Risk & Compliance
3D Secure (3DS)
Definition
3D Secure (3DS) an authentication protocol that adds a verification step during online card payments. The cardholder authenticates via their bank (password, SMS code, biometrics). 3DS2 is the current version, offering frictionless authentication for low-risk transactions. Mandatory in Europe under SCA/PSD2 requirements. Shifts fraud liability from merchant to issuer for authenticated transactions. Can impact conversion rates but reduces fraud.
Related Terms
SCA (Strong Customer Authentication)
A European regulatory requirement under PSD2 mandating two-factor authentication for electronic payments. Authentication must use two of: knowledge (PIN/password), possession (phone/card), or inherence (biometrics). Applies to EEA and UK transactions. Various exemptions exist: low-value transactions, trusted beneficiaries, transaction risk analysis, and recurring payments. 3DS2 is the primary implementation method.
PSD2 (Payment Services Directive 2)
European regulation governing payment services, effective since 2019. Key provisions include Strong Customer Authentication (SCA) requirements, open banking mandates, and enhanced consumer protections. Applies to EEA countries and influenced UK regulations. PSD2 changed the payment landscape by requiring 3DS for most online transactions and enabling third-party access to bank accounts.
CNP Fraud (Card Not Present)
Fraudulent transactions where the physical card is not present, typically in e-commerce. Includes stolen card credentials, account takeover, and synthetic identities. CNP fraud rates are significantly higher than card-present fraud because the merchant cannot verify physical card possession. Prevention relies on AVS, CVV, 3DS, device fingerprinting, and fraud scoring.
Need help navigating payment terminology?
We speak fluent payments. Let us translate for your business.
Talk to Us