3D Secure Payment Authentication
Fight fraud and stay compliant. Our flexible 3D Secure authentication works across all your acquirers and as part of the Checkout.com platform.
Intelligently increases revenue
Comprehensive authentication optimizations including smart retry logic, protocol versions and data enrichment. All powered by rich, automated machine learning.
Smarter customer experiences
Reduce drop-off with advanced Strong Customer Authentication exemptions. Flag customer experience preferences without impacting liability.
Plug & play or fully custom
Hosted options manage your authentication flow including data collection and compliance. Non-hosted options let you tailor the experience to your needs.
A one-stop authentication shop
Authenticate on Checkout.com transactions only, or consolidate all your authentication traffic into one place with our acquirer-agnostic standalone solution.
Trusted by leading brands
Proven PSD2 performance
A multifaceted approach to authentication
No two transactions are the same. Utilize rule setting and our rich machine learning to tackle transaction complexity head-on with smart optimizations that give you the best chance of acceptance.
Optimize for all versions of 3D Secure
Enhance exemption paths across authentication and authorization
Get frictionless authentication flows while still benefiting from liability shifts
Identify and act upon changing regulator and scheme preferences
Utilize millions of data points to boost acceptance rate
Keep your customers in the flow
Keep customers happy, by striking the balance between reducing friction and benefiting from liability shift. We’ve got you covered across a broad set of exemptions – from data-sharing-only flows to flagging your customer experience preference to issuers.
Rich SCA exemption support removes the need to authenticate
Data-sharing-only flow support guarantees a frictionless experience
Flag your customer experience preference to issuers without impacting liability shifts
Make use of optional data fields to increase frictionless experience outcomes
Options for every business
Find the right integration
Go standalone to centralize all authentication in one place, or use as part of our advanced payment platform. We offer a range of options for all sales channels and business types.
Streamline your global authentication strategy with our acquirer-agnostic solution.
One centralized view
Consolidated global reporting
Customizable non-hosted options
Out-of-the-box hosted options
API, Android, and iOS SDKs available
As part of the Checkout platform
Start authenticating fast on all your transactions processed by Checkout.com. Just switch on one API field and you're up and running.
Granular data across the payment lifecycle
Out-of-the box hosted options
API, Hosted Payments Page (HPP), Payment Link-ready
Feature-rich 3D Secure offering
Deploy the latest 3D Secure version 2.2 to deliver optimal customer experiences that drive high performance. Future versions – such as 3D Secure 2.3 and beyond – are seamlessly implemented, while previous protocols are supported to give you comprehensive coverage.
Unify user experience across apps
Seamlessly build native mobile experiences across devices and operating systems (Android and iOS) with our Mobile SDK to avoid redirecting your consumers outside of your app.
Authenticate using your preferred credentials
Our flexible solution supports PAN, Tokens, and Network Tokens, whether you’re using external solutions or the Checkout.com tokenization and network token capability.
Authentication for your business model
Different business models demand unique authentication solutions. We support many payment flows for authentication, including regular, recurring, installments, card add, and updates.
Always-on, global authentication
Reliably authenticate 24/7, whatever your transaction volume. Our proprietary technology is built in-house so we can deliver the highest levels of availability and redundancy across the globe.
Supporting marketplaces and payfacs
Authenticate at a business and sub-entity level at scale. Ensure consumer clarity at the invoice level with dynamic billing descriptors.
Build with confidence
Test and validate with ease, making use of extensive testing scenarios with our simulator capability to ensure a smooth launch.
Navigating evolving SCA requirements
Europe’s Strong Customer Authentication (SCA) requirements are now in force with enhancements like 3D Secure 1 decommissioning underway. Here’s what you need to know:
What is SCA?
A quick snapshot of SCA
SCA is a European standard designed to fight online fraud. For certain transactions using European cards and acquiring, two of the following may need to be present:
- Something the customer knows (eg., one-time-password)
- Something the customer has (eg., phone or email)
- Something the customer is (eg., fingerprint or face recognition)
Exemptions & more
When can SCA be skipped?
Not all transactions need authentication. Some are exempt or do not meet the SCA regulation criteria. As SCA matures, it’s important your payment provider is up to date with changes and issuers’ preferences.
Checkout.com offers all exemptions that enable you to skip SCA, such as real-time transaction risk analysis (TRA), low value, trusted beneficiaries, secure corporate payment and more.
Payment below EUR 30
If the count of transactions is fewer than four and they are under 100 EUR combined, authentication is not required. On the fifth transaction, or if one or all of the four transactions is over 100 EUR, authentication is required.
Ideal for subscription businesses, if the recurring amount is the same every time then only the first transaction needs to be authenticated. Be sure to advise issuers that this is recurring in the transaction message.
Merchant-initiated transactions (MIT)
Ideal for regular transactions of different amounts. Provided there is agreement from the card holder for future changes of different amounts, authentication is only required on the first transaction.
Leverage the trust of your customers by asking them to “allow” you to skip authentication for their transactions. Share your trustlists with issuers to complete the process.
Mail or telephone orders (MOTO) and corporate cards
Non-digital transactions and lodged payments (e.g., a card used by agents for expenses like travel) are considered out-of-scope for SCA regulation.
If either the card used to purchase or the acquiring route is not in an SCA-mandated region, then the transaction is considered out-of-scope for SCA regulation.
Frequently Asked Questions
What does the authentication landscape look like?
How does 3D Secure work?
What is a liability shift?
Does Checkout.com offer a standalone authentication?