INFORMATION FOR MERCHANTS ABOUT THE NEW 3D SECURE 2.0 PROTOCOL

The announcement of the new 3D Secure 2.0 process (3DS 2.0) by the EMVCo has unsettled many players in e-commerce in recent months. On this page you will find everything you need to know about the new

procedure and what you have to do to be prepared for the launch of 3D Secure 2.0 on September 14, 2019.


Content

3D Secure and 3D Secure 2.0 at a glance

How does 3D Secure work so far?

The globally standardized 3D Secure Protocol (3DS), which was introduced in 2002, offers merchants and consumers additional security for credit card transactions. With this procedure, online shoppers verify themselves to their card-issuing bank (issuer) as legitimate cardholders. In contrast to a conventional credit card payment process on the Internet, 3D Secure requires an additional security code. This makes the misuse of credit cards much more difficult.

 

How does 3D Secure 2.0 differ from the previous method?

 

Essentially, 3D Secure 2.0 is a refinement of the previous 3D Secure protocol. With each credit card order, up to 100 data points will be be transmitted to the issuer; based on these data points, the issuer performs a real-time risk assessment. If a transaction is classified as low-risk, it can be authorized directly and without further interaction by the buyer. However, if fraud is suspected, the buyer is requested to confirm his identity again, for example by push-TAN. The risk assessment takes place in the background and is not perceptible to the buyer. The collection and forwarding of the necessary data takes place both via the merchant's shop backend and via the Payment Service Provider (PSP), which connects 3D Secure 2.0 to the respective shop.

When and why will 3D Secure 2.0 be introduced?

The declared aim of introducing 3D Secure 2.0 is to meet the requirements of Strong Customer Authentication (SCA) and to establish it as the standard for electronic payment procedures from 14 September 2019. On the other hand, the introduction is also intended to reduce the percentage of cancelled purchases: Thanks to the individual, data-based risk assessment, transactions can be cleared directly and without further buyer interaction in approx. 95 percent of all cases - in future, the majority of purchases will therefore take place without entering a 3D Secure Code.

 

Important downloads

Videos

Monika Moser Bärlehner (Computop):
News about PSD II / 3D Secure

Sten Werner (Computop):
Improving usability for the 3D Secure 2.0 process - delegation of SCA

Frequently Asked Questions (FAQ) for Technicians and Integrators

Frequently asked questions (FAQ) for ecommerce managers and decision makers

Glossary


If you have any questions, our support team will be happy to assist you.

Kontakt Support UK

 

Fon: +49 (0)951 98009-39
helpdesk(at)computop.com

Changelog

14.08.2019
  • Documentation for live testing of 3D Secure 2.0 with Computop is now available
22.07.2019
  • Downloads: New version of the technical documentation online. Note: From now on you won't find a PDF here anymore. You will be redirected to our new online documentation instead
  • Content: New section with videos about 3D Secure 2.0 added
  • Content: Two new FAQs for decision-makers on "Transition period" and "Permissibility of 3D Secure 1.0 from 14 September"
17.07.2019
  • Content: Presentation by Monika Moser-Bärlehner about the latest news on PSDII and 3D Secure 2.0.
  • Content: Presentation by Sten Werner on the SCA delegation option in the course of PSDII / 3D Secure
  • Content: New-FAQs for E-Commerce Managers concerning the EBA statement of June 21th.
02.07.2019
  • Download: COF info sheet added; describes among other things the new, more comfortable COF-Flagging
  • Content: Glossary with important terms around 3D Secure 2.0 added
  • Content: New FAQ for technicians about Private Protocol Extensions and Whitelisting
  • Content: New FAQ for E-Commerce Managers about Whitelisting
19.06.2019
  • Downloads: New version of 3D Secure 2.0 brochure available
13.06.2019
  • Downloads: Added "Legal information regarding GPDR" to "Important Downloads"
  • Content: FAQ about COF/COF-Flows removed; here we are working on a new, more convenient solution
  • Content: RSS feed added; you can now subscribe to the changes on this page via RSS
  • Content: bevh-Webinar with Ralf Gladis added to "Important Downloads and Resources" (german content)
20.05.2019
  • Content: New category "Changelog" added
  • Content: Clarification of content in the area "What you need to consider".
  • Content: Two new FAQs for technicians and integrators on CredentialOnFile (COF)
  • Content: FAQ for technicians about Account Verification (AccVerify) revised
  • Content: Three new FAQs for ecommerce managers and decision makers
  • Downloads: New version of technical documentation available (version date: 20.05.2019); changes: New content regarding Authenticaion-only was added, different status values were adjusted and the parameter MsgVer was introduced.