3D Secure 1 vs 3D Secure 2: What Are The Main Differences?

When 3D Secure 1 first arrived, it was revolutionary in the world of digital payments as it added an extra security layer for online credit and debit card transactions. Also known as 3Ds, the name of this protocol refers to the "three domains" that interact using the protocol: the merchant (acquirer) domain, the issuer domain, as well as the interoperability domain.

Now, 3D Secure 1 has evolved into a better, faster, and more secure version that protects all parties in an online payment transaction. In this article, we will discuss the main differences between 3D secure 1 vs 3D secure 2, exactly what has changed in the new version, and how this is impacting you as a merchant.

So, without further ado, let's dive right into it.

3D Secure 1 vs 3D Secure 2: What Are The Main Differences?

3D Secure 1 and 3D Secure 2 are two different security protocols used to protect online payments. Both are designed to reduce the risk of fraud, but they do this in different ways.

So, which one is better? And what are the main differences between them? In this article, we'll take a look at 3D Secure 1 vs 3D Secure 2. We'll explore their benefits and how they are different. See which one is best for your business. Let's get started!

3D Secure 1 was launched in 2001 by Visa. It was the first 3D Secure protocol and is still used by some banks and businesses today. While internet purchases continue to rise, so does the incidence of fraudulent activity.

As per Statista, there were 62,868 cases of cybercrimes recorded in the United Kingdom during the first half of 2020. Of these, approximately 65%, or 41,000, were associated with fraudulent online purchases and sales.

Number of online shopping and auction frauds in the United Kingdom (UK) from the first half 2019 to the first half 2020. 3D Secure 1 vs 3D Secure 2. Image source: statista.com

What is 3D Secure?

3D Secure is an authentication protocol that helps to ensure that online credit and debit card transactions are secure. It was developed by Visa and MasterCard and is now used by many central banks and financial institutions around the world.

3D Secure adds an extra layer of security to online transactions by requiring the cardholder to enter a one-time password (OTP) or similar credential before the transaction can be completed.

This means that even if a fraudster manages to obtain your credit or debit card details, they will not be able to use them to make an online purchase unless they also have your OTP.

If you are shopping online and see a message asking you to enter your 3D Secure password, simply follow the instructions on the screen. You will usually need to enter your card number, expiry date, and the 3D Secure password that you set up with your bank or financial institution.

3D secure 1 vs 3D secure 2, whatever you choose, it is a simple and effective way to help protect yourself against online fraud.

3D Secure 1 vs 3D Secure 2: Key Differences?

When it comes to online payments, security is of the utmost importance. That's why many businesses choose to use 3D Secure, an authentication system that adds an extra layer of security to online transactions.

There are two versions of 3D Secure: 3D Secure 1 and 3D Secure 2.

Both versions 3D secure 1 vs 3D secure 2 offer similar protection against fraud, but some key differences exist between them, and every merchant should be aware of them to ensure maximum security for their customers, and that they are taking all the necessary measures for it.

1. Passwords

3D Secure 1 is designed for use with static passwords. This means that the same password is used each time a customer purchases. 3D Secure 2, on the other hand, uses dynamic passwords.

This means that a new password is generated for each transaction, making it more difficult for fraudsters to guess or reuse the password for future fraudulent transactions. Dynamic passwords make 3D Secure 2 more secure than 3D Secure 1 as they are only valid for 15 minutes and only for the specific payment.

2. Liability Shift

Under 3D Secure 1, the merchant is liable for the chargeback if a transaction is flagged as fraudulent.

With 3D Secure 2, however, the issuer is liable for any chargebacks. 3D Secure 2 uses more sophisticated fraud-prevention measures, such as two-factor authentication. This means that if a transaction is indicated as a scam, the issuer is responsible, not the merchant.

This is one of the main differences when we are speaking about 3D Secure 1 vs 3D Secure 2. In order to encourage more merchants to use 3D Secure 2, participating card issuers offer merchants a guarantee of payment for successful online transactions that were authenticated using 3D Secure 2.

With this guarantee, in the case of a dispute or a chargeback for fraud reasons, the card issuer will take the liability and no funds will be taken from the merchant account and returned to the customer.

3. 3D secure 1 vs 3D secure 2 User Experience

3D Secure 1 can sometimes be seen as a hindrance to the user experience, as it requires the customer to enter additional information in order to complete a transaction.

3D Secure 2, on the other hand, aims to streamline the process by using data from the customer's browser to automatically generate a unique code that doesn't require any extra input from the customer.

4. HTTP Redirect

3DS2 is equipped with the technologies necessary to provide the seamless integration of 3D Secure flow with smart in-app payment processing and to prevent verification on mobile phones from requiring HTTP requests.

As a result of HTTP redirection, several microfinance companies and card issuers stopped supporting 3D Secure transactions on smartphones.

How Does 3D Secure 2 Work?

