3D Secure 2

3D Secure 2 (3DS2) is the new industry standard for customer authentication and is a recognized solution for meeting PSD2’s Strong Customer Authentication (SCA) requirements. Braintree’s 3DS2 solution is easy to integrate and provides a simple way to authenticate eligible card transactions with a low-friction checkout experience for cardholders.


What is 3D Secure?

3DS is a security protocol that provides an extra layer of protection for online credit and debit card purchases. It was first deployed by Visa as "Verified by Visa" and later renamed "Visa Secure.” Since that initial rollout, payment-authentication services based on 3DS have been adopted by Mastercard, American Express, and other major issuers and schemes.

The protocol connects merchants, card networks, and financial institutions to authenticate transactions and share data. An additional verification step helps protect both cardholders and merchants during checkout -- a lookup determines if the cardholder is enrolled in 3D Secure and whether they will need to authenticate the transaction.


3DS2: an enhanced customer experience

The original 3D Secure protocol, 3DS1, was developed long before the smartphone, and it showed -- 3DS1 became known across the industry as a “conversion killer” due to its friction-heavy transaction process.

Please email us with your name, phone number and order number and we shall contact you within 24 hours.

But 3DS2 was specifically designed to help reduce that friction, especially for mobile checkout, thanks to a seamless mobile experience and native SDKs for both Android and iOS. And while its primary purpose is to meet SCA requirements for biometrics and two-factor authentication, 3DS2 can help improve conversion by making checkout faster and easy for customers.


More Benefits of 3DS2

This next-generation solution provides automated fraud protection. It’s always on, helping to protect customers and merchants -- no fine-tuning or maintenance beyond updates required. And rather than requiring cardholder involvement, 3DS2 uses device and browser data to accurately make authentication assessments that typically happen behind the scenes. It also offers improved ways to replace static passwords in the event of a challenge.

Shift liability for fraudulent transactions

When fraudulent transactions do occur, with 3DS2 merchants may shift the chargeback liability for those transactions from themselves to the issuing bank.

Lift authorization rates

Issuers may approve more transactions when using 3D Secure.

Simplify SCA compliance

All companies doing business in Europe need to be aware of PSD2: SCA requirements. Enabling 3DS2 is the recommended approach to ensure compliance with the new regulations


How it works

By adding an authentication step for online purchases, 3DS2 provides another fraud-protection layer for online credit and debit card transactions.
Merchant tokenizes card

Merchant tokenizes the customer card or uses the previously tokenized card

Merchant requests authentication insight

Optional: Merchant requests authentication insight, Braintree's guidance on SCA applicability

Braintree advises if SCA is required or recommended

Merchant initiates 3DS

Optional: Merchant decides to request exemptions; three possible outcomes: 1) exemption applied, 2) exemption not applied and no challenge, or 3) exemption not applied and challenge

Merchant does not request exemptions; two possible outcomes: 1) issuer triggers challenge or 2) issuer does not trigger challenge

Merchant creates transaction

Merchant initiates the verification or authorization


Braintree’s 3DS2 solution

3DS2 via Braintree provides a simple way to authenticate transactions with a low-friction checkout experience for cardholders -- plus a single integration that manages multiple acquiring relationships. Our newest front-end and mobile SDKs are built to support all 3DS2 authentication paths. This new iteration will include a method for collecting the device and browser data required by each individual issuing bank, as well as customer data elements. Merchants can also take advantage of 3DS2’s chargeback liability-shift benefit to help reduce costs associated with chargebacks categorized as fraudulent.

With 3DS2, Braintree gives merchants an upgraded weapon in the fight against fraud, plus the benefits of a seamless, secure checkout experience -- all with the peace of mind that comes with an industry-standard authentication solution to meet SCA requirements. Braintree’s 3DS2 solution also offers built-in support for both 3DS2 and 3DS1 protocols and can automatically divert your transactions, so you can be sure your business will be SCA-compliant regardless of issuer readiness.