Improve Performance, Fight fraud and stay compliant. Our authentication solution reduces customer friction by smartly routing payments through 3DS or Google’s authentication technology to ensure the best acceptance rates.
%20(1).png)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
Comprehensive authentication optimizations including 3DS and Google’s authentication technology. All powered by rich, automated machine learning.
Reduce drop-off with features including device biometrics, like fingerprinting and facial recognition, or advanced Strong Customer Authentication exemptions.
Hosted options manage your authentication flow including data collection and compliance. Non-hosted options let you tailor the experience to your needs.
Authenticate on Checkout.com transactions only, or consolidate all your authentication traffic into one place with our acquirer-agnostic standalone solution
Use Google Biometric authentication to increase conversation at checkout while continuing to fight fraud.
.webp)
Find out how we can help your business go further.
Deploy the latest 3D Secure version 2.2 to deliver optimal customer experiences that drive high performance. Future versions – such as 3D Secure 2.3 and beyond – are seamlessly implemented, while previous protocols are supported to give you comprehensive coverage.
Our flexible solution supports PAN, Tokens, and Network Tokens, whether you’re using external solutions or the Checkout.com tokenization and network token capability.
Seamlessly build native mobile experiences across devices and operating systems (Android and iOS) with our Mobile SDK to avoid redirecting your consumers outside of your app.
Reliably authenticate 24/7, whatever your transaction volume. Our proprietary technology is built in-house so we can deliver the highest levels of availability and redundancy across the globe.
Different business models demand unique authentication solutions. We support many payment flows for authentication, including regular, recurring, installments, card add, and updates.
Our flexible 3D Secure authentication works across all your acquirers and strikes a balance between reducing friction and benefiting from liability shift. We’ve got you covered across a broad set of exemptions – from data-sharing-only flows to flagging your customer experience preference to issuers.
Go standalone to centralize all authentication in one place, or use as part of our advanced payment platform. We offer a range of options for all sales channels and business types.
Streamline your global authentication strategy with our acquirer-agnostic solution.
Start authenticating fast on all your transactions processed by Checkout.com. Just switch on one API field and you're up and running.
With the growth of digital payments fraud has become ever more sophisticated, and authentication has had to adapt to keep up. In order to improve security for both consumers and merchants, the European Payment Service Directive (PSD) has updated its regulatory standards to PSD2.
Part of this is 3D Secure 2.0, an enhanced security protocol that irons out some of the pain points of its predecessor and uses a wider range of data and biometric authentication to facilitate smoother, more secure payments.
3DS2 does this through stricter transaction security measures, including Strong Customer Authentication (SCA), Risk Based Authentication (RBA) and Transaction Risk Analysis (TRA). These improve both safety and the customer experience, helping to cut cart abandonment and increase conversions.
PSD2 SCA is not yet universally mandated, but merchants doing business in the European Economic Area are required to offer 2 factor authentication as part of the payment flow in order to meet the regulatory requirements. SCA currently only applies to transactions where both your business’s bank and your customer’s bank are in the EEA or UK.
You can find out more about authentication requirements in our SCA compliance guide.
When a customer attempts a payment, 3DS2 allows you and your payment provider to assess their risk level by sending more than 100 data points to the cardholder's bank in order to verify their identity.
If, based on the data provided, the bank trusts that the customer is the cardholder, the payment can be authenticated immediately. This is known as frictionless flow.
If, however, the bank requires more proof, they will ask for more information before identifying the payment. This is known as challenge flow.
3DS2 allows you to embed this process in your checkout flow, meaning it all takes place behind the scenes, which improves the customer experience.
Liability shift occurs when the responsibility for fraud-related chargebacks shifts from the merchant to the card issuer, insulating the former from any associated cost or risk. For example, when a customer claims that they didn’t make a purchase. This shift generally happens when a payment is successfully authenticated with 3DS.
Some transactions are exempt or out of scope from having to be authenticated by SCA. Exempt transactions include those under €30 in value or deemed to be low risk, or recurring payments and subscriptions. Out of scope transactions include:
- merchant-initiated transactions (MITs)
- Mail order telephone order (MOTO) transactions
- If the merchant or issuer is outside the EEA
- Transactions made with anonymous prepaid cards
If you use an authorization account verification to validate the card numbers and expiry dates.
In-scope transactions are one-time cardholder-initiated transactions (CITs) and adding a credential-on-file (COF) or provisioning of a token.
If you use Checkout.com’s Fraud Detection solution alongside our Authentication solution, you can choose from five routing options depending on the assessed risk level of a transaction.
These options include:
- Decline - if too high risk
- 3DS challenge - Requests a challenge via 3DS (liability shift)
- 3DS frictionless - Requests 3DS without a challenge (liability shift)
- Accept - Requests an exemption from 3DS (no liability shift)
Yes, Checkout.com’s authentication solution is available either as a standalone product or as part of the Checkout.com platform.
With our standalone product, authentication and authorization are handled separately, and you can manage your own authentication needs across multiple acquirers. You have the option of either a hosted or non-hosted presentation. If you choose the latter, you have full control of the authentication experience, including device fingerprinting, payment flow, and customization of the front-end.
Checkout.com’s standalone authentication product also enables browser-based authentication on web and mobile, as well as native mobile authentication (iOS, Android) via our mobile software development kit.
.svg){kind=icon}
