerns, or comments about a 3DS page's appearance or function must be directed to the issuing bank or card provider.

3D Secure is only available for portals using ePayments and eAuthorizations. To enable 3DS authentication for your portal, contact your Client Success Manager.

Caution

For technical reasons specifically related to the hospitality industry, there are some situations where Sertifi’s 3DS integration may not allow for the otherwise standard Liability Shift feature. For more information, contact your Customer Success Manager.