๐ Understanding 3D Secure (3DS) and How TOOLBX Uses It
Summary
3D Secure (3DS) adds an extra layer of protection to online card payments by authenticating the shopper during checkout. TOOLBX uses 3DS strategically โ applying it to high-risk or high-value transactions โ to reduce fraud, shift liability away from dealers, and maintain a smooth experience for trusted buyers.
What is 3D Secure (3DS)?
3D Secure (3DS) is a security protocol designed to enhance the safety of online card transactions. It introduces an additional verification step during checkout to help prevent unauthorized card use and reduce online fraud.
The authentication process evaluates multiple data points in real time, such as:
The shopperโs location
The device being used
The cardโs transaction history
The accuracy of information (e.g., billing address, email) compared to what the card issuer has on file
When authentication is successful โ either through a one-time password or a frictionless background check โ liability for fraud-related chargebacks typically shifts to the card issuer, offering merchants added protection.
Evolution from 3DS1 to 3DS2
3D Secure 1 (3DS1)
The first version of 3DS added authentication by redirecting shoppers to their bankโs website to enter a password or code. While it provided added security, it disrupted the checkout experience โ especially on mobile devices โ and often led to cart abandonment.
3D Secure 2 (3DS2)
The updated version, 3DS2, was designed to address those issues. It enables risk-based authentication by sharing more transaction data with the issuing bank, allowing many authentications to happen in the background, without customer input.
Benefits of 3DS2 include:
Seamless authentication flow (no redirects)
Better mobile support
Lower cart abandonment
Faster checkouts
According to Visa, 3DS2 reduces cart abandonment by up to 70% and increases checkout speed by 85% compared to 3DS1.
Global Adoption of 3DS2
Adoption rates of 3DS2 vary by country:
In Canada, adoption is over 90%
In the United States, adoption is closer to 55%
This means that some shoppers may still experience the 3DS1 flow, depending on their card issuer.
TOOLBX's Use of 3DS
At TOOLBX, we use 3DS strategically to protect our dealers from fraud while maintaining a smooth customer experience. Our 3DS implementation considers:
โ First three transactions from a new customer โ to establish trust and verify intent
โ All orders or order deposits over $500 โ due to higher risk
โ All AR payments over $1,500, regardless of history
Limitations of 3DS
While 3DS is highly effective at preventing unauthorized card use, it does not protect against all types of fraud.
Specifically:
Friendly fraud (e.g., a customer who makes a purchase and later requests a chargeback despite receiving the goods) can still occur
Refund abuse and return fraud are also outside the scope of 3DS protection
Additionally, not all banks and card issuers fully support 3DS2 โ meaning some transactions may fall back to 3DS1 or bypass 3DS altogether, depending on the issuerโs capabilities.
Handling Chargebacks for 3DS Transactions
When 3DS authentication is completed successfully:
โ Liability for fraud-related chargebacks shifts to the card issuer, not the dealer.
This helps protect your business from financial losses tied to unauthorized card use.
However, for other types of chargebacks (such as friendly fraud or service disputes), 3DS does not apply. In those cases, TOOLBX notifies you and allows you to choose whether to dispute the chargeback.
๐ For more on how chargebacks work and how to respond, read our article on chargebacks & dispute management.