3-D Secure: Staying Proactive About Hotel Fraud Prevention 

Fraud continues to be a costly concern for the hospitality and travel industry. Commonplace preventative measures, like capturing CVV codes with credit card transactions, are no longer enough to ensure transaction security and prevent fraud. As a result, teams are losing valuable time and revenue disputing fraudulent activity and chargebacks. 

3-D Secure (3DS) is nothing new in Europe, as it’s already required in Europe thanks to the Strong Customer Authentication (SCA) regulatory requirement. SCA requires merchants to build an authentication method into their payment flow, and 3DS is the easy answer. 

However, it is a newer security standard U.S. merchants can still adopt to secure online payment transactions and reduce the risk of unauthorized charges. The best part: most cardholders are automatically enrolled in 3DS by their card issuer, so taking advantage of 3DS is easy for merchants.

What is 3DS and how does it work? 

3DS stands for 3 Domain Server because of the three parties it involves:  

1. The merchant’s acquiring/processing bank that accepts card payments.
2. The issuer of the card used in the online transaction.
3. The card brand/scheme network that connects them. 

3DS adds a frictionless layer of protection to card-not-present (CNP) e-commerce transactions by requiring cardholders to authenticate their identity before the transaction can be completed – only if the transaction is flagged as by being potentially fraudulent. 

Here’s how it works:      

1. The cardholder enters their card information to complete payment. 
2. If the card-issuing bank deems the transaction as low risk, they approve the transaction. No authentication is required. 
3. If the card-issuing banks deems the transaction high risk, cardholders will be asked to authenticate themselves, e.g., by entering a unique temporary code. The code will be sent to the cardholder’s designated email or phone number, so only the person who has access to the account or device can access the code. Verification methods vary by bank but are always user friendly for genuine cardholders. 
4. Once the cardholder successfully authenticates their identity, the bank will approve the transaction and redirect the cardholder back to the online payment form to complete their payment. 

What are the benefits to 3DS? 

3DS doesn’t just protect the cardholder; it protects merchants, too. That’s because 3DS shifts payment liability back to the card issuer – so if a fraudulent chargeback does occur, they’re responsible for mitigating the problem instead of the merchant. This is a valuable tradeoff for implementing payment authentication. Chargebacks result in lost revenue and lost time, so fewer chargebacks means spending more time closing business and taking better care of your genuine customers. Plus, you’ll avoid potential chargeback fees. 

Aside from protecting revenue, the implementation of a payment authentication step shows that you care about protecting your customers and their information. As e-commerce activity inevitably increases, it’s important to implement the strongest security measures possible, including authentication measures, so your customers find you reliable and trusting. 

How can you start taking advantage of 3DS? 

The first step might be obvious: start accepting online payments! Then, work with your payment gateway and processing partner to get started. The right e-commerce partner will take the work out of making online payment transactions secure, reliable, and easy. They’ll also make it easy to access and adopt fraud prevention tools like 3DS. For example, using Sertifi’s payment processor, SertifiPay, you can easily prevent payment fraud using 3DS once the solution has been implemented.