Seguridad

3DS sin fricciones

Optimice su estrategia 3D Secure para minimizar la fricción del cliente manteniendo altas tasas de autorización. La solución 3DS sin fricciones de Cardflo aplica inteligentemente la autenticación solo cuando es necesario, equilibrando los requisitos de seguridad con una experiencia de cliente fluida.

Este enfoque ayuda a reducir las tasas de abandono.

Categoría
Seguridad
Capacidades
10
Disponible en
Todos los planes
Solicitar ahora

La visión general

Frictionless 3D Secure represents an authentication path within the EMV 3-D Secure protocol that allows a transaction to proceed without active cardholder interaction.

In this specific workflow, the merchant's 3DS Server transmits a comprehensive data payload to the Access Control Server (ACS) managed by the issuer. This data often include device fingerprinting, IP address details, and shipping history.

If the issuer deems the risk profile acceptable based on this evidentiary data, the transaction is granted a frictionless status, bypassing the need for a one-time password or biometric prompt.

This mechanism sits between the checkout and the authorisation request in the payments stack, functioning as a primary tool for compliance with Strong Customer Authentication (SCA) under PSD2.

By prioritising frictionless flows, merchants aim to reduce the likelihood of cart abandonment caused by customer drop-off during the challenge phase while maintaining the shift in liability for fraud-related disputes.

Cómo funciona

  1. Data Transmission and Analysis

    The merchant gateway collects and sends over 150 data elements to the issuer via the 3DS directory server.

    This enriched packet includes billing address, account age, and browser settings, allowing the issuer to perform a thorough risk assessment of the transaction attempt before deciding whether to demand further proof of identity.

  2. Risk Based Authentication Decision

    The issuer Access Control Server (ACS) evaluates the risk profile in real-time. If the data elements align with the cardholder's historical behaviour and device profile, the issuer returns a transStatus of 'Y' or 'A', signifying a successful frictionless result.

    This allows the payment process to continue without user interruption.

  3. Mandatory Challenge Fallback

    If the risk assessment triggers specific internal thresholds or if the transaction falls under a high-risk category without an applicable exemption, the issuer initiates a challenge.

    The cardholder must then complete a stepped-up authentication process, such as a biometric scan or a code received via an banking application.

  4. Authorisation and Liability Shift

    Once the frictionless authentication is successful, the merchant proceeds to request authorisation from the acquirer.

    Even without a manual challenge, the merchant typically receives a liability shift, meaning the issuer bears the cost of certain fraudulent chargebacks, provided the 3DS2 requirements for the specific jurisdiction and scheme are satisfied.

Por qué importa

Conversion Rate Preservation

Every additional step in the checkout sequence increases the probability of basket abandonment. By utilising frictionless paths for the majority of low-risk transactions, businesses can satisfy regulatory requirements like SCA without introducing unnecessary barriers.

This balance is critical for digital goods and subscription services where a high-friction experience leads to immediate customer churn and lost lifetime value.

Fraud Liability Management

Frictionless 3DS enables businesses to transfer the financial responsibility for fraudulent disputes to the issuer while maintaining a swift checkout experience. Unlike 3DS1 which often required a challenge for every transaction, the 3DS2 protocol permits this liability shift through passive data exchange.

This protects the merchant’s bottom line from unauthorised transaction claims without damaging the user journey.

Casos de uso

Subscription-Based Services

For recurring billing and Merchant Initiated Transactions (MIT), initial frictionless 3DS setup ensures subsequent payments are processed with the correct indicators, reducing dunning issues and decline rates across the billing cycle.

Low-Value Retail Transactions

E-commerce retailers processing frequent, small-ticket items can apply SCA exemptions for transactions under thirty Euros, using frictionless flows to maintain speed while satisfying the relevant European regulatory frameworks.

High-Frequency Digital Platforms

Gaming or streaming platforms benefit from frictionless flows by recognising trusted devices and returning users, minimising payment friction for enthusiasts who expect near-instant access to digital content after hitting the pay button.

En cifras

70-90%
Frictionless Rate

Typical frictionless rates observed in mature 3DS2 markets where high-quality data is shared between merchants and issuers, though this varies by industry and region.

