Skip to main content

3DS Exemptions

3D Secure (3DS) exemptions allow merchants to request that certain payments are exempted from regulatory requirements for Strong Customer Authentication (SCA), which is the case under PSD2 regulations. This helps reduce checkout friction and improve conversion rates - especially for returning customers or low-risk transactions. While exemptions can significantly improve conversion rates, they also come with trade-offs. Exempted transactions do not carry 3DS liability shift, meaning that by using exemptions you accept responsibility for potential fraud chargebacks.
Before enabling exemptions, assess your fraud rates, issuer relationships, and appetite for risk.
Primer supports Transaction Risk Analysis (TRA) exemptions in the 3DS authentication flow. This ensures that, if an exemption is not accepted by the cardholder’s bank, the payment continues seamlessly with a standard 3DS authentication - without needing a second authorization request.
Exemptions are only available when using Primer 3DS. 3DS exemptions managed by the processor are not supported.

How Exemptions Work

When a 3DS exemption is requested:
  1. The exemption request is included during the 3DS authentication flow.
  2. The issuer reviews the transaction data and decides whether to accept or reject the exemption.
    • If accepted, no challenge is presented and the 3DS result will show SKIPPED with a reason code of EXEMPTION_ACCEPTED.
    • If rejected, the request automatically reverts to a standard 3DS flow without affecting the checkout flow.
  3. The result of the exemption is then included in the processor’s authorization request.
You can monitor these outcomes directly in your Primer Dashboard and API responses.
Here is a summary of the outcomes of the 3DS Exemption request
Exemption outcome (depends on the issuer)3DS status in PrimerShopper experienceLiability
AcceptedSkipped: Exemption request acceptedNo 3DS ChallengeMerchant holds fraud liability
Rejected, failover to frictionless3DS Authentication successful (frictionless)No 3DS ChallengeLiability shift applies
Rejected, failover to challenge3DS Challenge initiatied3DS Challenge presentedLiability shift applies if challenge passed

Implementing Exemptions

Before you start

Before adding 3DS Exemptions to your payment flow,
  • Make sure 3DS via Primer is enabled on your account
  • Ask your processor(s) and/or acquirer(s) to enable 3DS exemptions on your MIDs

Processor Support

Currently, 3DS exemptions are supported for the following processors:
ProcessorAuthentication Exemption Support
Checkout.com✅ Supported on Visa, Mastercard & Cartes Bancaires
Payplug✅ Supported on Visa, Mastercard & Cartes Bancaires
Adyen✅ Supported on Visa, Mastercard & Cartes Bancaires
Stripe✅ Supported on Visa, Mastercard & Cartes Bancaires
JPMC✅ Supported on Visa & Mastercard
If you perform a 3DS exemption, make to authorize the payment with a supported processor. Non-supported processors will not receive any 3DS data, which may reduce performance.

Best Practices

  1. Stay within thresholds: The TRA limit depends on merchant and processor fraud performance - typically €100/£85, €250/£220, or €500/£440. The standard is €250, but we advise confirming the applicable amount with your processor(s) before activating this option.
We strongly recommend communicating with your processor(s) to ensure your accounts are eligible for exemption usage, as some processors have specific requirements before enabling this capability.
  1. Apply fraud checks prior to requesting an exemption: TRA exemptions are designed to be used in combination with additional fraud analysis. Before requesting an exemption, ensure the transaction has passed risk checks, either via your own fraud analysis or via a pre-authorization fraud check.
  2. Monitor results: Compare authorization success between exempted and non-exempted payments.

Request an Exemption

You can request a 3DS exemption in two ways:

Exemptions via the Perform 3DS action

  1. Add a Perform 3DS action to your Workflow.
  2. Under 3DS options, select Request TRA exemption.
  3. Save and publish your Workflow.
Perform 3DS Exemption Option

Perform 3DS - Request Exemption Option

Note: You can only apply one 3DS option per transaction (e.g., Mandate Challenge or Request TRA Exemption).
We recommend using conditions to apply exemptions only to specific scenarios - for example:
  • Transaction amount under €250
  • Returning customers
  • Low fraud risk flagged by an internal fraud detection system
Exemption Eligible Condition Check

Condition Block for Exemptions

Exemptions via Fraud Provider recommendation in the Authorize action

You can also allow your Fraud Provider to decide whether an exemption should be applied or not via pre-authorization fraud checks:
Forter pre-authorization exemption

Condition Block for Mandate Challenge

If your fraud provider recommends an exemption and your Workflow is configured to follow that recommendation, Primer will automatically request a TRA exemption. After the exemption is requested, if the issuer rejects it, the payment automatically attempts to authenticate the payment with a standard 3DS authentication flow, before sending the payments to the processor.
You can view more details on configuring the pre-authorization fraud checks in our configuration guide.
This option is currently only supported when using Forter as your Fraud Provider.

Viewing Exemptions

You can view exemption outcomes in both your Dashboard and via API responses.

In the Dashboard

Exemption details are visible in two key areas:
  • Payment Details View Under 3DS authentication, the 3DS attempt will show as Skipped: Exemption request accepted
Timeline Exemption View

Payment Timeline - Exemption View

An Exempted flag will also be present within the 3DS details.
Timeline Exemption View Details

3DS Details - Exempted Flag

  • Workflow Run Timeline Displays events such as TRA exemption requested and TRA exemption accepted or TRA exemption rejected along with output details.
Workflow Exemption Accepted

Workflow View - Exemption Accepted

Workflow Exemption Rejected

Workflow View - Exemption Rejected

In the API

When a 3DS exemption is requested and accepted, the API response will include the object threeDSecureAuthentication under the 3DS authentication object: 
"threeDSecureAuthentication": {
//
  "responseCode": "SKIPPED",
  "reasonCode":   "EXEMPTION_ACCEPTED",
  "reasonText":   "Exemption request accepted",
//
}
These fields are returned in all relevant API responses and notification payloads where the 3DS data is present - including the Payment, Authorization, and related transaction objects.
Tip: You can use the reasonCode to filter and report on exemption performance across your payments - for example, by tracking the proportion of transactions with EXEMPTION_ACCEPTED against total 3DS attempts.

Search & Observability

Transactions that have had a 3DS exemption applied can be filtered for using the 3DS Reason Code filter option.
Timeline Exemption Filter

Filtering for Exemptions

This can be applied on the Payment Timeline, along with all Observability dashboards:
Observability Exemption Filter

Filtering for Exemptions in Observability

Testing the Exemption Flow

You can test your exemption setup in sandbox using our 3DS test cards. To confirm your Workflow is correctly requesting and handling exemptions:
  1. Configure your “Perform 3DS” action to “Request TRA exemption”.
  2. Use a “Manual Challenge” test card for Visa or Mastercard from our 3DS testing cards page.
    • When an exemption is requested with this card, it will return an exemption result instead of triggering a 3DS challenge.
    • In your Workflow run and payment logs, you’ll see TRA exemption requested followed by Exemption Accepted.
  3. Verify that the payment proceeds without a challenge and that your API response includes: 
    "threeDSecureAuthentication": {
  "responseCode": "SKIPPED",
  "reasonCode":   "EXEMPTION_ACCEPTED",
  "reasonText":   "Exemption request accepted",
}