web stats

Fill the form & Get Installation Support

Before you leave,




(We Operate Globally)


Are You Ready For 3D Secure 2.0?

Recently there has been a significant impact on most payment processing (credit cards or bank transfer). The European Union revised a regulation known as Payment Service Directive (PSD) with an updated version PSD2.

Yet, many merchants do not understand what PSD2 is all about so we thought to give complete information on how it affects Magento 2 merchants and payment gateways.

Meaning of 3D Secure:

3D Secure is a three-domain model which helps in reducing fraud. It provides additional security for online credit and debit cards transactions by adding one more layer for customer purchase.

  • Acquirer Domain — Merchant or acquirer in which credit/debit cards details are entered
  • Issuer Domain — Bank that issued credit/debit card
  • Interoperability domain — Infrastructure that supports the 3D Secure protocol, payment transaction. In most cases, the payment gateway represents interoperability domain.

Various financial services give their implementation of 3D Secure” Verified by Visa” from Visa, “Mastercard SecureCode” from Mastercard, “American Express SafeKey” from American Express, and “J/Secure” from JCB.

How Does It Work?

It uses XML messages which are sent over an SSL connection with cardholder authentication information. When you implement 3D secure in your online store, it shows a popup with a link redirecting to a bank’s page or an iframe which is offered by the issuer bank. The customers have to enter the password, SMS code or one-time token in the popup.

The benefit of using 3D Secure 2.0 are:

  • Frictionless Checkout Flow
  • Non-Payment authentication
  • Native Mobile Integration (support of in-app, mobile, digital wallet)
  • Better performance for end-to-end message processing
  • Prevention of unauthenticated payments, even if a cardholder’s card number is stolen or cloned

Contextual data

The key feature of 3DS 2.0 is analyzing the merchant’s contextual data and prompting customers to verify their identity for high-risk transactions which only constitute less than 5 per cent of all payment transactions it may consist of first and last names, emails, billing addresses and other related data and it can be shared across payment providers to enhance the analysis mechanism and transaction risks. Face and voice recognition are also part of current authentication mechanisms.

3D Secure and PSD2

Strong Customer Authentication (SCA) was introduced as a part of the PSD2 directive which is the new authentication requirements. It is created to reduce fraud and better security. To authenticate the payer, you will need at least two of the following factors.

  • Password or Pin
  • Phone or hardware token for authentication
  • Fingerprint & face recognition

European banks have started declining payments that require SCA. Low risk and low-value transactions may still be accepted as well as subsequent payments in a recurring subscription. There are some uncertainties in terms of this regulation especially the application to non-EU customers or EU customers buying outside the US. Therefore, we suggest all merchants update their payment integrations to support SCA despite their location.

What does this all mean for Magento merchants?

According to PSD2, EU (including the UK) will have to implement SCA (Strong Customer Authentication). SCA has already come into effect for all European eCommerce transactions which fall under PSD2. Further, in October 2019, this 3DS 2.0 scheme will be mandatory for European online business and later in 2020 3DS 2.0 will be launched worldwide.

Magento Payment Provider Recommendations

We have mentioned a few recommendations for the Magento native payment integration which will ensure that customers payment does got get declined

Payment ProviderMagento Commerce 2.X
PayPalContinue using the current Magento built-in integration, as the 3D Secure 2.0 payment flow changes are all handled by PayPal.
Authorize.netUse the official extension (recommended) or the Magento integration in upcoming version 2.3.3+ or 2.2.10+ with a 3D Secure. provides the ability, via the chardholder Authentication request field, to make 3D Secure verification via 3rd party services. Starting from Magento 2.3.3 release, AcceptJs integration will support 3DS 2.0.

CyberSource Cybersource introduced Payer Authentication API with 3D Secure 2.0 support for Secure Acceptance Hosted Checkout and Simple Order API.
eWayUse the official extension.

Get in touch with your payment provider to know what their recommendations are for supporting the PSD2 SCA requirements.

Magento future versions will deprecate and ease the core integration in support of official payment integrations in the marketplace such as CyberSource,, eWay, Worldpay. To provide the latest features with free official payment extensions, the official integrators will work closely with all the vendors around the world.

Was this article helpful?
Fill the form below if you want to install 3D Secure 2.0 in your Magento store or looking for any Magento consulting service


Recent Articles

Get a Free Quote


Author Info

Author Image


Eshika Is a bibliophile and conversationalist. Her life revolves around writing , photography, presentation and repeat. "go with the Flow" is her approach in life.