From 3-D Secure 1.0 to 2.0: context and issue

LIMITATIONS OF 3-D SECURE 1.0

The 3-D Secure authentication protocol had originally been designed by schemes as an additional security layer for online transactions. When applied successfully, it helped mitigating fraud and representing certain chargebacks. However, the payment industry pointed out dysfunctions such as false declines generation, difficulties in authentication process and lack of opt-out option. Authentication experience on mobile was also often criticized for not being optimized. EMVCo then decided to prepare and deploy an updated version of the protocol, known as EMVCo. 3DS 2.0 or 3DS2.

EVOLUTIONS OF VERSION 3-D SECURE 1.0

Improvements brought by EMVCo, company co-owned by all major international schemes, to the protocol aim to:

• Strengthen security against fraud using updated authentication measures
• Reduce friction in authentication process for the cardholder
• Allow in-app authentication and be compatible with mobile devices
• Enrich transaction-related data shared between Issuers and Acquirers.

DEPLOYMENT OF 3-D SECURE 2.0

EMVCo. 3DS 2.0 or 3DS2 is the official name for the latest versions of the 3-D Secure protocol. Its design meets the specifications on Strong Customer Authentication (SCA) found in the Regulatory Technical Standards (RTS) published by the European Banking Authority (EBA) and approved in March 2018.

Discover our special folder to prepare your company to new European requirements and anticipate the impacts on your turnover.

PSD2 Folder