3D Secure 2.0 – New Improved Security Process for Merchants

Thursday, 31 Dec, 2020

Table of contents:

Today, each online merchant knows that secure online payments are necessary for effective ecommerce businesses. For the purpose of further improving the security, new methods of card authentication and user authentication under the European Payment Directive PSD2 have become essential than ever.

Often significant changes also bring a lot of questions for merchants. However, at PayCEC, we make sure that you will get all the support you need with this new improved security process.

What is 3d secure 2.0 What is 3d secure 2.0?

What is 3D Secure 2.0?

3D Secure 2 (3DS2) is a multi-level protection system provided by leading credit card organizations Visa, Mastercard, Amex, and JCB. This new platform is launched to comply with the legal structure of Directive 2 regarding European Payment Services (PSD2). The key goals here are to make online credit card transactions as safe as possible and to improve the conversion rate relative to existing 3DS implementations.

Haven't 3D Secure been around for a long time?

Yes. 3D Secure 2 guarantees that the user is actually the owner of the credit card as with the first generation. Nonetheless, the second generation brings with it some significant improvements: these include a new path to higher security level across a wider range of data, biometric authentication, and improved online experience, especially on smartphones. Additionally, the PSD2 also calls for a Strong Customer Authentication (SCA) and 3DS2 is the leading credit card company's reaction to this.

Differences between 3DS1 and 3DS2 (Source: Kilian Thalhammer / Wirecard) Differences between 3DS1 and 3DS2 (Source: Kilian Thalhammer / Wirecard)

Definition of Strong Customer Authentication (SCA)

Strong Customer Authentication (SCA) is a new standard for PSD2. In the past, customers may just need to enter their card number and the CVC. However, under the PSD2 regulations, details from two separate sources (also known as factors) would be needed to initiate payments. 3D Secure is a common security standard designed to avoid fraud in online credit and debit card transactions that will be used to apply SCA in all card payments.

When using 3DS1 in the past, online shoppers are required to set up a static password. Nevertheless, in the future, the issuers must ensure that authentication contains at least two of the following:

Definition of Strong Customer Authentication (SCA) Definition of Strong Customer Authentication (SCA)

Does 3d secure 2.0 have any impact on all payment methods?

Actually not. Just online payments from credit or debit cards and wallets are affected.

Related: What is PCI DSS?

How can PayCEC support merchants and online merchants?

At PayCEC secure payment system, we are updating our payment pages and developing new payment APIs that can enable excellent customer authentication. We also use the latest 3DS2 standard in our APIs and payment pages in order to reduce implementation changes for merchants.

We encourage the improvements of PDS2 since they allow European merchants to promote competition and thus innovation amongst financial institutions. In particular, PSD2 improves long-term payment protection, of which 3DS2 is a significant component and also enhances the widespread practical use of future-oriented technologies such as biometric payments.

There are many benefits for merchants compared to 3DS1 – here are the most important ones:

  • Higher conversion rates due to higher customer experience: Static passwords would be forbidden. In certain circumstances, transactions would be authenticated on the basis of historical and transactional data accessible to the issuer without the involvement of the cardholder. After a familiarization stage, the conversion rate will increase in the medium term as cardholders experience a frictionless flow.
  • Higher revenue due to improved acceptance rates: Thanks to the widespread implementation of 3D Secure, issuers would be able to accept more e-commerce payments than they had in the past. The general assumption is that the approval rates for such transactions will be as high as those for face-to-face companies.
  • Less fraud due to strong biometric authentication: The reason for the new standard is to encourage the data transfer between the merchant, the cardholder, the issuer of the bank (who receives the payment and then sends the amount to the merchant, minus the relevant fees) and the issuing bank (who verifies the transaction and, where credit is available, sends the authorization to the card network) in order to determine the risk of the payment. If the issuer wishes to challenge the transaction, the authentication can take place with TAN via SMS or automatically with biometric data.
  • Support in different devices: The new networking standard also offers a basis for digital authentication in order to make the process possible on a broader range of devices. 3D Secure payments can be run on mobile and other connected electronic devices in both application and browser-based solutions.

What are the special cases where SCA does not need to be used?

What are the special cases where SCA does not need to be used? (Source: Kilian Thalhammer / Wirecard)

What are the timelines for 3D Secure 2.0 (3DS2)?

PSD2 and SCA tend to make strong customer authentication compulsory in Europe, paving the way for the introduction of 3D Secure 2.0

By 2020 onwards, 3DS 2 is supposed to be launched globally. You will also be able to participate in a safer and more stable business with non-European Economic Area (EEA) customers, like all EU countries plus Norway, Iceland, and Liechtenstein.

If you have any questions, please contact us by email or regular mail at the following address:

PayCEC - Payment Center for Entrepreneurial Community

Read more:


How Can We Help?

How Can We Help?All information entered on this form will be kept strictly confidential and subject to our privacy policy once received by us. Your transaction will be secured using SSL/TLS encryption.

The Media

About us

who we are

about us

We are honored to serve as your reliable business partner and financial service provider in the industry and other business-related services. With the help of our professional staff, to help merchants to achieve their goals for the development and expansion of the international business market.

Our payment flow has developed in the e-commerce world to perform seamlessly and effectively across all platforms and devices. We take pleasure in combining technology with customer service, to solve your concerns at the moment.

PayCEC is a fully worldwide payment network that not only allows merchants to be paid immediately and securely, but also allows them to withdraw money in multiple currencies to their company accounts.

We will contact you shortly.

Email Phone