“3D Secure is about as helpful as a chocolate fire guard.”
Merchant view of 3D Secure, as succinctly expressed on Twitter.
For a number of years, the payments industry has associated 3D Secure with a terrible shopper experience and a corresponding negative impact on conversion rates and revenue. Understandably, this has led to a general reluctance among merchants to adopt the
extra security layer that it offers.
But as is often the case in the payments industry, a one-size-fits-all attitude (use it or don’t) fails to take into account the complexities of the payments landscape, as well as the unique situation of e-commerce players – and for many businesses, this
is an enormous missed opportunity.
A complex set of factors affect 3D Secure success
If you analyze 3D Secure data across different global markets, you actually see that in some markets implementing it across all transactions actually has a positive net effect on conversion. Recent research has shown this to be true in the UK, India, and
Russia, among others.
The “net” part of the last sentence is important, because at first glance, this seems to suggest that a market-by-market approach might help merchants combat fraud and increase conversion. For example, merchants in the UK that implement 3D Secure should
see an average 3% increase in conversion.
But this is simply not the case. Even within the UK, multiple factors affect conversion rates. For example, using 3D Secure on Visa debit cards in the UK increases the conversion rate by an average of almost 8%, but for Visa business credit cards in the
UK it actually decreases conversion by an average of almost 7%.
And since market and card types have such a dramatic effect on 3D Secure, it should come as no surprise that multiple other factors affect conversion rates too.
In particular, 3D Secure’s horrible mobile experience has a significant negative impact on conversion from a mobile device. Other factors include the transaction value (shoppers making small purchases might drop off due to the extra step in the payment process),
time to booking, day of week, time of day, (often these factors are related to sophisticated fraudsters identifying when fraud teams are off work) whether or not someone is a repeat shopper (you don’t want to ask the same customer to go through the 3D Secure
step repeatedly!), and of course risk level.
A Dynamic Approach
These factors are just examples, and your business’s particular situation will vary according to its unique profile of industry, markets, preferred card types, customer payment preferences, mobile/desktop mix, and so on.
With that in mind, merchants are advised to take a dynamic approach to using 3D Secure, which includes the following points:
- Customize your strategy: The first and most important step is to customize which transaction types should be routed through 3D Secure. Take the time to assess the factors are most risky for your particular business situation (see above for a useful
starting point of factors to consider), and consider automating 3D Secure as an extra security layer just for those particular transactions.
- Educate your shoppers: As touched on above, one of the reasons there is such a high drop-off rate on 3D Secure Transactions is that shoppers are concerned it is a security threat. Merchants are advised to proactively educate shoppers on the security
benefits, such as within FAQ sections.
- Regularly re-evaluate: As businesses expand to new markets, accept different card types, and roll out new products, what works today may not necessarily be valid tomorrow. This is also true for attempted fraud, as fraudsters constantly change tactics
in an attempt to beat the system.
Increased Revenue, and Optimized Security
In the near to mid term, it is highly likely there will be increased adoption of 3D Secure due to the support of:
a) card schemes, which will continue to incentivize its use by offering lower interchange fees
b) issuing banks, which are likely to optimize the use of 3D Secure for mobile.
By applying a dynamic approach to 3D Secure now, e-commerce businesses can position themselves to further optimize security and conversion rates. And there’s one more thing. The next time someone complains that it’s as useless as a chocolate fire guard,
you know how to reply!