3D Secure
Security protocol for online cards.
Why it matters
3DS matters because it sits at the trade-off between fraud prevention, approval rate, checkout conversion, issuer liability, and SCA compliance for card-not-present transactions.
How it works
In practice, the merchant initiates the authentication request, transaction data is passed to the issuer through the 3DS rails, and the issuer either approves frictionlessly or requires a challenge such as a one-time code, biometric step, or other authentication method.
Risks and pitfalls
The risk is overusing challenges and damaging conversion, or underusing authentication and increasing fraud exposure. Correct 3DS analysis separates protocol support, issuer behavior, exemption logic, and merchant UX.
Regional notes
For BIST/MOEX/global commerce, 3DS should be interpreted through local issuer support, card-not-present fraud patterns, SCA-like requirements, and the merchant category’s tolerance for checkout friction.
Related terms
Compare with
Two-Factor AuthenticationBuild from
Payment GatewayPrimary sources
EMVCo
2026-03-15EMVCo: EMV 3-D Secure
Primary source for 3DS protocol terminology.
European Banking Authority
2026-03-15European Banking Authority: Strong Customer Authentication
Primary source for SCA and PSD2 compliance context.
Adyen
2026-03-15Adyen: Payment methods glossary
Reference source for payments terminology clusters.
Reviewed
5/4/2026
Common questions
What does 3D Secure mean?
Security protocol for online cards.
Why does 3D Secure matter in fintech?
3DS matters because it sits at the trade-off between fraud prevention, approval rate, checkout conversion, issuer liability, and SCA compliance for card-not-present transactions.
What risks should teams watch with 3D Secure?
The risk is overusing challenges and damaging conversion, or underusing authentication and increasing fraud exposure. Correct 3DS analysis separates protocol support, issuer behavior, exemption logic, and merchant UX.