3-D Security

Payment Gateways facilitate the transaction online between your card provider and the eCommerce store. From the 1st January 2021, this gateway will need to be 3D secure. LumiPay partner gateways are updating their software and releasing version 2.1 to ensure you remain compliant throughout 2021.

All accounts will need to be 3-D Secure before 31 December 2020. That’s why we’re launching V2.1 to keep you safe. This is also to ensure you’re compliant with the PSD2 legislation. It will also help you to avoid card declines and card scheme fee increases.

What is 3-D Secure v2.1?

Anyone who has ever made a payment online using a credit or debit card has most likely already used 3D secure. 3D secure is a fraud prevention measure launched in 2001 by Visa (as Verified-by-Visa).

It is now backed and recognised by credit and debit card providers Mastercard (as Mastercard Secure Code) and American Express (as American Express SafeKey).

3-D Secure v2.1 is a security protocol provided by credit card schemes. It ensures compliance with PSD2 by prompting shoppers to authenticate transactions using two out of the three factors below:

1. Possession

Authentication based on a registered phone linked to the card, a card reader or other device that will generate a one time code to confirm a transaction

2. Knowledge

Entering a digit from a card pin number or password

3. Inherence

This is something you have inherent to you such as a fingerprint or facial recognition through your phone.

How does 3D Secure work?

When you go to pay for something on a specific website, the first thing you must do is enter your payment details. Following that you will get redirected to your debit or credit card provider’s 3D secure web page.

Here you are commonly asked to provide your password. Usually, you will have previously set this up with your bank and a one-time authentication code is sent to your mobile phone.

Often you may not be asked to give any details at all. After you enter your correct details the payment will be accepted by the card provider, and you will then automatically be sent back to the website. With this, you should receive an order confirmation message. It’s a quick and simple process.

What are the benefits of 3D secure?

Yes, 3-D Secure 2.1 is not only about compliance. Compared with older versions, it aims to decrease the disruption at checkout and offer a more seamless experience for the shopper.

3D secure authentication gives an added level of security for both you and your customers. It does this by helping to stop card details from being stolen and used online.

Additionally, it protects against any unauthorised transaction chargebacks. Once the transaction has passed the 3D secure authentication process, the merchant is no longer liable for the purchase. Resulting in customers saving time and money with fewer settlement disputes.

Get PCI-compliant

The Payment Card Industry Data Security Standard is a set of requirements intended to ensure that all companies that process, store, or transmit credit card information maintain a secure environment.

3D secure authentication adds another layer of security to online payments, but PCI compliance security measures must still be met.

This ensures that you are storing, processing and correctly transmitting customer data in the correct way.

Who is 3D secure for?

RSA recently commissioned research to find out more about who uses 3D secure. The results showed:

  • 76% of the merchants surveyed currently use 3D secure
  • 50% of the respondents plan to adopt 3DS 2.0.
  • 87% of current users report a good customer experience
  • 82% of them report reduced fraud
  • 71% of them report reduced cart abandonment.

Do I need to do anything?

  • Hosted Payment Page (HPP). You do not need to do anything. We will enable 3DS 2.1 for you.
  • Custom HPP. We advise you to check with your test site that the new 3-D Secure flow works for your payment flow. Please let us know once you have tested it, and we will enable it on your production account.
  • API, JavaScript, Webserver and STAPI. To support 3DS 2.1 you will need to review the current integration you have with your developer/software provider and choose one of the two paths below:
    • Update to the latest JS Library; or
    • Move to our HPP and let us handle the payment page.

If your unsure contact us and we will help ensure everything is in place and up to date ahead of the deadlines.