🔐 Understanding 3D Secure (3DS) and How TOOLBX Uses It

3D Secure (3DS) adds an extra layer of protection to online card payments by authenticating the shopper during checkout. TOOLBX uses 3DS strategically — applying it to high-risk or high-value transactions — to reduce fraud, shift liability away from dealers, and maintain a smooth experience for trusted buyers.

3D Secure (3DS) is a security protocol designed to enhance the safety of online card transactions. It introduces an additional verification step during checkout to help prevent unauthorized card use and reduce online fraud.

The authentication process evaluates multiple data points in real time, such as:

• The shopper’s location

• The device being used

• The card’s transaction history

• The accuracy of information (e.g., billing address, email) compared to what the card issuer has on file

When authentication is successful — either through a one-time password or a frictionless background check — liability for fraud-related chargebacks typically shifts to the card issuer, offering merchants added protection.

The first version of 3DS added authentication by redirecting shoppers to their bank’s website to enter a password or code. While it provided added security, it disrupted the checkout experience — especially on mobile devices — and often led to cart abandonment.

The updated version, 3DS2, was designed to address those issues. It enables risk-based authentication by sharing more transaction data with the issuing bank, allowing many authentications to happen in the background, without customer input.

Benefits of 3DS2 include:

• Seamless authentication flow (no redirects)

• Better mobile support

• Lower cart abandonment

• Faster checkouts

According to Visa, 3DS2 reduces cart abandonment by up to 70% and increases checkout speed by 85% compared to 3DS1.

Adoption rates of 3DS2 vary by country:

• In Canada, adoption is over 90%

• In the United States, adoption is closer to 55%

This means that some shoppers may still experience the 3DS1 flow, depending on their card issuer.

At TOOLBX, we use 3DS strategically to protect our dealers from fraud while maintaining a smooth customer experience. Our 3DS implementation considers:

• ✅ First three transactions from a new customer — to establish trust and verify intent

• ✅ All orders or order deposits over $500 — due to higher risk

• ✅ All AR payments over $1,500, regardless of history

While 3DS is highly effective at preventing unauthorized card use, it does not protect against all types of fraud.

Specifically:

• Friendly fraud (e.g., a customer who makes a purchase and later requests a chargeback despite receiving the goods) can still occur

• Refund abuse and return fraud are also outside the scope of 3DS protection

Additionally, not all banks and card issuers fully support 3DS2 — meaning some transactions may fall back to 3DS1 or bypass 3DS altogether, depending on the issuer’s capabilities.

When 3DS authentication is completed successfully:

✅ Liability for fraud-related chargebacks shifts to the card issuer, not the dealer.

This helps protect your business from financial losses tied to unauthorized card use.

However, for other types of chargebacks (such as friendly fraud or service disputes), 3DS does not apply. In those cases, TOOLBX notifies you and allows you to choose whether to dispute the chargeback.

📘 For more on how chargebacks work and how to respond, read our article on chargebacks & dispute management.