- Merchant change risk settings<\/strong><\/li>
- Management Dynamic 3D Secure Rules<\/strong><\/li><\/ul><\/td>\n<\/tr>\n
\n Limitations<\/strong><\/td>\n To use Dynamic 3D Secure in combination with risk management, risk must be enabled<\/a>. Protect premium features<\/a> must be enabled to: - Use risk-based authentication<\/a>.<\/li>
- Create custom rules to link to Dynamic 3D Secure rules<\/a>.<\/li><\/ul><\/td>\n<\/tr>\n
\n Setup steps<\/strong><\/td>\n Implement 3D Secure 2<\/a>. Then: - To use Dynamic 3D Secure:
- Configure the default 3D Secure rule<\/a> to specify your overall preferences.<\/li>
- Configure Dynamic 3D Secure rules<\/a> to create rules with more specific conditions.<\/li><\/ul>
- To override any Dynamic 3D Secure rules:<\/li>
- Specify parameters in the payment request<\/a>.<\/li><\/ul><\/ul><\/ol><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
How Dynamic 3D Secure works<\/h2>\n
To ensure that you stay compliant, we always authenticate transactions with 3D Secure if this is required by regulations such as PSD2<\/a> or other market specific regulations. To mitigate any effects on conversion, we do not trigger 3D Secure for out-of-scope transactions, or when the issuing bank does not enforce 3D Secure. For transactions within the scope of PSD2, we also handle requesting exemptions<\/a>.<\/p>\n
You can use Dynamic 3D Secure to make sure 3D Secure is requested and, in special cases, to request a 3D Secure challenge. You can do this even if 3D Secure is not required by regulations or the issuer. This can be useful, for example, to make sure a liability shift takes place or to add more friction for high-risk transactions.<\/p>\n
You can specify your 3D Secure preferences using Dynamic 3D Secure as follows:<\/p>\n
- \n
- Use the default rule<\/a> as the setting to indicate your general preference to request 3D Secure. You can set this to Prefer not<\/strong> or Always<\/strong>. When set to Prefer not<\/strong>, Adyen can still decide to send the payment through 3D Secure because the issuer requires it, to ensure compliance with regulations, or to improve conversion. When set to Always<\/strong>, we will always request 3D Secure on your behalf.<\/li>\n
- Create more specific Dynamic 3D Secure rules<\/a>. You can set conditions to determine for which payments to request 3D Secure authentication<\/a>, and if you prefer to request a 3D Secure challenge<\/a>.<\/li>\n<\/ul>\n
Alternatively, you can include parameters in your payment request<\/a> to specify when a transaction should go through 3D Secure 2. And, when you use Protect premium, you can also benefit from risk-based authentication<\/a>. Risk-based authentication sends transactions that would have been blocked by the machine learning fraud risk rule to 3D Secure 2.<\/p>\n
Default 3D Secure rule<\/h2>\n
When you create a new company account<\/a> or merchant account<\/a>, the default rule is set to Prefer not<\/strong>.
