EMVCo Publishes EMV® 3-D Secure 2.3 to Support More Secure and Convenient E-Commerce Authentication

EMV® 3DS Version 2.3 expands support for digital channels and devices to help issuers, acquirers and merchants fight card-not-present fraud, while improving the consumer experience.

 06 October 2021 – Global technical body EMVCo has enhanced the EMV® 3-D Secure (3DS) Specifications to improve the consumer experience and fraud fighting capabilities for issuers, acquirers and merchants across e-commerce channels and devices. The latest version, EMV 3DS 2.3, has been published following approval of its release by EMVCo’s Board of Advisors.

EMV 3DS 2.3 introduces enhancements to increase flexibility for optimising EMV 3DS implementation across multiple channels and devices, help issuers identify fraudulent transactions more quickly and accurately, and streamline the authentication process for consumers to improve the overall payment experience.

Key updates include:

Greater flexibility to support different technical environments

  • New Split-SDK model with multiple variants makes it easier to implement EMV 3DS across both traditional and non-traditional e-commerce payment channels and devices, such as smart speakers and other IoT devices.

Additional authentication approaches to enhance security and fraud prevention

  • EMVCo has collaborated with the World Wide Web Consortium (W3C) and the FIDO Alliance to include support for WebAuthn (Web Authentication) and SPC (Secure Payment Confirmation) that issuers and merchants can use within the EMV 3DS flow to better determine the legitimacy of a transaction in order to reduce the risk of fraud.

Streamlined consumer authentication

  • Support for device binding, which enables the consumer to be remembered on their device and can reduce the need for an authentication challenge.
  • Automated out-of-band (OOB) transitions, which help the consumer to switch seamlessly between a merchant application and an authentication application.
  • Additional recurring transaction data and EMV Payment Token data, which help issuers to better identify the transaction and can simplify the authentication experience for future purchases.

“Fighting payment fraud and reducing checkout friction is key to businesses delivering a safe and convenient online shopping experience for their customers,” says Robin Trickel, Chair of the EMVCo Executive Committee. “EMVCo continually collaborates with the payments community to look for opportunities to optimise efficiencies, improve usability and promote consistency, without compromising security. We are excited about the potential of EMV 3DS version 2.3 to support the delivery of better, safer checkout experiences in new digital payment scenarios.”

The EMV 3DS Specifications are available on the EMVCo website and include the EMV® 3-D Secure—Protocol and Core Functions Specification, the EMV® 3-D Secure—SDK Device Information, the EMV® 3-D Secure—SDK Specification, and the EMV® 3-D Secure—Split-SDK Specification.

To learn more about the latest EMV 3DS activity, view EMV® Insights.

About EMV 3DS

EMV 3DS is a fraud prevention technology that enables consumer authentication, without adding unnecessary friction to the payment process that often leads to abandoned purchases. Merchants use EMV 3DS to confirm that the consumer making the purchase is the actual cardholder. This authentication process involves the merchant sending data to the issuer so they can approve the transaction, which includes information about the transaction, payment method and device being used. The EMV 3DS Specifications provide a common set of requirements that product providers can use to integrate this technology into their solutions.

 

– ENDS –

For further EMVCo media information please contact David Amos / Chloe Mercer– Tel: +44 113 3501922 or email: david@iseepr.co.uk / chloe@iseepr.co.uk

View PDF

Notes to Editors

EMV® is a registered trademark in the U.S. and other countries and an unregistered trademark elsewhere. The EMV trademark is owned by EMVCo, LLC.

About EMVCo

EMVCo creates and manages EMV Specifications and programmes that enable seamless and secure card-based payments for businesses and consumers worldwide.

EMV Specifications support technologies including EMV Chip Contact, EMV Chip Contactless, Mobile, QR Code, Secure Remote Commerce (SRC), 3-D Secure (3DS) and Payment Tokenisation and are widely used by the payments industry to develop products and services that deliver trusted and convenient in-store, online and remote card-based payments.

As a global technical body, EMVCo is collectively owned by American Express, Discover, JCB, Mastercard, UnionPay and Visa. Hundreds of payments stakeholders, including merchants, banks and technology providers, participate as EMVCo Associates and Subscribers to develop, evolve and enhance flexible EMV Specifications that support innovation and address marketplace needs. All EMV Specifications are available royalty free on the EMVCo website.

www.emvco.com | EMV® Insights | LinkedIn | Twitter | Podcast | An Introduction to EMVCo | YouTube