The transformational change, from 3-D Secure 1.0 to EMV® 3-D Secure (formerly known as 3-D Secure 2.0), has raised a lot of questions. Over the course of the past three years, we’ve tried to address your questions and concerns as we’ve inched closer to implementation.
Today we’ll answer a few questions from merchants we work with every day. We’ll do our best to answer these and hope that this will be a helpful resource for you if you’ve been unable to find answers yourself.
Q: What is the difference between 3DS 1.0 and EMV 3DS?
A: Even though we have talked about this before, it’s never a bad time to rehash some of these concepts, and really hammer the point home. 3DS 1.0 originally connected merchants, payment networks and financial institutions, allowing them to share data and enabling authentication. EMV 3DS is similar in many ways but has been updated to take advantage of today’s technology, especially when it comes to mobile payments, expanded data sharing and reduced friction during the consumer experience. Because of this data-sharing aspect, EMV 3DS can help minimize authentication challenges during the checkout process.
Q: What are the additional data points in EMV 3DS?
A: The three main data categories are cardholder data, device data and merchant/transaction data. Some of the new data points include purchase amount, date and time, cardholder account identifier, IP address and some new cardholder account information, including account age and shipping name indicator. Keep in mind, these are just a few of the new fields that issuers will have access to under the new EMV 3DS protocol. There can be up to 135 data elements shared with the issuer using EMV 3DS.
Q: When do I have to be certified for EMV 3DS?
A: EMV 3DS is already being supported by the major card networks, including Visa, Mastercard and Amex. In some instances, the deadline for certification is Fall 2019, which falls in line with the PSD2 SCA deadline (September 14th). Visa, however, already activated EMV 3DS in the European region back in April and has done the same in other regions this month, as we discussed in our blog at the beginning of the month. Mastercard and Amex have also activated EMV 3DS, but on a global scale.
Q: How do I get certified for EMV 3DS?
A: We recommend that you work with your acquirer, as they will provide you additional credentials. For instance, you will receive your acquirer merchant ID (the link between the merchant and the acquirer), which is something that we will need to set you up for EMV 3DS. This will make the implementation process easier for both of us, as we will be able to get you on board quicker. Once you have obtained this value, and passed it along to us, you will need to provide this same value to the respective card networks so that everything is synced up with your 3DS Server and the card networks.
There you have it. We hope that you found this blog helpful. And, as we mentioned, you can use this as a reference and share it with your colleagues. If you enjoyed this, please let us know. And if you have any other questions, feel free to comment below or contact us directly. We’d love to answer more of your questions in the future!
EMV® is a registered trademark in the U.S. and other countries and an unregistered trademark elsewhere. The EMV trademark is owned by EMVCo, LLC.