3D Secure (3DS) is an added level of authentication that allows the customer’s card issuing bank to request the customer enter a random code sent to their phone to successfully authorise a payment.
Typically the customer will be directed to a page on the card issuing bank’s website, where they are prompted to enter the code sent to their phone. Following entry of the correct code, they will be redirected back to the usual payment completion summary for that online payment.
3D Secure is enabled by default for all charges being processed using the Payment Page, Xero Online Invoicing add-on, and our Ecwid by Lightspeed integration.
If you are submitting charges directly to the Charges API, follow this guide to enable 3D Secure.
Card issuing banks requesting additional authentication (where it detects potential cardholder fraud) reduces the risk of merchants receiving a dispute.
Additionally, payments that have been successfully authenticated using 3D Secure are covered by ‘liability shift’. This means that should a payment authenticated by 3D Secure be disputed as fraudulent by the cardholder, the liability shifts from the merchant to the card issuing bank, resulting in no cost to the merchant.
3D Secure provides an added layer of protection for cardholders in the situation an unauthorised person gains access to their card details, and attempts to make a fraudulent purchase.