\nChoose from the following possible settings:<\/p>\n- \n
- Always<\/strong>: Use 3D Secure whenever possible. With this rule, there will still be transactions that do not go through 3D Secure authentication, for example, when the issuer doesn't support 3D Secure yet, or when the card isn't enrolled.<\/li>\n
- Prefer not<\/strong>: Do not apply 3D Secure authentication unless it is required by regulation or the issuer, or if it can help optimize performance.<\/li>\n<\/ul>\n
Dynamic 3D Secure rules<\/h2>\n
When you configure a Dynamic 3D Secure rule<\/a>, you first specify the conditions to trigger the rule, and then you determine what happens when it triggers. When the rule triggers, you can specify what you want to do: request 3D Secure<\/a> and request a challenge<\/a>.<\/p>\n
Request 3D Secure<\/h4>\n
When you proactively request 3D Secure, you add an extra authentication layer to the payment flow. The transaction either goes through the challenge flow<\/a> or the frictionless flow<\/a> depending on the issuer.<\/p>\n
This can reduce the risk of fraud because a transaction with a successful 3D Secure authentication will result in a liability shift. This way, you can use Dynamic 3D Secure rules to mitigate the risk for certain transactions.<\/p>\n
It is important to understand that there is a trade-off. By requesting 3D Secure, you add friction. This friction impacts conversion because some shoppers might drop off. However, at the same time, if the authentication is successful, you reduce fraud and obtain a liability shift.<\/p>\n
Request a challenge<\/h4>\n
You can set your preference to present a challenge even if the frictionless flow is available. Both a successful challenge flow<\/a> and a successful frictionless flow<\/a> result in a liability shift. By default, to optimize conversion, a transaction will use the frictionless flow if it is available.<\/p>\n
Requesting a challenge is a way to add more friction because it requires additional shopper interaction. We recommend that you only set your preference to always request a 3D Secure challenge in special circumstances. This because the challenge adds significant friction and could lead to a higher shopper drop-off rate. Use it, for example, when you are experiencing extremely high fraud rates and requesting 3D Secure alone does not help.<\/p>\n
Configure a Dynamic 3D Secure rule<\/h3>\n
There are few things to keep in mind when configuring Dynamic 3D Secure rules:<\/p>\n
- \n
- Rules are evaluated in order, from first to last.<\/li>\n
- If a rule is triggered, the remaining rules are not evaluated.<\/li>\n
- You can configure rules on the company account, or on a merchant account. Rules configured on the merchant account have priority and only affect payments for that specific merchant account.<\/li>\n
- Wherever possible, create several simple rules instead of combining many logic points into a single rule.<\/li>\n
- Consider each separate condition that you specify within the rule as an AND statement. The rule will trigger if both conditions are met. However, when you select multiple values within a condition, the rule will trigger when any of these values are true.<\/li>\n<\/ul>\n
To configure a rule, in your Customer Area<\/a>:<\/p>\n
- \n
- \n
Go to Revenue & risk<\/strong> > Dynamic 3D Secure<\/strong>.<\/p>\n<\/li>\n
- \n
Select Create new rule<\/strong> to make a new rule or select the name of the rule if you want to modify an existing rule.<\/p>\n<\/li>\n
- \n
Configure the criteria shown in the following table.<\/p>\n
You can combine criteria to create nested rules. For example, you may decide to use 3D Secure for every transaction where the issuing card is from Mexico and the transaction value is above USD 100.<\/p>\n
- \n
- \n
- Prefer not<\/strong>: Do not apply 3D Secure authentication unless it is required by regulation or the issuer, or if it can help optimize performance.<\/li>\n<\/ul>\n
- Create more specific Dynamic 3D Secure rules<\/a>. You can set conditions to determine for which payments to request 3D Secure authentication<\/a>, and if you prefer to request a 3D Secure challenge<\/a>.<\/li>\n<\/ul>\n
- Use the default rule<\/a> as the setting to indicate your general preference to request 3D Secure. You can set this to Prefer not<\/strong> or Always<\/strong>. When set to Prefer not<\/strong>, Adyen can still decide to send the payment through 3D Secure because the issuer requires it, to ensure compliance with regulations, or to improve conversion. When set to Always<\/strong>, we will always request 3D Secure on your behalf.<\/li>\n
- Configure Dynamic 3D Secure rules<\/a> to create rules with more specific conditions.<\/li><\/ul>
- Configure the default 3D Secure rule<\/a> to specify your overall preferences.<\/li>
- Create custom rules to link to Dynamic 3D Secure rules<\/a>.<\/li><\/ul><\/td>\n<\/tr>\n
- Management Dynamic 3D Secure Rules<\/strong><\/li><\/ul><\/td>\n<\/tr>\n
![\"\"](\"https:\/\/docs.adyen.com\/user\/pages\/docs\/10.risk-management\/15.dynamic-3d-secure\/dynamic-3ds-sample-rule.png\")
"}}