Tuesday, Jul 13 2021
Table of contents:
Today, each online merchant knows that secure online payments are necessary for effective ecommerce businesses. For the purpose of further improving the security, new methods of card authentication and user authentication under the European Payment Directive PSD2 have become essential than ever.
Often significant changes also bring a lot of questions for merchants. However, at PayCEC, we make sure that you will get all the support you need with this new improved security process.
3D Secure 2 (3DS2) is a multi-level protection system provided by leading credit card organizations Visa, Mastercard, Amex, and JCB. This new platform is launched to comply with the legal structure of Directive 2 regarding European Payment Services (PSD2). The key goals here are to make online credit card transactions as safe as possible and to improve the conversion rate relative to existing 3DS implementations.
Yes. 3D Secure 2 guarantees that the user is actually the owner of the credit card as with the first generation. Nonetheless, the second generation brings with it some significant improvements: these include a new path to higher security level across a wider range of data, biometric authentication, and improved online experience, especially on smartphones. Additionally, the PSD2 also calls for a Strong Customer Authentication (SCA) and 3DS2 is the leading credit card company's reaction to this.
Differences between 3DS1 and 3DS2 (Source: Kilian Thalhammer / Wirecard)
Strong Customer Authentication (SCA) is a new standard for PSD2. In the past, customers may just need to enter their card number and the CVC. However, under the PSD2 regulations, details from two separate sources (also known as factors) would be needed to initiate payments. 3D Secure is a common security standard designed to avoid fraud in online credit and debit card transactions that will be used to apply SCA in all card payments.
When using 3DS1 in the past, online shoppers are required to set up a static password. Nevertheless, in the future, the issuers must ensure that authentication contains at least two of the following:
Two in three factors that SCA always requires to make payments safe (Source: Kilian Thalhammer / Wirecard)
Actually not. Just online payments from credit or debit cards and wallets are affected.
Related: What is PCI DSS?
At PayCEC secure payment system, we are updating our payment pages and developing new payment APIs that can enable excellent customer authentication. We also use the latest 3DS2 standard in our APIs and payment pages in order to reduce implementation changes for merchants.
We encourage the improvements of PDS2 since they allow European merchants to promote competition and thus innovation amongst financial institutions. In particular, PSD2 improves long-term payment protection, of which 3DS2 is a significant component and also enhances the widespread practical use of future-oriented technologies such as biometric payments.
There are many benefits for merchants compared to 3DS1 – here are the most important ones:
(Source: Kilian Thalhammer / Wirecard)
PSD2 and SCA tend to make strong customer authentication compulsory in Europe, paving the way for the introduction of 3D Secure 2.0
By 2020 onwards, 3DS 2 is supposed to be launched globally. You will also be able to participate in a safer and more stable business with non-European Economic Area (EEA) customers, like all EU countries plus Norway, Iceland, and Liechtenstein.
If you have any questions, please contact us by email or regular mail at the following address: