3D Secure

3D Secure is a protocol that introduces an additional layer of security to improve internet payments experience for e-commerce. The 3D stands for the three different entities which are involved in providing this added security.

  • The acquirer entity (For Example: The merchant shop)

  • The interchange entity (For example: The payment card network)

  • The issuer entity (For example: The nCore platform)

nCore supports both 3D Secure 1 and 3D Secure 2 protocols. Details are given below.

3D Secure version 1:

3D Secure version 1 requires authenticating the cardholder before processing the e-commerce transaction. It is to authorize online transactions by requesting customers to complete a verification with the issuer every time. For example, when the merchant initiates 3D Secure authentication, the cardholder must then enter a one-time passcode (OTP) received via SMS or email to continue with their online purchase.

Note, that the strings <CARD_LAST4_DIGITS> and <OTP> should be uppercase in SMS template body.

3D Secure version 2:

3D Secure version 2 is a new and improved secure authentication protocol, which makes several enhancements to the original 3D Secure protocol version 1. Even though 3D Secure 1 provided good security, 3D Secure 2 gives an enhanced cardholder experience and it is updated for payments made using smartphones and wallets (for example Apply Pay, Google Pay or Samsung Pay etc), also leveraging advanced authentication like biometrics.

3D Secure version 2 provides seamless shopping experience, increased approval rate, and maximum security for merchants and their customers.

Main advantages are:

  • Frictionless flow does not require any interaction from the cardholder

  • Challenged based flow has a high risk, additional authentication* is required which brings higher authorization rates with lower fraudulent transactions

What does “additional authentication*” mean?

It means that the issuer has the capability and access to significantly more transaction data points like merchant address, URL, device information, billing address & etc to take decision and route cardholder either to a frictionless flow or the challenged based flow.

3DS 1 vs 3DS 2:

S No

3D Secure 1

3D Secure 2


Static password - OTP

Frictionless flow with no cardholder action required


High abandonment

Better risk analysis which reduce false declines


Outdated Technology

Compliant with latest technology and regulatory requirements


Low adaptation

High compatibility

For more about using 3D Secure with the nCore platform, please contact NymCard’s representative.

Last updated