Meet us at Stand L32 at the Business Travel Show Europe 2024, ExCeL London, 19-20 June .

3D Secure 2 era:
Advanced authentication and reduced fraud

To get access to secure payment acceptance, apply to a partnership with the payment system exactly® and start accepting online orders in a variety of local and worldwide popular currencies with strengthened protection.
Our security policies comply with obligatory European requirements and even provide extra protection.
Apply now

Security updates

Your transactions are now protected even stronger. Further — the updated security provisioned by PSD2.
What is improved in the security of exactly® processed transactions:
3D Secure 2
Full PSD2 compliance
Strong customer authentication

Protection of the transactions with 3D Secure 2

3D Secure 2 is an updated version of the 3DS protocol which is now tailored according to the needs of nowadays users and businesses.

It leaves room for future payment methods to develop and fit in — it anticipates the future ways of buyers to authenticate their personas and reduce fraud.

It provides:
Improved data use and exchange
Easier fraud detection and prevention

Payment flow of your client

With 3DS
With 3DS2
Pop-up window
Seamless payment flow step
Often dubious, subject of ad block apps
Frictionless, single design
Payment info
Amount, recepient
Goods, prices for each, discount amount, shipping cost, total sum, recepient name and more
Data about the client, received by the issuer
Card details
Location, authentication of the cardholder, card details, and more
Mobile-friendly interface
Soft-decline recognition
Merchant-initiated transactions support
Not supported

Strong customer authentication

SCA is one of the PSD2 requirements for the payment service providers within the EEA to meet the rules set by the EBA.

It ensures electronic payments to be completed only after the successful multi-factor authentication to increase the overall security level of online payments.

Something you have
Something you know
Something you are

SCA elements explained

SCA compliance is a requirement of PSD2, which provisions building an additional authentication to implement to the payment flow.

It’s a combination of at least two out of three possible elements to authenticate a payment which are:
  • OTP

    Device confirmed by one-time-password generated or received on a particular device (token, SMS).

  • Token

    Device confirmed by a signature generated on a device (soft- or hardware token).

  • QR code

    Card or device confirmed by an external device-scanned QR code.

  • Device binding

    Application or browser with possession by the device binding — via a security chip or private key, etc.

  • Card reader

    Card confirmed by a card reader.

  • CSC

    Card with possession confirmed by a dynamic card security code.

Memorized swiping path
Knowledge–based challenge questions
Fingerprint scan
Voice recognition
Vein recognition
Hand & face recognition
Retina & iris scan
Keystroke dynamics
Heart rate or body movements pattern from wearables

Payment Services Directive

PSD2 is an abbreviation for the second edition of The Payment Services Directive, which is the latest version of guidelines regulating the electronic payment service providers in the European Union (EU) and European Economic Area (EEA).

It is a set of rules and laws, provisioning the payment industry's operation created to make European transactions more protected, boost innovations and help banks and financial services adopt the latest technologies.

Protect businesses and individuals from fraud.
Improve the operation rules for money-related service providers and equalise overall conditions.
Ensure transactions are secured.
Increase the efficiency of the European payments market.

All of the above security changes and improvements are made to comply with the updated directive.

Your benefits with the new security:
We use cookies and other tracking technologies to improve your browsing experience on our website, to show you personalised content and targeted ads, to analyse our website traffic, and to understand where our visitors are coming from. More info: Cookie Policy.