3D Secure 2.0 – The Lowdown For Online Businesses
by Michelle McSweeney
November 27, 2018
So now that 3D Secure 2.0 is on the scene, you’d nearly be forgiven for thinking it’s just a souped-up form of the original version that’s been around for nearly 2 decades, and has, quite frankly been a thorn in the side of merchants and customers.
Selling anything online is far from a walk in the park, especially when 1 in 60 transactions are fraudulent, and until now, businesses have had to make the conscious decision to either protect their online stores by implementing 3D Secure authentication, knowing full well that customer experience would suffer, increasing cart abandonment rates and decreasing conversions, or take a hard pass on 3D Secure and risk fraudulent transactions.
So is 3D Secure 2.0 going to help retailers? Here’s the lowdown…
What is 3D Secure 2.0 and how is it different to 3D Secure?Excellent question! Unlike 3D Secure Version 2 powers user authentication through biometric identification (for example fingerprints, facial recognition, iris scanning, etc.) and looks to eliminate reliance on static passwords that frankly no one ever remembered.
With 3D Secure 2.0 the initial enrollment process for users is eliminated, and in-app as well as mobile wallet payments can now be authenticated – something that 3D Secure never mastered. In short, 3D Secure 2.0 aims to remove the friction that caused many consumers to abandon their purchase and hopefully advocate more passive forms of authentication.
So with 3D Secure 2.0 merchants can implement a protocol to protect their online stores from fraud, and it will not be to the detriment of good shoppers. Win, win, right?
Why is any of this important?So what’s the catch? Well, it would certainly appear that there isn’t one! Understandably, merchants may be cautious to adopt 3D Secure 2.0, especially if they felt conversion drop with 3DS. However, under PSD2 they only have until September 2019 before 3DS2.0 is mandated, while the card issuers themselves must be 3DS2.0-ready by April 2019. The truth is that 3D Secure 2.0 could be just what the doctor ordered for businesses. You see, the emphasis that the payment service directive in the EU has placed on strong 2-factor customer authentication (SCA) for card-not-present transactions means that merchants are soon going to have to ensure that all transactions are verified by meeting at least two of the following criteria:
- Verification through the information that the user knows (such as a password or PIN)
- Verifications through possession of the user’s (e.g. mobile phone, physical token, card, etc)
- Physical verification by the user (fingerprint, iris, facial recognition)
Taking 3D Secure 2.0 one step further
3DS2.0 is about adopting the protocol and learning how your customers interact with it. The user experience has to remain king and given that with 3DS2.0 there is no longer a redirect this means that for all online retailers a checkout redesign is necessary – whether they want one or not!
Speaking about the benefits of adopting the latest iteration of authentication technology, Colin Neil, SVP of Business Development at Adyen says:
“ 3DS 2.0 should be viewed by businesses as an opportunity to not only reduce fraud and support good shopper experiences but also to optimize revenue. Remember 3DS2.0 also allows retailers the opportunity to pass more information to the Issuers when making authorisation decisions…more information should mean more positive responses and that can only be good for the retailer”.
We’ve said it before and we’ll say it again – online fraud is always going to be a given in digital commerce. Hackers are always going to exist, and as time and technology moves on, they too are coming up with more innovative and sophisticated ways to stay ahead. However, with the advancements of solutions such as 3D Secure 2.0, there is comfort for merchants in knowing that they can crank their online security up a couple of notches without having to compromise on customer experience.
The Future of 3D Secure 2.0Only time will tell how 3D Secure 2.0 affects (or rather, enhances) the payments landscape in digital commerce. Will 3D Secure 3.0 eventually be a thing? Very likely. Will it take another 19 years before another iteration is released? Considering the rate that technology and payment methods are evolving, our bet is that it’ll most likely be sooner than later. What we do know for sure is that this is a step in the right direction for both businesses and customers alike, and it couldn’t have come at a better time.
Posted by: Michelle McSweeney