Many merchants in the U.S. are wary of 3DS due to the assumption that customer friction will increase and hurt conversions — but that assumption is only valid if the merchant applies 3DS using outdated methods.
At the Payments MAGnified in Dallas this week, Forter joined PWC to discuss why and how to leverage 3DS to maximize revenue and reduce costs — while avoiding dated and flawed strategies.
But first, how would Grandma do it?
Outdated 3DS strategies do not consider the identity behind the transaction or issuer preferences when determining when and on whom to use 3DS. Instead, they apply 3DS relying on rules, using methods such as:
- Only use 3DS for high dollar purchases: Any blanket 3DS rule like this will introduce friction for your good customers as it will not consider the risk associated with that customer interaction. These strategies tend to impact customer experience and conversion rates negatively.
- Frictionless whenever possible: When merchants apply frictionless 3DS on every eligible transaction, this will negatively impact issuer authorization rates as certain issuers are less likely to authorize a transaction where 3DS has been applied.
- Risk decline recovery: Leveraging 3DS only after a transaction has been declined may result in network penalties and harsh issuer reactions if the only 3DS traffic being sent is extremely risky.
What is the RIGHT way to leverage 3DS?
Firstly, U.S. merchants should consider leveraging 3DS on a segment of their riskier transactions that would otherwise be declined due to suspected fraud. As outlined in the chart below, merchants can leverage insights from their pre-auth risk decision to determine the good transactions that should be approved without customer authentication, the bad transactions that should be declined due to fraud, and the high-risk transactions that are worth the additional 3DS authentication to verify customer identity. Passing your risk scoring to the issuer in the authentication message helps issuers understand transactions in this category and will help guide them on their authentication response.
This strategy allows merchants to provide an excellent customer experience for their good customers while maximizing their risk approval rate and minimizing fraud liability on riskier transactions.
For less risky transactions, merchants should implement an issuer prediction model to know when a transaction can leverage frictionless authentication, the 3DS data-only flow, or neither. Because each issuer has a different risk appetite when receiving authentication data, testing and learning which flow balances risk and authorization rates is critical here. An over-reliance on frictionless authentication will lead to poor authorization rates, and sending a 3DS data-only packet to an issuer that doesn’t leverage the data is a costly mistake. Issuer models change frequently, too, so leveraging a smart testing strategy in your model will help merchants prevent the expense of wasted authentication calls.
Benefits of 3DS
When applying 3DS strategically and intelligently, merchants can gain a variety of benefits, including:
- Increased risk tolerance: Merchants can increase risk approval rates on high-risk transactions by applying 3DS to provide additional confidence in the customer’s identity.
- Reduce fraud liability: By strategically applying 3DS, merchants can shift liability for high-risk transactions to minimize chargeback costs and protect from first-party fraud.
- Increase authorization rates: By leveraging 3DS data-only for issuers that use the data in their risk models, merchants can increase their bank authorization rates.
- Comply with regulation: If a merchant sells in one of the many regions around the world that require 3DS (Europe, India, Australia, Japan, etc.), they will need to have a 3DS strategy in order to do business online.
Jeff Hallenbeck currently serves as the Global Head of Payments for Forter, where he is focused on building unique payment products and partnerships on behalf of Forter customers with a goal of connecting the right data points with issuing banks to maximize approvals and eliminate fraud from the ecosystem.