Risk assessment and 3D Secure authentication

The 3D Secure service allows to reduce the risk of chargebacks, thanks to the liability shift from the Merchant to the cardholder’s bank (see § 4.2 for more details).

The advanced risk assessment module allows to perform two specific actions when configuring the rules: “Enable 3D Secure” “Disable 3D Secure”.

These actions allow the Merchant, depending on the protocols available for his/her MID:

  • In 3DS1: to enable or disable 3D Secure authentication,
  • In 3DS2: to express their desire to challenge the buyer with a strong authentication during the payment.

The Selective 3DS feature allows the Merchant, directly via his/her payment requests:
  • In 3DS1: to enable or disable 3D Secure authentication,
  • In 3DS2: to express their desire to challenge the buyer with a strong authentication during the payment.

For this, he/she uses the strongAuthentification field of the REST API or the vads_threeds_mpi field of the Hosted Payment Page.

This function can be used in addition to the risk module .

In this case, the parameter transmitted in the payment request has priority over the decisions of the risk assessment module.

Reminder:

In compliance with banking network rules, a transaction carried out without cardholder authentication does not benefit from liability shift.

Other rules may apply in priority to those defined by the Merchant (in his/her payment requests or via the risk assessment module):

  • Some payment cards require cardholder authentication. This is the case of Maestro cards.
  • In 3DS2, exceptional cases will be progressively introduced by the payment gateway.

    For example, for payments in euro lower than €30 and within the limit of 5 consecutive payments of less than €30, the Merchant preference transmitted to the issuer will be “No Challenge Requested”. If the issuer accepts it, the authentication will be frictionless.

  • American Express reserves the right to perform strong authentication according to its own rules, even if the Merchant has requested to disable 3D Secure for the transaction.