繁中EN

What is 3DS Secure

線條
3DS is acronym for 3-Domain Secure, an identity authentication for the cardholder offered by Card Scheme and issuing bank to prevent fraud in online credit card transactions. Over the past few years, the demand for e-commerce has been increasing rapidly (and still is). The devices have broadened from PC to mobile and tablet, and the online credit card transaction security has been augmented as well. To keep up with the pace of e-commerce security fulfillment and setting industrial standards, the Card Scheme entrusted the online transaction authentication method to EMV managed by EMVCo. In October 2016, EMVCo officially released the 3D Secure 2.0 specifications, and announced that the Card Scheme (Visa, Mastercard, UnionPay, JCB, AE, Discover,and etc) are adopting the established standards.

3DS 1.0 VS 2.0

線條
Enhancements 3DS 1.0 3DS 2.0
Environment PC Browser PC Browser
Mobile Browser
App
Risk Assessment NA RBA
Authentication Flow Challenge Flow Frictionless Flow
Challenge Flow
OOB Flow
Authentication Scheme OTP
Static password
Third-Party APP
Message Handling Multiple web pages redirection Pro: Optimized

3DS 2.0 offers multiple authentication options with flexibility and efficiency, improves message processing efficiency, and optimizes user experience without jeopardizing online transaction security. Based on cardholder’s transaction risk assessment, 3DS 2.0 facilitates issuer choosing from Frictionless flow or Challenge flow to identify cardholder. Change to : Based on cardholder’s transaction risk assessment, 3DS 2.0 facilitates issuer adapting Frictionless mode or Challenge mode to do identification.

  • Frictionless flow: Similar transaction pattern detected, which allows the issuer to authorize a transaction without cardholder interaction.
  • Challenge flow: Dissimilar transaction pattern detected such as transaction on unknown device. It will trigger the issuer to proceed further authentication options for security purpose. For example, send OTP from the issuer server to consumer's mobile phone.

EMV 3DS 2.0 Flow

線條

①~③ : Transaction begins and sending an authentication request to the issuing bank.
④~⑤ : Issuing bank process 3DS authentication required by cardholder.
⑥ : Authentication feeds back through Directory Server (DS) to complete the transaction and payment procedures (as gray lines).

3DS 2.0 Features

線條
  • 10+ times features collected

  • Risk assessment based on multi-dimension featutres

  • Supports mobile device applications

  • Authentication integrated with check out process

  • Exempt, OTP, OOB & other challenge methods

  • Applicable to non-payment scenes authentication

RBA - Creates an frictionless shopping experience

線條
  • Reduce challenge rate

    Only to 5% of the
    high-risk transactions

  • Transaction abandonment rate

    70% reduction
    (compared to 3DS 1.0)

  • Checkout time needed

    85% reduction
    (compared to 3DS 1.0)

  • Customer service loading reduction

    85% reduction

  • Fraud rate

    0% increase

HiTRUST 3DS 2.0 Solutions

線條

Offers "credit card security verification system" to issuing banks. Compliant with EMVco specifications, and to fulfill banks' need of applying Access Control Server and Risk Based Authentication server. Also, systems such as hardware and network architecture are adjustable depend on the volume of transaction.

Offers "3DS server" to acquiring banks. Compliant with EMVco specifications, and to assist obtaining users' information for online credit card payment authentication.

Collects "device information" based on EMVCo specification. Compatible with iOS and Android. Support multiple authentication methods, including OTP(One Time Password) and OOB(Out of Band).

Copyright © 2019 HiTRUST.COM (HK) Inc.

Copyright © 2019 HiTRUST.COM (HK) Inc.