Säkerhet

Friktionsfri 3DS

Optimera din 3D Secure-strategi för att minimera kundfriktionen samtidigt som du bibehåller höga auktoriseringsgrader. Cardflos friktionsfria 3DS-lösning tillämpar intelligent autentisering endast när det behövs, vilket balanserar säkerhetskrav med en sömlös kundupplevelse.

Detta tillvägagångssätt hjälper till att minska avbrutna köp.

Kategori
Säkerhet
Funktioner
10
Tillgänglig på
Alla planer
Ansök nu

Översikten

Frictionless 3D Secure represents an authentication path within the EMV 3-D Secure protocol that allows a transaction to proceed without active cardholder interaction.

In this specific workflow, the merchant's 3DS Server transmits a comprehensive data payload to the Access Control Server (ACS) managed by the issuer. This data often include device fingerprinting, IP address details, and shipping history.

If the issuer deems the risk profile acceptable based on this evidentiary data, the transaction is granted a frictionless status, bypassing the need for a one-time password or biometric prompt.

This mechanism sits between the checkout and the authorisation request in the payments stack, functioning as a primary tool for compliance with Strong Customer Authentication (SCA) under PSD2.

By prioritising frictionless flows, merchants aim to reduce the likelihood of cart abandonment caused by customer drop-off during the challenge phase while maintaining the shift in liability for fraud-related disputes.

fungerar det

  1. Data Transmission and Analysis

    The merchant gateway collects and sends over 150 data elements to the issuer via the 3DS directory server.

    This enriched packet includes billing address, account age, and browser settings, allowing the issuer to perform a thorough risk assessment of the transaction attempt before deciding whether to demand further proof of identity.

  2. Risk Based Authentication Decision

    The issuer Access Control Server (ACS) evaluates the risk profile in real-time. If the data elements align with the cardholder's historical behaviour and device profile, the issuer returns a transStatus of 'Y' or 'A', signifying a successful frictionless result.

    This allows the payment process to continue without user interruption.

  3. Mandatory Challenge Fallback

    If the risk assessment triggers specific internal thresholds or if the transaction falls under a high-risk category without an applicable exemption, the issuer initiates a challenge.

    The cardholder must then complete a stepped-up authentication process, such as a biometric scan or a code received via an banking application.

  4. Authorisation and Liability Shift

    Once the frictionless authentication is successful, the merchant proceeds to request authorisation from the acquirer.

    Even without a manual challenge, the merchant typically receives a liability shift, meaning the issuer bears the cost of certain fraudulent chargebacks, provided the 3DS2 requirements for the specific jurisdiction and scheme are satisfied.

Varför det spelar roll

Conversion Rate Preservation

Every additional step in the checkout sequence increases the probability of basket abandonment. By utilising frictionless paths for the majority of low-risk transactions, businesses can satisfy regulatory requirements like SCA without introducing unnecessary barriers.

This balance is critical for digital goods and subscription services where a high-friction experience leads to immediate customer churn and lost lifetime value.

Fraud Liability Management

Frictionless 3DS enables businesses to transfer the financial responsibility for fraudulent disputes to the issuer while maintaining a swift checkout experience. Unlike 3DS1 which often required a challenge for every transaction, the 3DS2 protocol permits this liability shift through passive data exchange.

This protects the merchant’s bottom line from unauthorised transaction claims without damaging the user journey.

Användningsfall

Subscription-Based Services

For recurring billing and Merchant Initiated Transactions (MIT), initial frictionless 3DS setup ensures subsequent payments are processed with the correct indicators, reducing dunning issues and decline rates across the billing cycle.

Low-Value Retail Transactions

E-commerce retailers processing frequent, small-ticket items can apply SCA exemptions for transactions under thirty Euros, using frictionless flows to maintain speed while satisfying the relevant European regulatory frameworks.

High-Frequency Digital Platforms

Gaming or streaming platforms benefit from frictionless flows by recognising trusted devices and returning users, minimising payment friction for enthusiasts who expect near-instant access to digital content after hitting the pay button.

I siffror

70-90%
Frictionless Rate

Typical frictionless rates observed in mature 3DS2 markets where high-quality data is shared between merchants and issuers, though this varies by industry and region.

