3D Secure is an additional security layer for online credit and debit card transactions that adds an authentication step for customers making online purchases.

Benefits

3D Secure is safer than processing cards normally, for you and your customers. By enabling 3D Secure alongside Braintree's fraud tools, you can reduce your risk of fraud and chargebacks.

Enabling 3D Secure also allows you to accept credit cards that you could otherwise not accept due to restrictions (e.g. Maestro).

note

Enabling 3D Secure does not prevent your business from being identified in any Visa fraud or chargeback monitoring programs. Learn more about Visa fraud and chargeback programs in our blog.

Compatibility

3D Secure is only compatible with credit card, debit card, and Visa Checkout transactions.

We currently support 3D Secure for most merchants in the US, Canada, Europe, Australia, and Asia Pacific regions. 3D Secure is not automatically enabled in production accounts for merchants outside of the EU. You can confirm if your account has been set up for 3D Secure in the Control Panel; learn more.

3D Secure is only compatible with certain configurations. If you’re unsure whether or not your configuration is compatible, contact us.

Card brands

Most card brands have their own 3D Secure services. We support the following:

Processing

With Braintree, a 3D Secure Lookup is performed during the checkout process. If the cardholder is enrolled in 3D Secure, the issuing bank will decide whether the cardholder's identity can be verified using data supplied regarding the cardholder and their device, or if an additional authentication process is necessary. If additional authentication is necessary, the Braintree SDK will display a dialog box or iframe provided by the issuing bank that will prompt the cardholder to verify their identity. Identity verification mechanisms will vary per cardholder and issuing bank, but can include SMS one-time passcode, the issuing bank's mobile app, biometric recognition methods such as fingerprint or voiceprint, or other means.

3D Secure details and statuses for each transaction can be viewed in the Transaction Detail page in the Control Panel. The 3D Secure status code indicates whether or not the authenticated transaction resulted in a liability shift.

Fees

Depending on your pricing model, there may be an additional per transaction fee to process 3D Secure transactions. If you’re unsure which pricing model you’re on, contact us for fee information.

Chargebacks

In certain cases, 3D Secure can shift liability for chargebacks due to fraud from you to the customer’s bank. Liability shifts for fraudulent chargebacks will be based on the transaction's status code. The following 3D Secure status codes will result in a liability shift:

  • authenticate_successful
  • authenticate_attempt_successful
  • authenticate_successful_issuer_not_participating

You can learn more about these statuses in our developer docs.

important

Not all transactions processed with 3D Secure automatically shift liability – and a shift in liability does not always trigger automatic representation for the chargeback. You will still need to monitor your chargebacks and complete any action required for each one.

Maestro cards

In most instances, Maestro cards rely on using 3D Secure technology. While enabling 3D Secure does allow for more flexibility to accept Maestro cards, you can't use recurring billing with Maestro cards when 3D Secure is enabled.

Regardless of whether you have 3D Secure enabled on your account, you should never process a Maestro transaction by entering the card number directly in the Control Panel. Maestro transactions created in the Control Panel might initially appear to successfully settle, but they will eventually be rejected.

Setup

To start supporting 3D Secure, you’ll need to update your code via the API and then contact us to have it enabled.

Confirm setup

You can confirm that your account has been set up for 3D Secure in the Control Panel. To do this:

  1. Log into the Control Panel
  2. Click on the gear icon in the top right corner
  3. Click Business from the drop-down menu
  4. Scroll down to the Merchant Accounts section
  5. Click on the Merchant Account ID link for the account you'd like to verify
  6. If 3D Secure is successfully enabled, the following will be true:
    • The 3D Secure 1.0 field will show as Enabled
    • The 3D Secure 1.0 Card Types field will show the supported card type logos

Special note on Amex

American Express Safekey is not enabled automatically with 3D Secure, and is only available to merchants who process American Express via Amex Direct. Contact us to confirm your Amex setup and enable Safekey.

important

If you're based in the US and are using Amex SafeKey, there are additional setup and integration steps you will need to follow. First, you'll need to contact us to begin the setup process. Then, you'll need to update your integration.

3D Secure 2

We have upgraded our 3D Secure integration in preparation for 3DS 2 and PSD2 Strong Consumer Authentication (SCA) compliance requirements.

Moving to 3DS 2 can help merchants transacting in the EU to increase conversions, meet SCA requirements, enhance fraud protection globally, and reduce friction during checkout for both web and mobile purchases. For more information, see the migration guide.