Authentication
Improve performance, fight fraud, and stay compliant. Reduce friction by intelligently routing payments through 3DS or Google authentication to deliver optimal acceptance rates.
.avif)
.svg){kind=icon}
Comprehensive authentication optimizations including 3DS and Google’s authentication technology. All powered by rich, automated machine learning.
.svg){kind=icon}
Reduce drop-off with features including device biometrics, like fingerprinting and facial recognition, or advanced Strong Customer Authentication exemptions.
.svg){kind=icon}
Hosted options manage your authentication flow, including data collection and compliance. Non-hosted options let you tailor the experience to your needs.
.svg){kind=icon}
Authenticate on Checkout.com transactions only, or consolidate all your authentication traffic into one place with our acquirer-agnostic standalone solution.
Use Google’s biometric authentication to increase conversation at checkout while keeping your business secure.
Deploy the latest 3D Secure version 2.2 for better customer experiences and high performance. Future versions – like 3D Secure 2.3 and beyond – will be implemented automatically, while previous protocols are supported for complete coverage.
Our flexible 3D Secure authentication works across all acquirers, reducing friction while shifting liability. Stay covered across a broad set of exemptions – from data-sharing-only flows to flagging your customer experience preference to issuers.
Whether you’re accepting payments on web or within a mobile app, Flow offers flexible components to suit your needs.
Streamline your global authentication strategy with our acquirer-agnostic solution.
Start authenticating fast on all your transactions processed by Checkout.com. Switch on one API field and you're up and away.
With the growth of digital payments fraud has become ever more sophisticated, and authentication has had to adapt to keep up. To improve security for both consumers and merchants, the European Payment Service Directive (PSD) has updated its regulatory standards to PSD2.
Part of this is 3D Secure 2.0, an enhanced security protocol that irons out some of the pain points of its predecessor and uses a wider range of data and biometric authentication to facilitate smoother, more secure payments.
3DS2 does this through stricter transaction security measures, including Strong Customer Authentication (SCA), Risk Based Authentication (RBA) and Transaction Risk Analysis (TRA). These improve both safety and the customer experience, helping to cut cart abandonment and increase conversions.
PSD2 SCA is not yet universally mandated, but merchants doing business in the European Economic Area are required to offer two-factor authentication as part of the payment flow in order to meet the regulatory requirements. SCA currently only applies to transactions where both your business’s bank and your customer’s bank are in the EEA or UK.
You can find out more about authentication requirements in our SCA compliance guide.
When a customer attempts a payment, 3D Secure 2 (3DS2) helps you and your payment provider assess risk by sending more than 100 data points to the cardholder’s bank to verify their identity.
If the bank trusts that the customer is the cardholder, based on the data provided, the payment can be authenticated immediately. This is known as a frictionless flow.
If the bank needs more proof, it will ask the customer for more information before authenticating the payment. This is known as a challenge flow.
3DS2 lets you embed authentication into your checkout flow, so more of the process can happen behind the scenes. That helps reduce friction and improve the customer experience.
Liability shift happens when responsibility for fraud-related chargebacks moves from the merchant to the card issuer. This protects the merchant from associated costs or risk – for example, when a customer claims they didn’t make a purchase. Liability shift generally happens when a payment is successfully authenticated with 3D Secure.
Some transactions are exempt from Strong Customer Authentication (SCA) or out of scope. Exempt transactions can include payments under €30, low-risk transactions, recurring payments, and subscriptions.
Out-of-scope transactions include:
In-scope transactions include one-time cardholder-initiated transactions (CITs), adding a credential on file (COF), and provisioning a token.
If you use Checkout.com’s Fraud Detection solution with our Authentication solution, you can choose from five routing options based on the assessed risk level of a transaction.
These options include:
Yes. Checkout.com’s Authentication solution is available as a standalone product or as part of the Checkout.com platform.
With our standalone product, authentication and authorization are handled separately. You can manage authentication across multiple acquirers and choose between a hosted or non-hosted presentation.
With a non-hosted presentation, you have full control of the authentication experience, including device fingerprinting, payment flow, and front-end customization.
Our standalone Authentication product also supports browser-based authentication on web and mobile, as well as native mobile authentication on iOS and Android through our Mobile SDK.
