One of the advantages of version 2 of EMV 3-D Secure is the enhanced nature of checks performed in real time during the checkout process, allowing the card issuer to determine with greater certainty whether not a given transaction poses a risk of fraud. Because of this, most legitimate transactions are correctly determined to be safe to proceed without prompting the customer to verify their identity. For this reason, scenarios in which the customer can complete payment without interruption from 3-D Secure processes are often referred to as “frictionless”.
When EMV 3-D Secure checks raise doubts over the customer’s intentions during a payment session, they may be asked to perform additional steps to verify their identity. This may involve the customer entering a pre-assigned PIN or password, using biometric security (i.e. fingerprint or facial recognition) or performing two-factor authentication (prompting the customer to enter a code sent to another device they own). The term “step-up” is used to highlight how security measures are heightened in situations where the card issuer suspects the customer’s account presents a higher risk of fraud.
|Term URL (termurl)||
When integrating using our Android or iOS SDK, the termurl is required in the JWT payload in order for 3-D Secure authentication to be performed. This URL is used to instruct the card issuer where to send the customer’s browser after they have been authenticated on the card issuer’s ACS.
Have more questions? Submit a request