PCI DSS compliance v4.0: Your requirements checklist
3D Secure is often seen as a conversion killer. It complicates the payment process by redirecting customers to a page where they have to enter a code.
Customers often forget this code, leading to drop-offs, and lost conversions. But today, several forces are bringing two-factor authentication into the spotlight.
The good news is that 3D Secure comes with several advantages. The big one is the liability shift, which means the issuer shoulders the responsibility in the case of a chargeback.
So what else can you do to get the best out of two-factor authentication?
Dynamic 3D Secure is the best of both worlds. It helps you maintain the balance between stopping fraud and keeping payments simple.
Adyen Dynamic 3D Secure is a rules-based approach that routes specific transactions through 3D Secure.
Each transaction is assessed against the following criteria:
Risk-based authentication (RBA) is a more sophisticated approach. It uses behavioral analytics, device fingerprinting, and more, to authenticate your customer.
Generally, about 80% of transactions are identified as low risk and go unchallenged. So most customers can pay uninterrupted. In the meantime, transactions flagged as 'high-risk' are checked instead of being blocked outright.
This smart approach helps lower your customer drop-off rate. The graph below illustrates the fall in drop-off rate thanks to RBA. This is a key part of our risk management solution, RevenueProtect.
As you can see, it has a significant impact in Brazil and Mexico.
Performance-based authentication falls under a combination of factors related to geography and issuer.
Adyen can identify issuers and markets that provide a seamless customer experience through 3D Secure. We also maintain a list of regions and issuing banks that mandate the use of 3D Secure.
In some markets, 3D Secure has a positive effect on conversion. This tends to happen in markets where:
In some markets, issuing banks have invested in delivering a seamless 3D Secure experience to further reduce drop-off.
In Nordic markets, several issuing banks use passive authentication to grant a liability shift. This is based on browser data and other information.
They have also invested in technology like fingerprint authentication to make the process easier than ever.
As you can see from the graph below, the rate of drop-off varies from country to country:
The authentication will now occur inside your website environment, eliminating the need for a redirect.
And it will include SDKs that allow you to build authorization flows in-app. This will vastly improve the mobile experience.
This update will also let you use token-based and biometric authentication, instead of passwords.
So in the future, a 3D Secure authentication will take place entirely in-app, with the touch of a finger.
We will be a 3D Secure 2.0 launch partner, with the updated protocol available over the course of late 2017 and 2018.
By submitting this form, you acknowledge that you have reviewed the terms of our Privacy Statement and consent to the use of data in accordance therewith.