EMVCo publishes EMV® 3-D Secure 2.3 to support more secure and convenient e-commerce authentication

EMV^® 3DS Version 2.3 expands support for digital channels and devices to help issuers, acquirers and merchants fight card-not-present fraud, while improving the consumer experience.

Global technical body EMVCo has enhanced the EMV^® 3-D Secure (3DS) Specifications to improve the consumer experience and fraud fighting capabilities for issuers, acquirers and merchants across e-commerce channels and devices. The latest version, EMV 3DS 2.3, has been published following approval of its release by EMVCo’s Board of Advisors.

„EMV 3DS 2.3 introduces enhancements to increase flexibility for optimising EMV 3DS implementation across multiple channels and devices, help issuers identify fraudulent transactions more quickly and accurately, and streamline the authentication process for consumers to improve the overall payment experience,” according to the press release.

Key updates include:

Greater flexibility to support different technical environments

New Split-SDK model with multiple variants makes it easier to implement EMV 3DS across both traditional and non-traditional e-commerce payment channels and devices, such as smart speakers and other IoT devices.

Additional authentication approaches to enhance security and fraud prevention

EMVCo has collaborated with the World Wide Web Consortium (W3C) and the FIDO Alliance to include support for WebAuthn (Web Authentication) and SPC (Secure Payment Confirmation) that issuers and merchants can use within the EMV 3DS flow to better determine the legitimacy of a transaction in order to reduce the risk of fraud.

Streamlined consumer authentication

Support for device binding, which enables the consumer to be remembered on their device and can reduce the need for an authentication challenge.

Automated out-of-band (OOB) transitions, which help the consumer to switch seamlessly between a merchant application and an authentication application.

Additional recurring transaction data and EMV Payment Token data, which help issuers to better identify the transaction and can simplify the authentication experience for future purchases.

“Fighting payment fraud and reducing checkout friction is key to businesses delivering a safe and convenient online shopping experience for their customers,” says Robin Trickel, Chair of the EMVCo Executive Committee. “EMVCo continually collaborates with the payments community to look for opportunities to optimise efficiencies, improve usability and promote consistency, without compromising security. We are excited about the potential of EMV 3DS version 2.3 to support the delivery of better, safer checkout experiences in new digital payment scenarios.”

The EMV 3DS Specifications are available on the EMVCo website and include the EMV^® 3-D Secure—Protocol and Core Functions Specification, the EMV^® 3-D Secure—SDK Device Information, the EMV^® 3-D Secure—SDK Specification, and the EMV^® 3-D Secure—Split-SDK Specification.

___________

EMV 3DS is a fraud prevention technology that enables consumer authentication, without adding unnecessary friction to the payment process that often leads to abandoned purchases. Merchants use EMV 3DS to confirm that the consumer making the purchase is the actual cardholder. This authentication process involves the merchant sending data to the issuer so they can approve the transaction, which includes information about the transaction, payment method and device being used.

The EMV 3DS Specifications provide a common set of requirements that product providers can use to integrate this technology into their solutions.