EMV® 3-D Secure Specification

EMV® 3-D Secure (3DS) is a messaging protocol that promotes frictionless consumer authentication when making card-not-present (CNP) e-commerce purchases. It enables consumers to actively authenticate themselves with their card issuers if cardholder verification is required. Consumer authentication by the exchange of 3DS data between the merchant and a card issuer can increase authorisation approval rates, as well as potentially reduce the risk of fraud.

The three domains consist of the merchant / acquirer domain, issuer domain, and the interoperability domain (i.e. payment systems).

EMVCo has created, owns and manages the EMV 3-D Secure – Protocol and Core Functions Specification v2.1.0 and related industry materials.

The EMV® 3-D Secure Specification:

  • Supports specific app-based purchases on mobile and other consumer devices.
  • Promotes an improved consumer experience by enabling intelligent risk-based decisioning that encourages frictionless consumer authentication.
  • Delivers enhanced security features.
  • Specifies use of multiple options for step-up authentication, including onetime passcodes, as well as biometrics via out-of-band authentication flows.
  • Enhances functionality that enables merchants to integrate the authentication process into their checkout experiences, for both app and browser-based implementations.
  • Offers performance improvements for end-to-end message processing.
  • Adds a non-payment message category to provide cardholder verification details to support various non-payment activities, such as adding a payment card to a digital wallet.
  • Enables merchant-initiated account verification.
  • Is available on a royalty-free basis to all industry participants and to the public.

EMVCo is using this specification to develop functional testing for EMV® 3DS solutions to evaluate their compliance to version 2.1.0. It has published an approval administrative process, which specifies how to submit a product for compliance testing and request for its approval. This is supported by an EMVCo bulletin, which outlines the fee structure for EMV® 3DS approval requests.

Resources

EMV® 3-D Secure demo

Visual demonstration of how EMV® 3DS-Compliant Solutions can be implemented on a mobile device or integrated into merchant’s app. It highlights 3 possible verification scenarios: frictionless flow, one-time-passcode, and out of band.

EMV® 3-D Secure webcast

In this webcast, recorded in October 2016, Craig Gilbert, Chair of EMVCo’s 3DS Working Group, provides an overview of EMV® 3DS and shares the drivers for the new specification. Listeners will also receive insight into some use-case examples.

EMV® 3DS Frequently Asked Questions

In this Frequently Asked Question document, readers can learn more about 3-D Secure, the role that it plays in the payments ecosystem, and why EMVCo is involved in this area.

Trademark & Assets

EMV® Trademark Usage Guidelines

These guidelines define acceptable use for the EMV® Mark in printed and on-screen applications.