Many companies have adopted 3D Secure (3DS) as part of the EU’s revised Payment Services Directive (PSD2) and the Secure Customer Authentication requirement. This article is meant to explore the advantages of using biometrics in addition to, or in place of, 3D Secure to provide a more secure customer payment experience.
3D Secure in a nutshell
3D Secure is an authentication protocol designed to enhance the security of online credit and debit card transactions. It verifies the cardholder’s identity and validates the transaction, reducing the risk of fraudulent activity.
When a customer initiates an online payment, the transaction is redirected to the card issuer’s authentication page, where the customer enters the required information. Once verified, the transaction is approved, providing merchants and customers with confidence in the security of their online transactions.
Combining 3DSecure with other security measures, like biometric authentication, can provide an even higher level of protection against fraud and unauthorized access. Ultimately, the choice between 3D Secure and biometrics depends on the specific use case, regulatory requirements, and the desired balance between security and user experience.
Same same, but different
Both 3DSecure and biometrics are security measures used to enhance the authentication process in different contexts. While they serve similar purposes, they have distinct advantages.
Advantages of 3DSecure:
- Established system: 3DSecure, also known as Verified by Visa or Mastercard SecureCode, is a widely adopted authentication protocol for online transactions.
- Compatibility: 3DSecure is supported by most major card issuers and payment gateways, making it compatible with a range of online merchants and banks.
- Liability shift: By implementing 3DSecure, the liability for fraudulent transactions can be shifted from the merchant to the card issuer, providing an additional layer of protection for online merchants.
- Consumer familiarity: Many users are familiar with the 3D Secure process, which involves entering a password or a one-time authentication code. This provides a level of comfort and trust during online transactions.
Advantages of biometrics:
- Enhanced security: Biometric authentication, such as fingerprint, facial recognition, or liveness checks, offers a high level of security as it relies on unique physical characteristics that are difficult to forge or replicate.
- Convenience: Users can simply use their unique physical traits for authentication without the need to remember passwords or PINs.
- User acceptance: Biometrics have gained significant popularity and acceptance among users thanks to their integration into mobile devices like smartphones and tablets. Users find it intuitive and easy to use.
- Non-repudiation: Biometrics provide a strong form of non-repudiation, meaning that an individual cannot deny their involvement in a transaction or action since their unique physical traits are used for authentication.
Preparing for the inevitable?
Currently, only around 3% of transactions in the United States are using 3D Secure. This is problematic, as 70% of fraud is coming from Card Not Present (CNP) transactions. It’s clear that merchants need a better, more secure way to authenticate their customers. With 52% of consumers comfortable using biometric authentication in processing a transaction, it’s a great route to pursue.
Additionally, since the US is a trading partner of the EU, portions of the PSD2 already apply in the states. It’s inevitable that the US will also eventually mandate a secondary authentication method when transactions meet certain criteria (determined by velocity, payment size, recurring vs. first-time, etc).
Get ahead of the curve by protecting your business with a robust biometric identity verification (IDV) solution. The best solutions are two-pronged, verifying customers upfront (thereby ensuring you have a more qualified customer base), as well as at the end point (protecting against account takeovers).
About the post:
Images are AI-created. Prompt: Two astronauts shaking hands on the moon. Tool: DALL-E.
About the author:
Rachel Quick is the Senior Vice President of Customer Success at IDVerse. With nearly two decades of finance and billing systems experience in the fraud and risk management space, Quick ensures the company’s customers are considering the broader risk environment in all their interactions.