Published: January 16, 2024
Reading time: 3 minute read
Written by: Forter Team

The holiday season poses unique challenges for fraud teams as consumers purchase items or ship to addresses outside their standard patterns while shopping for friends and family. For example:

“This year, my wife went to buy me a holiday gift from one of my favorite retailers. When she went to check out, she was prompted for 3DS authentication. The problem is that I’m the main account holder on that payment card, so it was my phone that was prompted for authentication — ruining the surprise of the gift and causing inconvenience for my wife, who had to text me for the code. She will no longer shop from this retailer when purchasing gifts for me.”

Although 3DS is an important tool for verifying a customer’s identity, merchants often overlook a customer’s identity and past behavior – wrongly assuming that those who do not successfully complete a 3DS challenge are fraudsters. Often, however, these 3DS failures are, in fact, legitimate customers who simply struggled to complete 3DS step-up challenges successfully. 

For context, let’s look at consumers in the UK and Europe, given they have become accustomed to 3DS since PSD2 came into effect. Despite this familiarity, 3DS is still difficult for some customers to manage. An alarming 19%, 20%, and 25% of 3DS attempts fail in the UK, Germany, and Italy, respectively. 

As a result, any blanket 3DS strategy will not only stop fraudsters but also negatively impact good, legitimate customers. This 3DS friction for good customers may result in them taking their dollars to a retailer without checkout friction or changing their mind on the purchase altogether. 

Here are a few additional examples from the holiday season showing how a blanket 3DS approach resulted in friction for good customers:  

  • “My parents’ house is notorious for having terrible SMS reception. They shop online for gifts during the holiday season and actively avoid merchants where they have been prompted for a 3DS authentication in the past because they can never get the OTP in time”. 
  • “My bank requires me to call their customer service whenever I’m prompted for 3DS authentication. This is a big pain for me, as it requires multiple steps to complete the purchase. It can be quicker for me to find another retailer who doesn’t prompt me for 3DS than waiting on hold with my bank just to approve a purchase.”

3DS is a powerful tool to shift liability and minimize risk, but merchants should consider the customer cohorts when implementing. Any blanket 3DS strategy will cause friction for good customers – which can significantly impact merchants’ bottom line. 

It’s vital for merchants to consider their customer’s identity as part of their 3DS strategy to deliver an excellent customer experience while protecting their business from fraud. 

How to Leverage 3DS with the Customer Experience in Mind

To use 3DS effectively, merchants must move away from a blanket approach. Instead, they must consider which users can successfully complete the 3DS flow and which users have difficulty — and ensure that no one in the latter group is sent to 3DS. 

With the right 3DS approach, consumers can gain a custom experience based on their identity, allowing merchants to benefit from the best of both worlds. For riskier identities, merchants should rely on 3DS to gather additional insights that enable them to approve more transactions and convert more customers. And for good, legitimate customers, merchants can remove friction and increase customer satisfaction while improving conversions. 



Jeff Hallenbeck currently serves as the Global Head of Payments for Forter, where he is focused on building unique payment products and partnerships on behalf of Forter customers with a goal of connecting the right data points with issuing banks to maximize approvals and eliminate fraud from the ecosystem.

3 minute read