What is improvement in 3-D Secure 2.0 and Why HiTRUST?
HiTRUST has achieved notable accomplishments in the field of EMV 3DS and payment security. Here are our industry highlights.
-
HiTRUST has been certified as an EMVCo 3DS compliant solution provider for EMV 3DS and ACS with our technology meeting the strict security and functionality requirements set by the EMVCo.
-
HiTRUST has partnered with major payment schemes, such as Visa and Mastercard, to provide customers with EMV 3DS and ACS authentication solutions that are fully compliant with the latest standards.
-
HiTRUST has developed a suite of tools and services to help merchants and payment service providers (PSPs) implement EMV 3DS and ACS quickly and easily, including SDKs, APIs, and integration guides.
What is 3-D Secure and how does it work?
EMV 3DS with OTP Flow
- An extra layer of protection for online card transaction.
- Enable the issuer to confirm the identity of card user during the transaction processing.
- The issuer can decide whether to involve the cardholder based on the transaction risk.
- There are various authentication methods, including OTP, OOB, FIDO, etc.
3-D Secure 2.0 enhancements
Due to the above-mentioned drawbacks, the payments industry recognized the need to create a new 3-D Secure specification to better reflect current and future market requirements. Thus since January 2015, EMVCo, a company which is collectively owned by American Express, Discover, JCB, MasterCard, UnionPay and Visa, were developing the EMV 3DS 2.0 Specification and in October 2016, the specs for 3-D Secure 2.0 was published.
New features of 3-D Secure 2.0:
Supports in-app payment on mobile and other consumer devices
Improves the consumer experience by enabling intelligent risk detection to streamline authentication process
Specifies use of multiple options for step-up authentication, including one-time password and biometrical recognition
Enhancements that enable merchants to integrate the authentication process into their checkout experiences
Improve message processing capacity of merchants, issuers, and acquirers
Adds the non-payment message category to provide cardholder verification details to support various non-payment activities, such as adding a payment card to a digital wallet.
3DS2 schedule
| Liability shift | Issuer deadline | Acquirer deadline | |
| VISA | 2019/04 | 2019/10 | 2020/10 |
| Mastercard | 2018/10 | 2019/10 | 2020/10 |
| JCB | 2019/04 | 2019/10 | 2020/10 |
| CUP | 2019/11 | 2019/10 | 2020/12 |
