3D Secure
3DS (3D Secure) is an online payment authentication protocol that enhances anti-fraud efforts. It requires cardholders to undergo an additional layer of verification, such as a one-time password or biometric scan, during online transactions. This extra step helps verify the identity of the cardholder, reducing the risk of unauthorized payments, improving overall payment security, and allowing merchants to shift chargeback liability to the Issuing Bank.
Independent 3D Secure usage becomes crucial for various reasons, notably in the EU where it's mandated for all transactions. High-risk Merchant Category Codes (MCC) like gambling or adult entertainment may require 3DS authentication due to increased fraud potential. Additionally, an agnostic 3DS tool becomes essential for downstream decision-making when transaction settlement details are uncertain, requiring independence from PSP 3DS implementations
Basis Theory 3D Secure Integrations offers a range of options to integrate 3D Secure into any company's payment infrastructure, alleviating the need for extensive PCI Level 1 compliance. These integrations connect with our existing services, ensuring a streamlined interaction with any 3D Secure partner.
How to use 3D Secure with Basis Theory
Basis Theory Universal 3D Secure
Basis Theory’s Universal 3D Secure ensures seamless integration with our Elements and can be employed against any processor or acquirer that accepts 3rd-party 3DS authorizations. Through the use of our Universal 3D Secure, companies can swiftly route transactions to any processor with a single integration.
To begin leveraging our Universal 3DS, reach out to initiate the integration process.
Processor or Acquirer 3D Secure
Basis Theory allows the flexibility to leverage any Processor’s 3D-secure offerings. This empowers your engineers to integrate with processors like Stripe, Braintree, or Adyen’s offering. Find more integration examples in our 3D Secure repository.
Standalone 3DS
Similar to utilizing a processor’s 3DS solution, Basis Theory also enables standalone 3D Secure integrations by supporting various third-party providers like Cardinal Commerce, Ravelin, 3DSecure.io, and others. This flexibility empowers any team to choose the best-fit solution for their specific needs.
How does a company use 3D Secure?
There are two types of transaction flows that need to be accounted for when a company is looking to integrate 3D Secure into its system. The first is Customer Initiated Transaction which happens whenever a person is actively participating in a checkout process - for example, buying a product online. The second is a Merchant Initiated Transaction which happens when a customer is not active and the merchant is charging the credit card on their behalf - For example when paying for a monthly subscription.
Customer Initiated Transactions (CIT)
The first is a Customer Initiated Transaction (CIT), in this scenario, the customer is purchasing a good or service from your e-commerce solution.
Once the credit card is entered by the Consumer, the company will authenticate the card with our Universal 3DS. Basis Theory will communicate with the Access Control Server (ACS) to determine if a challenge is required or frictionless authentication is possible. When a challenge is required, Basis Theory shows a window for the customer to verify with their bank (e.g. passwordless, username/password, etc). Finally, once the 3DS verification is complete an authorization token is returned and able to be forwarded along with a charge to the processor.