What is improvement in 3-D Secure 2.0 and Why HiTRUST?

April 21, 2020
What is improvement in 3-D Secure 2.0 and Why HiTRUST?

HiTRUST has achieved notable accomplishments in the field of EMV 3DS and payment security. Here are our industry highlights.

  • HiTRUST has been certified as an EMVCo 3DS compliant solution provider for EMV 3DS and ACS with our technology meeting the strict security and functionality requirements set by the EMVCo.

  • HiTRUST has partnered with major payment schemes, such as Visa and Mastercard, to provide customers with EMV 3DS and ACS authentication solutions that are fully compliant with the latest standards.

  • HiTRUST has developed a suite of tools and services to help merchants and payment service providers (PSPs) implement EMV 3DS and ACS quickly and easily, including SDKs, APIs, and integration guides.

What is 3-D Secure and how does it work?

EMV 3DS with OTP Flow

  • An extra layer of protection for online card transaction.
  • Enable the issuer to confirm the identity of card user during the transaction processing.
  • The issuer can decide whether to involve the cardholder based on the transaction risk.
  • There are various authentication methods, including OTP, OOB, FIDO, etc.

3-D Secure 2.0 enhancements

Due to the above-mentioned drawbacks, the payments industry recognized the need to create a new 3-D Secure specification to better reflect current and future market requirements. Thus since January 2015, EMVCo, a company which is collectively owned by American Express, Discover, JCB, MasterCard, UnionPay and Visa, were developing the EMV 3DS 2.0 Specification and in October 2016, the specs for 3-D Secure 2.0 was published.

New features of 3-D Secure 2.0:

Supports in-app payment on mobile and other consumer devices

Improves the consumer experience by enabling intelligent risk detection to streamline authentication process

Specifies use of multiple options for step-up authentication, including one-time password and biometrical recognition

Enhancements that enable merchants to integrate the authentication process into their checkout experiences

Improve message processing capacity of merchants, issuers, and acquirers

Adds the non-payment message category to provide cardholder verification details to support various non-payment activities, such as adding a payment card to a digital wallet.

3DS2 schedule

Liability shift Issuer deadline Acquirer deadline
VISA 2019/04 2019/10 2020/10
Mastercard 2018/10 2019/10 2020/10
JCB 2019/04 2019/10 2020/10
CUP 2019/11 2019/10 2020/12