Card authentication and 3D Secure

What is 3D Secure?

3D Secure (3DS) is an added level of authentication that allows the customer’s card issuing bank to request the customer enter a random code sent to their phone to successfully authorise a payment.

Typically the customer will be directed to a page on the card issuing bank’s website, where they are prompted to enter the code sent to their phone. Following entry of the correct code, they will be redirected back to the usual payment completion summary for that online payment.

Where is it enabled?

3D Secure is enabled by default for all charges being processed using the Payment Page, Xero Online Invoicing add-on, and our Ecwid integration.

If you are submitting charges directly to the Charges API, follow this guide to enable 3D Secure.

Benefits of 3D Secure

Protection for the merchant

Card issuing banks requesting additional authentication (where it detects potential cardholder fraud) reduces the risk of merchants receiving a dispute.

Additionally, payments that have been successfully authenticated using 3D Secure are covered by ‘liability shift’. This means that should a payment authenticated by 3D Secure be disputed as fraudulent by the cardholder, the liability shifts from the merchant to the card issuing bank, resulting in no cost to the merchant.

Protection for the cardholder

3D Secure provides an added layer of protection for cardholders in the situation an unauthorised person gains access to their card details, and attempts to make a fraudulent purchase.

Unable to find the answer you need? Contact our team for assistance.