I don’t think a week has passed in the last five years where I haven’t discussed 3D Secure (3DS) with a colleague or a merchant. It’s been the hot topic in payments, transcending Europe's PSD2 legislation and sparking discussions among colleagues and merchants globally.
If we take a step back, it makes sense why it’s such a hot topic. 3DS, and the role of authentication in the payments journey more broadly, is an incredibly complex space. How and when a business utilizes 3DS significantly impacts its payment performance and, in turn, revenue.
Yet, the intricate nature of 3DS has proven challenging for most businesses to navigate effectively. Resource constraints, limited visibility into payment data, and the complexity of payment solutions contributes to this.
Consequently, we typically see businesses take a blanket approach: using 3DS where it’s mandated and switching it off where it’s not. It’s enough to be compliant. But it’s far from the optimal approach for a business or its customers.
However, we’ve noticed a change in merchant attitude over recent months due to the economic headwinds. More merchants are seeking strategies to optimize the application of 3DS for a seamless customer experience and enhanced revenue generation.
In a perfect world, merchants could apply 3DS on every transaction without any negative impact. But this is payments. Perfect is seldom in the vocabulary.
Universally applying 3DS presents two primary issues:
Cart abandonment: 3DS introduces friction into the customer's journey, particularly if a merchant's solution suffers latency issues, leading to increased customer drop-offs.
Issuer declines: Some issuers view a high 3DS challenge rate as a warning sign and consequently reject transactions, highlighting the nuanced nature of 3DS usage.
That said, merchants shouldn’t go the other way and only apply 3DS in situations where it’s mandated. This approach will:
Increase payment fraud risk. Not applying 3DS to authenticate a customer opens the door to fraudsters—and if there is fraud, you’ll be liable.
Issuer declines. Many issuers either require or favor transactions with 3DS applied and will reject those that don’t. So yes, you can get increased issuer declines by using too much or too little 3DS—we told you it was confusing!
To truly optimize for 3DS, merchants should adopt a critical view when asking customers to authenticate and take an approach similar to that Deliveroo's data scientist, Jack Dai, outlined in a recent blog post.
Deliveroo recently went through an optimization process to evaluate the efficacy of its 3DS rules. They posed a fundamental question: Do the benefits of applying 3DS outweigh the negative impact on cart abandonment and reduced order volumes?
To answer this, they conducted numerous A/B tests across their payment volume, identifying overly restrictive rules that negatively affected the business.
The result: By optimizing these rules, Deliveroo reduced its 3DS rate by nearly 40% without heightening fraud risks for the company, its customers, and partners.
You might say what Deliveroo has done is all well and good, but I don’t have the time or resources to spend days analyzing all the 3DS data and running tests. And we hear you. That’s why we’ve built a solution, Observability Pro, that makes it easy.
For instance, here’s how you uncover and optimize the impact 3DS has on your authorization rates using the solution.
Select the 3D Secure Authentication Rate in the Observability Pro dashboard to find a list of the BINs with the highest number of failed 3D Secure authentications. These are the most likely to benefit from removing 3DS.
Use filters to check the authorization rate doesn’t drop on a specific BIN when there is no 3DS, as some issuing banks require 3DS on all payments. But if there is a high authorization rate, it suggests that removing 3DS from this BIN will improve performance.
Here, you must make a cost-benefit analysis to see whether removing 3DS won’t open the door to excessive levels of fraud.
Create a new workflow route for the payments you have identified that would benefit from removing 3D Secure. Add a condition block that includes all the filters you have applied, and update the 3DS settings in the authorized action of the payments app.
Monitor performance and run the experiment across the other BINs you’ve identified.
Check out this video to see how easy it is.
This strategy is just one of many ways Primer Observability Pro, coupled with workflows and our advanced payments app, optimizes 3DS across payment flows. Get in touch to learn more.
3DS isn’t going away. Merchants stand to gain significantly by analyzing and optimizing how they deploy 3DS, as evidenced by companies like Deliveroo and others.