3D Secure Payment Authentication

Fight fraud and stay compliant. Our flexible 3D Secure authentication works across all your acquirers and as part of the Checkout.com platform.

Intelligently increases revenue

Comprehensive authentication optimizations including smart retry logic, protocol versions and data enrichment. All powered by rich, automated machine learning.

Smarter customer experiences

Reduce drop-off with advanced Strong Customer Authentication exemptions. Flag customer experience preferences without impacting liability.

Plug & play or fully custom

Hosted options manage your authentication flow including data collection and compliance. Non-hosted options let you tailor the experience to your needs.

A one-stop authentication shop

Authenticate on Checkout.com transactions only, or consolidate all your authentication traffic into one place with our acquirer-agnostic standalone solution. 

Trusted by leading brands

Proven PSD2 performance 

A multifaceted approach to authentication

No two transactions are the same. Utilize rule setting and our rich machine learning to tackle transaction complexity head-on with smart optimizations that give you the best chance of acceptance.

  • Optimize for all versions of 3D Secure

  • Enhance exemption paths across authentication and authorization

  • Get frictionless authentication flows while still benefiting from liability shifts

  • Identify and act upon changing regulator and scheme preferences

  • Utilize millions of data points to boost acceptance rate

Architected authentication

Keep your customers in the flow

Keep customers happy, by striking the balance between reducing friction and benefiting from liability shift. We’ve got you covered across a broad set of exemptions – from data-sharing-only flows to flagging your customer experience preference to issuers.


Rich SCA exemption support removes the need to authenticate


Data-sharing-only flow support guarantees a frictionless experience


Flag your customer experience preference to issuers without impacting liability shifts


Make use of optional data fields to increase frictionless experience outcomes

Options for every business

Find the right integration

Go standalone to centralize all authentication in one place, or use as part of our advanced payment platform. We offer a range of options for all sales channels and business types.  

See documentation


Streamline your global authentication strategy with our acquirer-agnostic solution. 

One centralized view

Consolidated global reporting 

Customizable non-hosted options

Out-of-the-box hosted options

API, Android, and iOS SDKs available

As part of the Checkout platform 

Start authenticating fast on all your transactions processed by Checkout.com. Just switch on one API field and you're up and running.

Granular data across the payment lifecycle

Intuitive reporting

Out-of-the box hosted options

API, Hosted Payments Page (HPP), Payment Link-ready

Feature-rich 3D Secure offering

Deploy the latest 3D Secure version 2.2 to deliver optimal customer experiences that drive high performance. Future versions – such as 3D Secure 2.3 and beyond – are seamlessly implemented, while previous protocols are supported to give you comprehensive coverage.

Unify user experience across apps

Seamlessly build native mobile experiences across devices and operating systems (Android and iOS) with our Mobile SDK to avoid redirecting your consumers outside of your app.

Authenticate using your preferred credentials

Our flexible solution supports PAN, Tokens, and Network Tokens, whether you’re using external solutions or the Checkout.com tokenization and network token capability.

Authentication for your business model

Different business models demand unique authentication solutions. We support many payment flows for authentication, including regular, recurring, installments, card add, and updates.

Always-on, global authentication

Reliably authenticate 24/7, whatever your transaction volume. Our proprietary technology is built in-house so we can deliver the highest levels of availability and redundancy across the globe.

Supporting marketplaces and payfacs

Authenticate at a business and sub-entity level at scale. Ensure consumer clarity at the invoice level with dynamic billing descriptors.

Build with confidence

Test and validate with ease, making use of extensive testing scenarios with our simulator capability to ensure a smooth launch.

Navigating evolving SCA requirements 

Europe’s Strong Customer Authentication (SCA) requirements are now in force with enhancements like 3D Secure 1 decommissioning underway. Here’s what you need to know:

What is SCA?

A quick snapshot of SCA

SCA is a European standard designed to fight online fraud. For certain transactions using European cards and acquiring, two of the following may need to be present:

  • Something the customer knows (eg., one-time-password)
  • Something the customer has (eg., phone or email)
  • Something the customer is (eg., fingerprint or face recognition)

Exemptions & more

When can SCA be skipped?

Not all transactions need authentication. Some are exempt or do not meet the SCA regulation criteria. As SCA matures, it’s important your payment provider is up to date with changes and issuers’ preferences.

Exempted transactions

Checkout.com offers all exemptions that enable you to skip SCA, such as real-time transaction risk analysis (TRA), low value, trusted beneficiaries, secure corporate payment and more. 

Payment below EUR 30

If the count of transactions is fewer than four and they are under 100 EUR combined, authentication is not required. On the fifth transaction, or if one or all of the four transactions is over 100 EUR, authentication is required. 

Fixed-amount transactions

Ideal for subscription businesses, if the recurring amount is the same every time then only the first transaction needs to be authenticated. Be sure to advise issuers that this is recurring in the transaction message. 

Merchant-initiated transactions (MIT)

Ideal for regular transactions of different amounts. Provided there is agreement from the card holder for future changes of different amounts, authentication is only required on the first transaction. 

Trusted beneficiaries

Leverage the trust of your customers by asking them to “allow” you to skip authentication for their transactions. Share your trustlists with issuers to complete the process.

Mail or telephone orders (MOTO) and corporate cards

Non-digital transactions and lodged payments (e.g., a card used by agents for expenses like travel) are considered out-of-scope for SCA regulation. 

One-leg-in transactions

If either the card used to purchase or the acquiring route is not in an SCA-mandated region, then the transaction is considered out-of-scope for SCA regulation.

Get ready for generation Authentication

Contact us