3D Secure is an additional security layer for online credit and debit card transactions that adds an authentication step for customers making online purchases.
Enabling 3D Secure also allows you to accept credit cards that you could otherwise not accept due to restrictions (e.g. Maestro).
3D Secure is only compatible with credit card, debit card, and Visa Checkout transactions.
We currently support 3D Secure for most merchants in the US, Canada, Europe, Australia, and Asia Pacific regions. 3D Secure is not automatically enabled in production accounts for merchants outside of the EU. You can confirm if your account has been set up for 3D Secure in the Control Panel; learn more.
3D Secure is only compatible with certain configurations and does not currently support recurring billing. If you’re unsure whether or not your configuration is compatible, contact us.
Most card brands have their own 3D Secure services. We support the following:
- Visa’s Verified by Visa
- American Express SafeKey
- Mastercard Identity Check
With Braintree, a 3D Secure lookup is performed during the checkout process. If the customer is enrolled in 3D Secure, the Braintree SDK may display an embedded window provided by the card issuer for the customer to authenticate their purchase. The cardholder will be prompted by this window to verify their identity – which is typically done by entering a password – if either of the following is true:
- The card-issuing bank always requires the customer to enter a password when making an online purchase
- The card-issuing bank identifies the transaction as risky
3D Secure details and statuses for each transaction can be viewed in the Transaction Detail page in the Control Panel. The 3D Secure status code indicates whether or not the authenticated transaction resulted in a liability shift.
Depending on your pricing model, there may be an additional per transaction fee to process 3D Secure transactions. If you’re unsure which pricing model you’re on, contact us for fee information.
In certain cases, 3D Secure can shift liability for chargebacks due to fraud from you to the customer’s bank. Liability shifts for fraudulent chargebacks will be based on the transaction's status code. The following 3D Secure status codes will result in a liability shift:
You can learn more about these statuses in our developer docs.
In most instances, Maestro cards rely on using 3D Secure technology. While enabling 3D Secure does allow for more flexibility to accept Maestro cards, you can't use recurring billing with Maestro cards when 3D Secure is enabled.
Regardless of whether you have 3D Secure enabled on your account, you should never process a Maestro transaction by entering the card number directly in the Control Panel. Maestro transactions created in the Control Panel might initially appear to successfully settle, but they will eventually be rejected.
You can confirm that your account has been set up for 3D Secure in the Control Panel. To do this:
- Log into the Control Panel
- Click on the gear icon in the top right corner
- Click Business from the drop-down menu
- Scroll down to the Merchant Accounts section
- Click on the Merchant Account ID link for the account you'd like to verify
- If 3D Secure is successfully enabled, the following will be true:
- The 3D Secure 1.0 field will show as Enabled
- The 3D Secure 1.0 Card Types field will show the supported card type logos
American Express Safekey is not enabled automatically with 3D Secure, and is only available to merchants who process American Express via Amex Direct. Contact us to confirm your Amex setup and enable Safekey.
We are currently working on upgrading our 3D Secure integration in preparation for 3DS 2.0 and PSD2 Strong Consumer Authentication (SCA) compliance requirements.
Moving to 3DS 2.0 can help merchants transacting in the EU to increase conversions, meet SCA requirements, enhance fraud protection globally, and reduce friction during checkout for both web and mobile purchases. For a preview of the adoption guide, see our developer docs.