Skip to main content

Fraud Prevention Guide: 3-D Secure (3DS)

A simple authentication standard that reduces fraud and increases payment security


What is 3-D Secure?

3-D Secure, otherwise known as 3DS, helps prevent online fraud with card-not-present transactions via frictionless authentication.

When enabled, a cardholder is required to authenticate their identity before the transaction can be completed.

"3D" stands for the three parties involved:

  1. The merchant’s acquirer/processor that accepts card payments.
  2. The issuer of the card used in the online transaction.
  3. The card brand/scheme network that connects them.

First, the cardholder enters their credit or debit card information into a website form.

The system powering the form checks if the card is enrolled in 3DS via the card issuer. If enrolled, the cardholder is automatically redirected to a 3DS webpage supplied by their card issuer.

From the webpage, the cardholder enters a unique password or temporary code. The code will be sent to their designated email address or phone number, so only the person who has access to the account or device can access the code.

If the cardholder successfully authenticates their identity, they’re redirected back to the initial website to complete their transaction.

3DS is already required in Europe thanks to the Strong Customer Authentication (SCA) regulatory requirement. SCA requires merchants to build an authentication method into their payment flow, and 3DS is the easy answer.

3DS is not currently mandated for U.S. merchants, resulting in low adoption and missed benefits.

3DS is available from all major credit card networks and most issuing banks. Many card networks have packaged 3DS into a proprietary solution. For example, American Express offers SafeKey, Mastercard offers Identity Check, Discover offers ProtectBuy, and Visa’s Verified by Visa even helped pioneer the original protocol.

See how it works directly from Stripe, Sertifi's payment processing partner.

What are the benefits of 3-D Secure?

Identity authentication and increased security makes it harder to commit fraud online, better protecting you and your customers. This ultimately protects you from having to waste time and revenue on chargebacks.

3DS shifts payment liability from the merchant back to the card issuer – meaning merchants are not liable for fraud-based disputes or chargebacks. If the cardholder disputes a transaction for fraud reasons, the issuer is liable for the funds.

This is a valuable tradeoff for implementing payment authentication. Chargebacks result in lost revenue and time, so fewer chargebacks means spending more time closing business and taking better care of your customers. Plus, you’ll avoid potential chargeback fees and penalties as serious as losing your merchant ID.

As e-commerce activity inevitably increases, it’s important to implement the strongest security measures possible, including authentication measures like 3DS, so your customers find you reliable and trustworthy. Implementing a payment authentication step shows that you care about protecting your customers and their information.

Most cardholders are automatically enrolled for 3DS by their card issuer, so taking advantage of 3DS is easy for merchants.


How do I get started with 3-D Secure?

Contact your payment gateway provider. Here at Sertifi, we make it easy for you to accept online credit card transactions securely and frictionlessly and take advantage of fraud prevention methods like 3DS.

Get paid faster with Sertifi's hotel payment solutions.

Simplify selling by electronically capturing payments and agreement e-signatures from one secure platform. Behind the scenes, SertifiPay processes payments in a fast, PCI-compliant manner at a lower cost to you. Our customers have saved up to $175k a year in processing fees.


“Sertifi allows our sales and catering group to collect signed contracts 96% faster and capture payments within one day. I always have previous employees reaching out to me because they want to add Sertifi.”