SIGN UP LOG IN

EMV® 3-D Secure

To reflect current and future market requirements, the payments industry recognised the need to create a new 3-D Secure specification that would support app-based authentication and integration with digital wallets, as well as traditional browser-based e-commerce transactions. This led to the development and publication of the EMV® 3-D Secure – Protocol and Core Functions Specification. The specification takes into account these new payment channels and supports the delivery of industry leading security, performance and user experience.

Specifications

Version Published Description Related Bulletins
2.1.0 31 Oct 2017 EMV® 3-D Secure SDK—Device Information See All
2.1.0 31 Oct 2017 EMV® 3-D Secure—SDK Specification See All
2.1.0 30 Oct 2017 EMV® 3-D Secure Protocol and Core Functions Specification See All

Approved Products

Acknowledgment by EMVCo that the specified product has demonstrated sufficient conformance to the EMV® Specification for its stated purpose.  Approved Products may refer to either the 3DS Server, Directory Server (DS), Access Control Server (ACS) or 3DS SDK.

See Providers

3-D Secure Component Product Providers refers to any Vendor or Service Provider that provides a 3-D Secure Component (3DS SDK, 3DS Server, Access Control Server or Directory Server) for the purpose of facilitating a 3-D Secure transaction with the acknowledgment by EMVCo that the specified product has demonstrated sufficient conformance to the EMV® Specification for its stated purpose.

Registration Number

A unique identification number assigned by EMVCo to a 3DS Product Provider.  The 3-D Secure Component Product Providers will need to register with EMVCo and/or with a Test Platform Provider prior to testing.   Only one Product Provider Registration is required.

FAQs

Q: What is EMV® 3-D Secure?

A: EMV® Three-Domain Secure (3DS) is a messaging protocol developed by EMVCo to enable consumers to authenticate themselves with their card issuer when making card-not-present (CNP) e-commerce purchases. The additional security layer helps prevent unauthorised CNP transactions and protects the merchant from CNP exposure to fraud. The three domains consist of the merchant / acquirer domain, issuer domain, and the interoperability domain (e.g. Payment Systems).

Q: What role does 3-D Secure play within the payments community?

A: The purpose of the 3DS protocol is to facilitate the exchange of data between stakeholders – the merchant, cardholder and card issuer. The objective is to benefit each of these parties by providing the ability to authenticate cardholders during a CNP e-commerce purchase, reducing the likelihood of fraudulent usage of payment cards.

Q: 3-D Secure is already used by the market. Why has a new specification been created?

A: To reflect current and future market requirements, the payments industry recognised the need to create a new specification that would support app-based authentication and integration with digital wallets, as well as traditional browser-based e-commerce transactions. This led to EMVCo’s development of a new industry specification: EMV® 3-D Secure—Protocol and Core Functions Specification (EMV® 3DS Specification)– that takes into account these new payment channels and supports the delivery of industry leading security, performance and user experience.

View all related FAQs (PDF)

Get Involved

Draft Specifications and Bulletins are shared with EMVCo Associates and Subscribers, who provide feedback and submit Queries.  They are also eligible to attend relevant meetings to discuss the Specifications.

See ways to participate