3D secure 2 is the latest version of 3D secure. You've undoubtedly come across 3D secure before when making online purchases. 3D secure is a security protocol created to help reduce the risk of fraud when making online purchases.

3D secure 2 is an improved version of 3D secure, but how does it work? Let's discover the details behind the process.

As an additional safeguard against fraud, 3D Secure 2 takes into account the background of the merchant's business together with over a hundred other data points.

The customer pays with their card by entering their information at the register. In this step, the 3D Secure supplier for the retailer will submit an authentication request to the cardholder, along with enough of information to verify the cardholder's identity.

3D Secure 1: What is it and how does it work? Main differences between 3D Secure 1 vs 3D Secure 2. Image source: 3dsecure2.com

Depending on local and international regulations, this might comprise a wide variety of user and device details, such as the device's unique identifier, media access control (MAC) address, geolocation, recent transactions, etc.

The risk associated with the transaction is then evaluated by the 3D Secure service supplier for the client. A transaction is judged to be high-risk and subjected to a review. Simply said, it asks the cardholder to prove their identity via a biometric or two-factor verification.

The cardholder must take no more steps if the merchant's minimal risk assessment of the transaction. The issuer provides the verification outcome to the supplier, who then forwards the transaction to the bank account for approval with a verification status indication.

What is 3D Secure Authentication Failure?

Whenever the transaction is unable to be performed, and no payment is issued to the client, this indicates a 3D Secure authentication error. A failed 3D Secure Authentication can occur for the following reasons:

Incorrect data

The authentication attempt was unsuccessful because the consumer provided incorrect 3D Secure data. In order to complete a 3D Secure transaction, the consumer must visit a portal managed by the issuing bank and provide extra authentication information, such as a one-time password (OTP) or a 3D Secure PIN.

In the event that they submit incorrect information, the authentication will be unsuccessful, and the transaction will not be able to be performed via the merchant's account.

3D secure authentication not recognized

Unfortunately, 3D Secure authentication is not recognized by the customer's issuing bank. Besides 3D Secure, various authentication systems may be used by banks in different regions.

Technical issues

The 3D secure 1 vs 3D secure 2 verification procedure is experiencing technical difficulties. In rare situations, the 3D Secure protocol may be unavailable, making authentication and processing of the transaction impossible.

Pop-up blocker

If your pop-up blocker is preventing pop-ups from loading and showing up on your screen, this will prevent the 3D secure pop-up from opening, making it impossible to complete the transaction. Try disabling the blocker temporarily and repeating the payment.

Advantages of 3D Secure Version 2

The 3D Secure 2 authentication technique has several positive aspects for businesses and customers. Along with the 3D secure 1 vs 3D secure 2 amazing features, the following are also notable:

1. Intuitive Data Sharing Promotes Safe Financial Transactions

Issuers may carry out Risk-Based Authentication with the help of 3DS2. Over a hundred data points, including geolocation, are used to decide how much risk is associated with a particular transaction.

To put it simply, if the authentication system determines that a particular transaction poses a security risk, it will enter a challenging phase during which the user may be asked to provide further proof of identity.

Visa estimates that less than 5% of transactions need enhanced authentication measures like a one-time passcode.

2. Improved Customer Experience

3DS2 makes use of challenge-response authentication. This means that the shopper is only prompted to provide additional information if the issuer deems it necessary.

In most cases, the shopper will not even be aware that authentication is taking place in the background. As a result, the shopper experience is much smoother, and there is less chance of abandoned transactions.

3. Increased Security

3D Secure 2 uses dynamic data, such as the shopper’s device fingerprint, to create a unique transaction identifier. This makes it much harder for fraudsters to recreate a transaction and steal card details.

In addition, the issuer has more visibility of the transaction, which means they can act quickly if anything looks suspicious.

According to a research, 3D Secure 2.0 can rapidly approve 95% of transactions while reducing credit card crimes by up to 40%.

4. Increased Acceptance Rates

Some shoppers are put off by the Secure process, as it can be seen as intrusive. 3D Secure 2 alleviates these concerns by making the authentication process more seamless. This should result in increased acceptance rates, and fewer declined transactions.

5. Reduced Costs

As chargebacks are a major cost for businesses, anything that reduces fraud will positively impact the bottom line. 3D Secure 2 should help to reduce fraud rates and, as a result, chargebacks. In addition, by streamlining the authentication process, 3DS2 should also help to reduce customer support costs.

When it comes to 3D Secure 1 vs 3D Secure 2, it’s clear that the updated version offers a number of advantages, both for businesses and shoppers. Hence, it’s no surprise that 3D Secure 2 is quickly becoming the new industry standard.

If you are looking for ways to enhance the security that you offer as a merchant to your clients, one of the best places to start is your payment gateway. Accepting payments with a highly secure Payment Gateway in a safe PCI-DSS Level 1 environment and 3D Secure 2 authentication, among other best tools and practices, is a must. Get started with MYMOID today!