20-30%
Cart Abandonment Reduction

Industry research suggests a significant decrease in drop-off when moving from mandatory 3DS1 challenges to optimised frictionless 3DS2 flows for low-risk transactions.

<2s
Authentication Time

The speed at which a frictionless 3DS response is typically returned by the directory server, compared to much longer durations for manual challenge interactions.

Ready to route with 3DS sin fricciones?

Talk to our team about a live rollout on your acquiring stack.

Solicitar ahora

Lo que obtienes con 3DS sin fricciones

  • Aplicación dinámica de 3DS basada en el riesgo de la transacción y los requisitos del emisor.
  • Motor de reglas configurable para ajustar los umbrales de autenticación.
  • Soporte para 3DS2 y fallback a 3DS1 cuando sea necesario.
  • Reducción del abandono del carrito debido a menos pasos de autenticación.
  • Tasas de autorización mejoradas al cumplir con los mandatos regulatorios.
  • Análisis en tiempo real sobre el rendimiento de 3DS y las tasas de desafíos.
  • Comprehensive logging of the 3DS Server Transaction ID (dsTransID) for dispute resolution and auditing.
  • Reduced latency in the authentication phase through direct connectivity with scheme directory servers.
  • Detailed reporting on challenge rates and frictionless success percentages by issuer and BIN.
  • Compliance with PSD2 and upcoming PSD3 mandates through standardised authentication data fields.
See 3DS sin fricciones on your acquiring stack.

A short scoping call, then a written plan for your MIDs.

Solicitar ahora

Preguntas sobre 3DS sin fricciones

¿Qué es 3DS sin fricciones?

3DS sin fricciones se refiere a los procesos de autenticación 3D Secure donde no se le pide al cliente que ingrese una contraseña o código.

El motor de decisiones evalúa el riesgo de la transacción en segundo plano, permitiendo que la mayoría de las transacciones avancen sin interacción del cliente, mejorando la conversión.

¿Cómo mejora 3DS sin fricciones la conversión?

Al eliminar pasos innecesarios durante el proceso de pago, 3DS sin fricciones reduce las posibilidades de que los clientes abandonen su compra.

Los clientes experimentan un flujo de transacciones más fluido, lo que lleva a tasas de finalización más altas en comparación con los desafíos tradicionales de 3D Secure.

¿3DS sin fricciones cumple con PSD2?

Sí, 3DS sin fricciones cumple con los requisitos de Strong Customer Authentication (SCA) de PSD2. Aprovecha el análisis basado en riesgos para determinar cuándo una transacción puede estar exenta de un desafío explícito al cliente, al mismo tiempo que proporciona los protocolos de seguridad necesarios.

What data elements help increase the chances of a frictionless result?

Issuers look for consistency and low-risk signals. Key elements include the cardholder's email address, billing and shipping address match, historical transaction frequency, and device information.

Including the 'prior authentication' data for returning customers can also increase the likelihood of a frictionless outcome.

The more valid data the merchant provides to the issuer's ACS, the higher the accuracy of the risk assessment, which generally leads to a higher proportion of frictionless responses from the issuer.

Can a merchant force a frictionless flow for all transactions?

A merchant can request a frictionless flow or suggest an exemption, but the final decision rests with the issuer's Access Control Server.

If an issuer determines that a transaction is too risky or if a regulator mandates a challenge for a specific transaction type, they will ignore the merchant's preference and initiate a challenge.

Merchants should use an intelligent strategy to request exemptions only when appropriate to avoid high decline rates or 'soft-declines' that require a 3DS retry.

Why do some frictionless 3DS attempts still result in a payment decline?

3DS is an authentication step, not an authorisation step. A successful frictionless 3DS result only confirms the identity of the cardholder or the validity of the data.

The subsequent authorisation request might still be declined by the issuer for reasons such as insufficient funds, expired card status, or suspected fraud unrelated to the 3DS process itself.

Successful authentication is a prerequisite for a liability shift, but it never guarantees that the financial transaction will be authorised and settled.

Empezar

¿Listo para la velocidad?

Cuéntanos sobre tu negocio. Te pondremos en contacto con los socios adquirentes y la ruta adecuada, normalmente en una semana.

Solicitar ahora
Solicitar ahora