Progressive roll-out
of 3DS V2
By introducing new security standards for online payments, the PSD2 (Payment Services Directive 2) obliges the use of strong authentication methods with the 3D Secure V2 standard for each payment. These European regulations signal the end of the SMS OTP (One Time Password).

x3
3DS
11%
of 3D Secure
The frictionless journey
Special cases
with the frictionless route

- Merchant Initiated Transaction (MIT)
- Mail Order and Telephone Order
- Outside the European Economic Area if the PSP acquirer and/or transmitter is outside the EEA
Conditions
to promote
a frictionless course
- Merchant requests frictionless mode
- The merchant transmits a maximum of data
- The merchant maintains a fraud rate below the threshold imposed by the RTS
The merchant has the best assets to maintain its acceptance rate
- Merchant requests frictionless mode
- Merchant does not transmit enough data
- The merchant maintains a fraud rate below the threshold imposed by the RTS
The merchant is forced by the issuer, who can accept the request in frictionless mode or continue to apply refusals
- Merchant requests frictionless mode
- The merchant transmits a maximum of data
- The merchant does not maintain a fraud rate below the threshold imposed by the RTS
The merchant is forced by the issuer, who may increase the trigger rate for two-factor authentication or reject transactions
- Merchant does not transmit enough data
- The merchant does not maintain a fraud rate below the threshold imposed by the RTS
The merchant is forced by the issuer, who rejects all transactions, all subject to systematic two-factor authentication
Course with friction (challenge stage)
to the course with friction, then
Conditions for a valid,
strong authentication
RTS came into effect on September 14, 2019 to finalise the application of PSD2 in Europe, with Strong Client Authentication (SCA) to be expected for all online transactions. Strong authentication is said to be valid when the method used combines at least 2 of the following 3 criteria: