At the 2025 Identity & Payments Summit in San Diego recently, our Chief Strategy Officer, Dewald Nolte, participated in a panel discussion entitled, “Unlocking 3DS – Overcoming Barriers to Adoption.” The discussion explored why so many providers are not yet leveraging the full potential of 3-D Secure (3DS) as a fraud prevention tool.
As it turns out, it’s largely because of a historical issue. Many still view 3DS in a limited capacity: as merely a compliance checkbox, when it’s about so much more than just compliance!
It’s about the impact of collaboration within the payments ecosystem. When issuers and merchants work together, it can increase transaction success rates, reduce e-commerce fraud, and enable secure, seamless checkout experiences for legitimate cardholders.
What’s more, regardless of whether issuers operate in regulated or unregulated markets, they need infrastructure that can collect and share risk data at the front lines of the fraud battle: the merchants. 3DS can do all that – and more – which is what I intend to explore further in this blog.
Enabling smarter 3DS risk decision-making
What an issuer knows about a cardholder and what a merchant knows about a customer often comprise completely different – but equally powerful – sets of information. When you put that data together, you create something really valuable: smarter risk decisioning. The resultant risk intelligence puts the issuer in a better position to identify and prevent risk, and identify opportunities to remove friction, when that intelligence has verified their loyal and active cardholders.
Essentially, 3DS enables us to bring those two worlds together, as Dewald described. It can create a moment of collaboration when the customer is both the merchant's customer and the issuer's customer – and both are working together to make it the best experience for that customer.
Here’s an example. As an issuer, I know that John X shops at these merchants in these locations, and always shops on a particular device. One of those merchants submits the transaction for John’s purchase, which includes the phone number and delivery address.
Putting all that together, the issuer may say, ‘Hey, this phone number or address are not the same as what we’ve got on our records – something could be wrong.’ With a broader collection of data at their disposal, supported by risk-based authentication measures, the issuer can make a more informed risk decision and better protect merchants and legitimate cardholders. Which also means they can approve transactions that their system might otherwise have declined.
Driving higher adoption rates for 3-D Secure
One of the challenges to the widespread adoption of 3DS in North America is that merchants may not fully grasp the value it can offer them. When 3DS is mentioned, some still call up horror stories of high rates of false declines and checkout abandonment. While those concerns were certainly valid with the earlier implementations of 3DS, those were largely the result of “creative” implementations on the part of solution providers, and early adopters stretching the boundaries of the various network programs.
Curious about 3-D Secure’s backstory? Read Ben’s blog: A history of 3-D Secure: Creating workable solutions through collaboration.
The reality is that 3DS and risk-based authentication are much more sophisticated these days. The technology is considerably more accurate regarding which transactions to approve and decline, with a lot less friction. And if issuers proactively share risk data with merchants, informing them which signals led to an approval or decline, merchants can use that data to have more control over the user experience and take advantage of options to bypass friction.
As active participants in exchanging risk data, it’s likely that merchants will better appreciate the value of 3DS and be more willing to embrace the protocol.
Mitigating fraud with a 3DS ACS that collects and shares risk data
Fraud vectors are constantly evolving. And fraudsters are not the only perpetrators. Sometimes customers are the guilty party. In the U.S., for instance, 22% of consumers “admit to disputing legitimate transactions,” Datos Insights reports. These particular chargebacks, called first-party or friendly fraud, are where the cardholder makes a legitimate purchase but then claims that it wasn’t them but rather a fraudster (and then keeps whatever they purchased).
First-party fraud is still a big problem for merchants and issuers, costing them out of pocket and requiring considerable resources to manage the dispute process. This is another reason why merchants should reconsider their views of 3DS.
Fortunately, the 3DS authentication flow enables issuers to create an audit trail of risk signals that can potentially prove the cardholder authenticated the transaction. These signals, such as transaction class, value, their usual device, or a typical location, provide the evidence that issuers and merchants need to protect themselves in these situations.
At Entersekt, our 3DS ACS helps our clients access this evidence or audit trail. Here’s a typical scenario:
The issuer marked a transaction as fraudulent, labelling it as account takeover (ATO) fraud. The cardholder claimed that someone else used his card details to make a transaction without his knowledge. Yet the audit trail showed that the transaction originated from the same browser and from the same location the customer had used for all other transactions. This was not ATO. It’s a clear example of first-party fraud.
And with that evidence, issuers can speed up their dispute resolution process and reduce their fraud losses.
The best way forward for 3-D Secure
In my view, the issues in the payment ecosystem that 3DS was designed to address affect all stakeholders. If we want to truly move fraud out of the system, we need this type of information sharing and collaboration. If players continue to consider their 3DS solutions simply as compliance measures, then we are just shifting that fraud around.
Issuers that take the proactive step of sharing post-transaction risk data with merchants, can enable merchants to take back more control of their customer’s experience and become more invested in 3DS. In the end, issuer and merchant collaboration on 3DS will benefit issuers, merchants, and consumers alike.
Ready to learn more? Explore Entersekt's next-gen 3-D Secure solutions.