(3DS) is an authentication protocol that adds an additional security layer to card transactions. 3DS verifies that the person making a purchase is the legitimate cardholder. This helps protect both your business and your customers from fraudulent activity.
When 3DS is activated, the issuing bank might request cardholders authenticate through a familiar security prompt. Common authentication methods include:
Customers may recognize the authentication flow through card network branding such as Visa Secure, Mastercard Identity Check, or American Express SafeKey.
The (SCA) regulation requires 3DS in certain regions. Understanding these requirements helps you implement compliant payment flows.
| Region | Regulation | 3DS Required | Status |
|---|---|---|---|
| EEA (European Economic Area) | PSD2 / SCA | ✅ Yes | Required since September 2019 |
| United Kingdom | Similar to PSD2 | ✅ Yes | Required (post-Brexit) |
| India | RBI Guidelines | ✅ Yes | Mandatory for card payments |
| Japan | JFSA | ✅ Yes | Phased implementation |
| Australia | - | ⚠️ Recommended | Optional but encouraged |
| United States | - | ❌ Optional | Fraud prevention tool |