3D Secure is an additional security layer for online credit and debit card transactions that adds an authentication step for customers making online purchases.
3D Secure is safer than processing cards normally, for you and your customers. By enabling 3D Secure, you can reduce your risk of fraud and chargebacks.
Enabling 3D Secure also allows you to accept credit cards that you could otherwise not accept due to restrictions (e.g. Maestro).
Braintree currently supports 3D Secure for most merchants in the US, Canada, Europe, Australia, and Asia Pacific regions. 3D Secure is not automatically enabled in production accounts and is only compatible with certain Braintree configurations. If you’re unsure whether or not your configuration is compatible, contact our Accounts team.
Most card brands have their own 3D Secure payment methods. Braintree supports Visa’s Verified by Visa, American Express Safekey, and Mastercard’s Mastercard SecureCode and Maestro.
With Braintree, a lookup is performed during the checkout process to determine whether the card is eligible to use 3D Secure. If it is, the Braintree SDK will display an embedded window that is provided by the card issuer for the customer to authenticate their purchase. The cardholder will then be prompted to verify their identity, which is typically done by entering a password.
3D Secure details for each transaction can be viewed in the Transaction Details page in the Control Panel. Recurring billing is not supported with 3D Secure cards.
Depending on your pricing model, there may be an additional per-transaction fee to process 3D Secure transactions. If you’re unsure which pricing model you’re on, contact our Accounts team for fee information.
In certain cases, 3D Secure can shift liability for chargebacks due to fraud from you to the customer’s bank. Liability shifts for fraudulent chargebacks will be based on the ECI flag included in the transaction's authorization file.
It’s important to understand that not all transactions processed with 3D Secure automatically shift liability – and a shift in liability does not always trigger automatic representation for the chargeback. You will still need to monitor your chargebacks and complete any action required for each one.
Here is a chart to help clarify when liability shifts to you, v.s. the customer’s bank. A checkmark indicates that the party either supports or is participating in 3D Secure for a given transaction.
|Cardholder||Card Brand||Card Issuer||Merchant||Liability|
For example: as indicated in second row of the table above, if you attempt to verify a Visa credit card via 3D Secure and the customer's bank (or card issuer) is not enrolled in 3DS, the liability still shifts to the bank, not you. This is a huge benefit for protecting you against chargebacks.
In most instances, Maestro cards rely on using 3D Secure technology. While enabling 3D Secure does allow for more flexibility to accept Maestro cards, you cannot use recurring billing with Maestro cards when 3D Secure is enabled.
Regardless of whether you have 3D Secure enabled on your account, you should never process a Maestro transaction by entering the card number directly in the Control Panel. Maestro transactions created in the Control Panel might initially appear to successfully settle, but they will eventually be rejected.