Authentication

3-D Secure

Also: 3DS, 3DS2, EMV 3DS

A card-network authentication protocol that shifts fraud liability from the merchant to the issuer when a cardholder is verified.

3-D Secure (3DS) is the EMV protocol behind Visa Secure, Mastercard Identity Check, and Amex SafeKey. The current version, 3DS2, runs frictionless risk-based authentication for low-risk transactions and steps up to a challenge (passkey, biometric, OTP) only when needed. Successful authentication shifts chargeback liability for fraud reason codes from the merchant to the issuer.

Frequently asked

Is 3DS required for all card payments?

Only in regions with SCA mandates (EEA/UK under PSD2). Elsewhere 3DS is optional but recommended for high-risk or high-value transactions because of the liability shift.

Related terms

Strong Customer Authentication

PSD2 requirement that customer-initiated electronic payments in the EEA and UK be authenticated with two of: knowledge, possession, inherence.

PSD2

The EU's Payment Services Directive 2, which mandates SCA, opens banking APIs, and reshapes payment liability.

Get started

Ready for velocity?

Tell us about your business. We'll match you with the right acquiring partners and the right route, typically inside a week.

Apply now Explore the platform