3D Secure benefits cardholders and merchants by providing an additional layer of verification. During the checkout process, a lookup is performed to determine whether the card is eligible to use 3D Secure. If the lookup determines that the cardholder should authenticate using 3D Secure, the Braintree SDK will display a web page that is provided by the card issuer. This page will verify the cardholder’s identity, which is usually achieved by entering a password.

How it works

In addition to helping fight fraudulent card use, 3D Secure can shift liability for chargebacks due to fraud from the merchant to the card issuer. For example, if the card issuer does not participate in 3D Secure but the card brand supports this extra protection (i.e. Visa or Mastercard), the liability will shift to the card issuer.

Payment flow

On the client side:

  • Generate a client token
  • Render a checkout page to collect customer payment information
  • Verify the credit card amount.
  • If the customer's card is enrolled in a 3D Secure program, the customer will be prompted to authenticate using their bank login credentials

On the server side:

  • If the authentication is completed successfully or none was required, use the returned nonce to create a transaction.

Next: Configuration →

Still have questions?

If you can’t find an answer, contact our Support team.