20-30%
Cart Abandonment Reduction

Industry research suggests a significant decrease in drop-off when moving from mandatory 3DS1 challenges to optimised frictionless 3DS2 flows for low-risk transactions.

<2s
Authentication Time

The speed at which a frictionless 3DS response is typically returned by the directory server, compared to much longer durations for manual challenge interactions.

Ready to route with Friktionsfri 3DS?

Talk to our team about a live rollout on your acquiring stack.

Ansök nu

What you get with Friktionsfri 3DS

  • Dynamisk 3DS-applikation baserad på transaktionsrisk och utgivarens krav
  • Konfigurerbar regelmotor för finjustering av autentiseringströsklar
  • Stöd för 3DS2 och återfall till 3DS1 vid behov
  • Minskade avbrutna köp på grund av färre autentiseringssteg
  • Förbättrade auktoriseringsgrader genom att uppfylla regulatoriska krav
  • Realtidsanalys av 3DS-prestanda och utmaningsgrader
  • Comprehensive logging of the 3DS Server Transaction ID (dsTransID) for dispute resolution and auditing.
  • Reduced latency in the authentication phase through direct connectivity with scheme directory servers.
  • Detailed reporting on challenge rates and frictionless success percentages by issuer and BIN.
  • Compliance with PSD2 and upcoming PSD3 mandates through standardised authentication data fields.
See Friktionsfri 3DS on your acquiring stack.

A short scoping call, then a written plan for your MIDs.

Ansök nu

Questions about Friktionsfri 3DS

Vad är friktionsfri 3DS?

Friktionsfri 3DS hänvisar till 3D Secure-autentiseringsprocesser där kunden inte utmanas att ange ett lösenord eller en kod. Beslutsmaskinen bedömer transaktionsrisken i bakgrunden, vilket gör att de flesta transaktioner kan fortsätta utan kundinteraktion, vilket förbättrar konverteringen.

Hur förbättrar friktionsfri 3DS konverteringen?

Genom att ta bort onödiga steg i utcheckningsprocessen minskar friktionsfri 3DS risken för att kunder överger sitt köp. Kunder upplever ett smidigare transaktionsflöde, vilket leder till högre slutförandegrader jämfört med traditionella 3D Secure-utmaningar.

Är friktionsfri 3DS kompatibel med PSD2?

Ja, friktionsfri 3DS är kompatibel med PSD2 Strong Customer Authentication (SCA) krav. Den utnyttjar riskbaserad analys för att avgöra när en transaktion kan undantas från explicit kundutmaning, samtidigt som den tillhandahåller nödvändiga säkerhetsprotokoll.

What data elements help increase the chances of a frictionless result?

Issuers look for consistency and low-risk signals. Key elements include the cardholder's email address, billing and shipping address match, historical transaction frequency, and device information.

Including the 'prior authentication' data for returning customers can also increase the likelihood of a frictionless outcome.

The more valid data the merchant provides to the issuer's ACS, the higher the accuracy of the risk assessment, which generally leads to a higher proportion of frictionless responses from the issuer.

Can a merchant force a frictionless flow for all transactions?

A merchant can request a frictionless flow or suggest an exemption, but the final decision rests with the issuer's Access Control Server.

If an issuer determines that a transaction is too risky or if a regulator mandates a challenge for a specific transaction type, they will ignore the merchant's preference and initiate a challenge.

Merchants should use an intelligent strategy to request exemptions only when appropriate to avoid high decline rates or 'soft-declines' that require a 3DS retry.

Why do some frictionless 3DS attempts still result in a payment decline?

3DS is an authentication step, not an authorisation step. A successful frictionless 3DS result only confirms the identity of the cardholder or the validity of the data.

The subsequent authorisation request might still be declined by the issuer for reasons such as insufficient funds, expired card status, or suspected fraud unrelated to the 3DS process itself.

Successful authentication is a prerequisite for a liability shift, but it never guarantees that the financial transaction will be authorised and settled.

Kom igång

Redo för fart?

Berätta om ditt företag. Vi matchar dig med rätt inlösenpartners och rätt rutt, vanligtvis inom en vecka.

Ansök nu
Ansök nu