This week, EMVCo published an updated specification for EMV 3-D Secure, a protocol that enables consumers to authenticate themselves with their card issuer during e-commerce transactions. Unlike the original iteration of 3-D Secure, EMV 3-D Secure (previously known as 3-D Secure 2.0) uses a risk-based approach so consumers are required to authenticate in far fewer cases, reducing friction at checkout.
New provisions of the specification, which was last updated in October 2017, allow for customers of European merchants using Strong Consumer Authentication under PSD2 to bypass authentication and enable authentication for other types of CNP transactions (i.e., mail and telephone orders).
"EMV 3DS exists to promote secure, consistent consumer authentication for e-commerce transactions across all channels and connected devices, while optimizing the cardholder's experience," said Stephanie Ericksen, chair of the EMVCo Executive Committee. "Our work in this area continues to evolve to ensure we respond to new marketplace requirements. EMVCo continues to encourage the payments community to get involved and provide feedback on the EMV 3DS activity."