EMV® 3-D Secure Specification

EMV® 3-D Secure (3DS) is a messaging protocol that promotes frictionless consumer authentication by enabling consumers to authenticate themselves with their card issuers when making card-not-present (CNP) e-commerce purchases. The additional security layer helps prevent unauthorised CNP transactions and helps protect the merchant from exposure to CNP fraud.

The three domains consist of the merchant / acquirer domain, issuer domain, and the interoperability domain (i.e. payment systems). EMVCo has created, owns and manages the EMV® 3-D Secure – Protocol and Core Functions Specification v2.1.0 and related industry materials.

The EMV® 3-D Secure Specification:

  • Supports specific app-based purchases on mobile and other consumer devices.
  • Promotes an improved consumer experience by enabling intelligent risk-based decisioning that encourages frictionless consumer authentication.
  • Delivers enhanced security features.
  • Specifies use of multiple options for step-up authentication, including one-time passcodes, as well as biometrics via out-of-band authentication flows.
  • Enhances functionality that enables merchants to integrate the authentication process into their checkout experiences, for both app and browser-based implementations.
  • Offers performance improvements for end-to-end message processing.
  • Adds a non-payment message category to provide cardholder verification details to support various non-payment activities, such as adding a payment card to a digital wallet.
  • Enables merchant-initiated account verification.
  • Is available on a royalty-free basis to all industry participants and to the public.

EMVCo has also made available the full EMV® 3DS Test Platform, which enables the functional testing of EMV® 3DS solutions. 3DS product providers can now confirm whether their solutions will perform in accordance with the EMV® 3-D Secure Protocol and Core Functions Specification v2.1.0, or its EMV® 3-D Secure – SDK Specification, and receive Letters of Approval from EMVCo.

Resources

EMV® 3-D Secure demo

Visual demonstration of how EMV® 3DS-Compliant Solutions can be implemented on a mobile device or integrated into merchant’s app. It highlights 3 possible verification scenarios: frictionless flow, one-time-passcode, and out of band.

EMV® 3-D Secure webcast

In this webcast, recorded in October 2016, Craig Gilbert, Chair of EMVCo’s 3DS Working Group, provides an overview of EMV 3DS and shares the drivers for the new specification. Listeners will also receive insight into some use-case examples.

EMV® 3-D Secure Frequently Asked Questions

In this Frequently Asked Question document, readers can learn more about EMV® 3DS, the role that it plays in the payments ecosystem, and why EMVCo is involved in this area.

EMVCo Statement on EMV® 3-D Secure Testing

This statement, published on 1 August 2018, provides an update on the launch of the EMV® 3DS Testing Programme.

Trademark & Assets

EMV® Trademark Usage Guidelines

These guidelines define acceptable use for the EMV® Mark in printed and on-screen applications.