3DS2 is the latest version, but with some key differences, including: being mobile optimised, offering exemptions for certain transactions types and removing the need to redirect customers (which has previously caused an increase in basket abandonment).
SCA is a legal requirement in the EU, which came into force in the UK and EU from 31 December 2020 and in the UK from 14 March 2022. As consumers continue to buy more goods and services online, there's been a growing need for an additional layer of security that protects both the consumer and merchant from falling victim to fraud. This new regulation ensures that an additional security layer is added to most online payment flows.
The Regulation
The Payment Service Directive is a European regulation designed to make online payments more secure, improve customer rights and enable third-party access to account information.
The Requirement
Strong Customer Authentication is a requirement of PSD2, designed 'to make online payments more secure'. It asks businesses to use 2 authentication elements to verify online payments.
The Solution
3D Secure 2 is an authentication protocol for SCA. It adds an additional layer of security during online transactions to help ensure that the cardholder and the person making the purchase, match.
The Regulation
The Payment Service Directive is a European regulation designed to make online payments more secure, improve customer rights and enable third-party access to account information.
The Requirement
Strong Customer Authentication is a requirement of PSD2, designed 'to make online payments more secure'. It asks businesses to use 2 authentication elements to verify online payments.
The Solution
3D Secure 2 is an authentication protocol for SCA. It adds an additional layer of security during online transactions to help ensure that the cardholder and the person making the purchase, match.
1.
The customer starts the transaction on your website or in your app.
2.
If the issuer is satisfied that the cardholder is the person making the purchase they'll authenticate the payment . If not, they'll ask the cardholder for some extra input.
3.
Once the issuer is satisfied, they'll authorise the payment.
An overview on what the regulation is, how it came into force and what merchants need to do or be aware of in the coming months.
While we'll continue to update this toolkit, if you have any additional questions that are not covered here, email us at help@judopay.com.