Verify card payments with 3D Secure 2.0, the next generation of card authentication.
3D Secure 2.0 is the new generation of authentication technology provided by card schemes, providing an additional layer of verification on Card Not Present (CNP) transactions.
When 3D Secure 2.0 authentication is used, the liability for fraudulent transactions shifts to the card issuer.
Unlike the first iteration of 3D Secure, you can use an iframe to implement the request for authentication asynchronously on the same page without redirection. That means your shoppers are not redirected and there is no negative impact on your conversion rate. In many cases the shopper's identity can be verified via their device fingerprint and additional information, resulting in a frictionless payment experience. If additional verification is required, this is now performed within the payments page of your website or natively in your mobile application.
3D Secure 2.0 is supported by the following card schemes:
- Discover / Diners
- American Express
- Cartes Bancaires
How it works
Authenticating a payment with 3D Secure 2.0 follows these steps:
- Your server submits a 3D Secure 2.0 payment request. This checks whether the shopper's card is enrolled with 3D Secure 2.0 and also applies additional Dynamic 3D Secure logic, if applicable.
- If the card is enrolled, your server receives a token and information that you need for using the SDK.
- The SDK fingerprints the shopper's device and passes the result to your server.
- Your server requests 3D Secure 2.0 authentication:
- If the device fingerprint is approved, authentication is completed and the payment is authorised.
- If the device fingerprint is not approved, the SDK requests additional verification from the shopper to authenticate the payment. If verified successfully the payment is authorised.
To integrate 3D Secure 2.0 into your test payments flow, you'll need to: