What is EMV 3DS 2.0? Why HiTRUST?

3DS, also known as 3-Domain Secure, is a security protocol to provide a mechanism to card issuers to verify the identity of their cardholders. The service is designed to prevent fraud in card-non presentation, which will benefit all participants (issuers, acquirers, and merchants) by improving the transaction security.

3-D Secure 1.0 drawbacks

Compared with modern payment methods, 3DS1.0 uses more complicated strong-customer authentication, which leads to poor shopping experience and smaller conversion. Main disadvantages of version 3D-Secure 1.0 are:

  • the workflow might be complicated, which leads to smaller conversion;
  • 3-D Secure 1.0 doesn’t fit well with mobile devices;
  • lack of seamless integration with modern payment tools like wallets;
  • limited set of possible authentication methods, which some are unsafe;
  • unable to authorize based on dynamic risks scoring

3-D Secure 2.0 enhancements

Due to the above-mentioned drawbacks, the payments industry recognized the need to create a new 3-D Secure specification to better reflect current and future market requirements. Thus since January 2015, EMVCo, a company which is collectively owned by American Express, Discover, JCB, MasterCard, UnionPay and Visa, were developing the EMV 3DS 2.0 Specification and in October 2016, the specs for 3-D Secure 2.0 was published.

New features of 3-D Secure 2.0:

  • Supports in-app payment on mobile and other consumer devices

  • Improves the consumer experience by enabling intelligent risk detection to streamline authentication process

  • Specifies use of multiple options for step-up authentication, including one-time password and biometrical recognition

  • Enhancements that enable merchants to integrate the authentication process into their checkout experiences

  • Improve message processing capacity of merchants, issuers, and acquirers

  • Adds the non-payment message category to provide cardholder verification details to support various non-payment activities, such as adding a payment card to a digital wallet.

3DS2 schedule

  Liability shift Issuer deadline Acquirer deadline
VISA 2019/04 2019/10 2020/10
Mastercard 2018/10 2019/10 2020/10
JCB 2019/04 2019/10 2020/10
CUP 2019/11 2019/10 2020/12

Why HiTRUST 3DS 2.0?

  • Rich successful cases of 3DS2.0 project

    Over the past decade, we have been providing 3DS 1.0 authentification service for more than 80% of the issuing banks’ local system. In the new era of 3DS2.0, with the recognition by both regular and new customers, HiTRUST has become the leading technical service provider of 3DS2.0 in Greater China area and SEA. with sophisticated and successful implementation experience.
  • Operation experience in 3DS2 on-line acquirement

    As an enterprise affiliated with HiTRUST.com, HiTRUSTpay is the leading third-party payment operator in Taiwan. HiTRUSTpay supports 3DS payment of 10 acquiring banks, and provides service for over 1000 merchants with tens of thousands transactions per day. After learning about the difficulties of acquiring banks and merchants in applying 3DS2 authentication, we provide a fast and effective access mode and API interface, which significantly reduce the system improvement costs of acquiring banks and merchants.
  • Pay-by-traffic cloud service

    HiTRUST provides innovative 3DS cloud service solutions. Leveraging experience and expertise in risk detection and authentication management, a 3DS cloud authentication sharing center is established to provide flexible service plan for financial institutions, which can reduce both the time spent in system development and the maintenance cost. “Pay-by-traffic” mode is a way to provide tailored 3DS authentication service based on the specific need of every customer. At present, HiTRUST has cooperated with CUP Data to set up a 3DS ACS sharing center and a 3DS SVR cloud authentication service center of HiTRUSTpay.
  • Big data risk factor analysis

    Financial institutions have been searching for better solutions to ensure customers’ transaction safety, reduce the risk of fraud, and improve the convenience and success rate of the transaction process. HiTRUST works with financial institutions to conduct cross-over analysis of 3DS2.0 data, as well as bank customers data, using AI algorithm, in order to establish a big data risk scoring model with continually improving detection capability paired with real-time analytics, increase your profits while reducing fraud related losses.
  • Investment in the R&D of leading EMV payment technology

    As a major provider of authentication and payment security solutions, HiTRUST continuously works with our issuers, acquirers, and payment networks to improve our solutions in EMV payments and introduce the latest payment products and apps in line with international standards. As a strategic partner of China UnionPay, we also make recommendations for the security specifications of UnionPay card EMVCO online transactions, and make experimental R&D investments.