3D Secure

3D Secure is a tool that provides an additional layer of security for online card transactions and is supported by most card issuers. If 3D Secure is activated for your account, BlueSnap will perform a lookup during checkout to determine if the issuer requires shopper identity verification to complete the transaction. If verification is required, a popup will prompt the shopper to enter a password, which is typically a one-time code sent via text message.

Benefits

  • Reduced risk of unauthorized card use
  • Increased shopper confidence in the security of the transaction
  • Protection against fraud chargebacks for successfully authenticated transactions

Supported cards

American Express, Diner's Club, Discover, Mastercard, and Visa cards are supported with 3D Secure. Each has their own product name by which 3D Secure is known:

  • American Express SafeKey
  • Discover/Diner's Club ProtectBuy
  • Mastercard SecureCode
  • Verified by Visa

The shopper experience

The following steps outline the general 3D Secure flow with images taken from a BlueSnap Hosted Page.

Step 1: Shopper enters card information and submits payment form

Step 2: If shopper verification is required, a popup prompts the shopper to enter a password

A lookup is performed during checkout to determine if the issuer requires identity verification from the shopper. If required, a popup like the one below prompts the shopper to enter a password, which is typically a one-time code sent via text message.

Step 3: Confirmation page displays

Back to Top

3D Secure in the Hosted Pages

BlueSnap's Hosted Pages provide out-of-the-box support for 3D Secure. To get started, contact Merchant Support to request that BlueSnap enable 3D Secure for your account. After it has been enabled, you can activate it in your BlueSnap Console by going to Settings > Fraud Settings and selecting Enable 3D Secure.

3D Secure in the Payment API

BlueSnap's Payment API provides built-in support for 3D Secure. Complete implementation details are available in the API Guide for 3D Secure.

Chargeback liability shift

In addition to preventing unauthorized card use, 3D Secure can shift liability for fraud chargebacks from the merchant to the card issuer in these situations:

  • Situation 1: Shopper successfully verifies their identity by entering a password.
  • Situation 2: An issuer who perceives the transaction to be low risk authenticates without requiring identity verification from the shopper.

In Situation 2, the shopper never sees a popup window requesting a password during checkout, making the 3D Secure flow entirely transparent to them.

Chargebacks may still occur

You may still receive fraud chargebacks for transactions authenticated using 3D Secure. However, these chargebacks are considered invalid and will be automatically disputed for merchants enrolled in one of BlueSnap’s chargeback management services.

Back to Top

When to use 3D Secure

While 3D Secure provides many benefits, a risk of checkout abandonment is introduced. For example, shoppers in regions where 3D Secure is not widely implemented, such as the United States, may not be prepared to complete an additional verification step. This might result in the shopper abandoning the purchase. You might find it's best to implement 3D Secure when the shopper is located in a region where 3D Secure is commonly used or mandated by the card network, or when you perceive the transaction to be fraudulent.

In the Hosted Pages, if 3D Secure is activated, the lookup is performed for every transaction by default and the issuer determines if the shopper needs to enter a password to verify their identity. The shopper's experience is dependent on the issuer's decision.

In the Payment API, the merchant can allow 3D Secure usage at the transaction level, meaning the merchant controls whether BlueSnap performs the lookup for a specific transaction. If 3D Secure is allowed, the shopper's experience depends on whether the issuer requires identity verification.

Note:

If you would like to implement rules at the account level that determine when the 3D Secure lookup is performed, contact Merchant Support at merchants@bluesnap.com.

Sandbox testing

You may use the following cards, with any random 3-digit CVV code, to test various 3D Secure results.

Card Type
Card Number
Exp. Date
3D Secure Authentication Result

Visa

4000000000000002

01/2020

Success

Visa

4000000000000028

01/2020

Failed

Visa

4000000000000069

01/2020

Unavailable

Mastercard

5200000000000007

01/2020

Success

Mastercard

5200000000000023

01/2020

Failed

Mastercard

5200000000000064

01/2020

Unavailable