“3D Secure is about as helpful as a chocolate fire guard.” - Merchant view of 3D Secure, as succinctly expressed on Twitter.
For a number of years, the payments industry has associated 3D Secure with a terrible shopper experience and a corresponding negative impact on conversion rates and revenue.
Understandably, this has led to a general reluctance among merchants to adopt the extra security layer that it offers.
But as is often the case in the payments industry, a one-size-fits-all attitude (use it or don’t) fails to take into account the complexities of the payments landscape, as well as the unique situation of ecommerce players – and for many businesses, this is an enormous missed opportunity.
A complex set of factors affect 3D Secure success
After analyzing 3D Secure data across 18 global markets in early 2014, Adyen found that in six markets, implementing it across all transactions actually had a positive net effect on conversion – including the UK, India, and Russia, among others.
The “net” part of the last sentence is important, because at first glance, this seems to suggest that a market-by-market approach might help merchants combat fraud and increase conversion. For example, merchants in the UK that implement 3D Secure should see an average 3% increase in conversion.
But this is simply not the case. Even within the UK, multiple factors affect conversion rates. For example, Adyen found that using 3D Secure on Visa debit cards in the UK increases the conversion rate by an average of almost 8%, but for Visa business credit cards in the UK it actually decreases conversion by an average of almost 7%.
And since market and card types have such a dramatic effect on 3D Secure, it should come as no surprise that multiple other factors affect conversion rates too.
In particular, 3D Secure’s horrible mobile experience has a significant negative impact on conversion from a mobile device.
Other factors include the transaction value (shoppers making small purchases might drop off due to the extra step in the payment process), time to booking, day of week, time of day, (often these factors are related to sophisticated fraudsters identifying when fraud teams are off work) whether or not someone is a repeat shopper (you don’t want to ask the same customer to go through the 3D Secure step repeatedly!), and of course risk level.
A Dynamic Approach to 3D Secure
These factors are just examples, and your business’s particular situation will vary according to its unique mix of industry, markets, preferred card types, customer payment preferences, mobile/desktop mix, and so on.
With that in mind, merchants are advised to take a dynamic approach to using 3D Secure, which includes the following points:
- Customize your strategy: The first and most important step is to customize which transaction types should be routed through 3D Secure. Take the time to assess the factors are most risky for your particular business situation (see above for a useful starting point of factors to consider), and consider automating 3D Secure as an extra security layer just for those particular transactions.
- Educate your shoppers: As touched on above, one of the reasons there is such a high drop-off rate on 3D Secure Transactions is that shoppers are concerned it is a security threat. Merchants are advised to proactively educate shoppers on the security benefits, such as within FAQ sections.
- Regularly re-evaluate: As businesses expand to new markets, accept different card types, and roll out new products, what works today may not necessarily be valid tomorrow. This is also true for attempted fraud, as fraudsters constantly change tactics in an attempt to beat the system.
Increased Revenue, and Optimized Security
In the near to mid term, it is highly likely there will be increased adoption of 3D Secure due to the support of:
- card schemes, which will continue to incentivize its use by offering lower interchange fees
- issuing banks, which are likely to optimize the use of 3D Secure for mobile.
By applying a dynamic approach to 3D Secure now, ecommerce businesses can position themselves to further optimize security and conversion rates.
The next time someone complains that it’s as useless as a chocolate fire guard, you know how to reply!
A version of this post was originally published on Finextra.