How Can 3DS 2.0 Help your Business?
Back in 2018, Europe announced changes that would be coming to the e-commerce, card-not-present payment space. This change was referred to as Secure Customer Authentication (SCA) which described a multi-factor authentication process for all customer-initiated transactions that took place online. As this mandate developed we began to see a new 3D Secure process evolve in order to fill this new protocol. 3D Secure is not new to the e-commerce industry, as 3D Secure 1.0 has been available for many years. However, 3DS 2.0 is not just the predecessor to 3DS 1.0 it is a whole new process that keeps the customer experience in mind while maintaining customer protection against fraud.
Then what is the difference between 3DS 1.0 and 3DS 2.0?
As shown in the chart below there have been some significant improvements to the 3D secure process in order to create a smoother customer experience while still maintaining fraud protection.
|3D Secure 1.0||3D Secure 2.0|
|Static Passwords||Sophisticated Authenticators|
|Browser Dependent||Mobile Enabled|
|Enrollment Required||No Enrollment Required|
|Merchant Bound by Issuer Decision||Merchant Opt-Out Options|
|Payment Use Cases Only||Additional Use Cases|
|Limited Dataset||Enriched Dataset|
The most common complaint regarding 3D secure 1.0 was the static password. Once it was set the customer was required to remember it for all future transactions where 3DS was triggered. The problem with this was, how is someone supposed to remember a pin which they rarely use. Since 3D secure 1.0 was not a mandatory protocol and the implementation of 3DS was a burden to most merchants, it was rarely implemented and therefore customers would not be asked for their pin regularly. In order to prevent this issue in the future, a change was made to the authentication process for 3DS 2.0. The static password was removed, and a more preferred authentication process was put in its place.
Another concern with 3DS 1.0 was that it relied on the client to enroll in the program and therefore setting up their card with their pin. This reduced the number of total cards which were enrolled in the 3D secure process and were left without the fraud protection. In order to combat this issue the new 3DS 2.0 protocol implemented automatic enrollment into 3DS 2.0 in order to reduce the reliability of the client and more the reliability to the merchant. With this change merchants had more control over the 3DS process and would be able to better implement it without compromising their customer experience.
The last major change to highlight is the Data set collected by the merchant for the purpose of reduced fraud. Originally for 3DS 1.0 the data set collected was only 15 parameter fields however the data set collected for 3DS 2.0 are 150 parameter fields. This allows for the ability to complete a 3DS 2.0 frictionless transaction where there is no additional action required by the client. When developing the 3DS 2.0 transaction flow the main focus was to create a flow where there would be no action required by the customer in order to authenticate and complete a 3DS transaction this became known as the frictionless flow. The frictionless transaction flow is determined by the issuer’s third-party control servers in order to authenticate customers through a model called risk-based authentication which would allow for a more seamless transaction experience for all customers completing ecommerce payments.
Why choose 3DS 2.0?
While all the new changes to 3DS 2.0 have reduced the impact and burden to the customer experience it is still more work for merchants to implement this protocol, so why would a merchant implement 3DS 2.0. The biggest benefit of completing the 3DS transaction flow is the increase in authentication rates. On average merchants who implement 3DS 2.0 will see roughly a 10% increase in their overall authorized transactions. They also see a decrease in the number of false declines due to issuer decisions, because the data being shared between the merchant and the issuer are much more detailed allowing for the issuer to make a better risk assessment, therefore, approving more transactions. The final benefit for implementing the 3D secure 2.0 protocol is the liability shift, which is where the chargeback responsibility falls on the card brands themselves instead of on the merchant because the merchant went above and beyond to prevent fraud. Overall the benefits that merchants receive while still being able to maintain a smooth customer checkout experience outweighs all the possible reasons why a merchant would not want to implement 3D secure.