Authentication

Improving Authentication in your Payment Flow

in the 3d secure 2 payment flow, the issuer will make a decision on whether they have enough authentication data to proceed with the transaction, or if they require the cardholder to further authenticate the transaction with additional strong customer authentication (sca) checks the authentication request gathers the device and card details depending on the authentication data that is being sent, t he response will determine whether the consumer is challenged for additional information the consumer is not challenged , the authentication is successful and the transaction continues maximise the frictionless flow to leverage the authentication data sent in your payment flow and maximise the chances of your consumers experiencing a frictionless payment, see below data points ensure that you’re collecting and sending all of the recommended data points this includes how 3d secure works docid\ nnhsdt3gbi4j2lntgnikc browser ip address t ransaction history c ustomer behaviour as 3d secure continues to evolve, updates are often made to the types of data points that need to be sent with every transaction keeping up to date with these changes can lead to higher approval rates and a better customer experience for more details on the mandatory data points, see how 3d secure works docid\ nnhsdt3gbi4j2lntgnikc recommended fields it is recommended to send the following parameters in every 3d secure authentication request cardholdername emailaddress mobilenumber exempt transactions merchants can request specific customer initiated transactions (cit)s be exempt from strong customer authentication (emv 3d secure) this has the benefit of reducing friction for your customers and related checkout drop outs judopay will not currently automatically apply for transaction exemptions on behalf of the merchant for more information on the available exemptions, see exemptions to sca docid\ saseq4ppwbnsjt if 0kx best practices f ollow these best practices, to ensure that your 3d secure 2 implementation will be both effective and customer friendly step up authentication if an issuer is unsure whether a transaction is legitimate, a transaction may be soft declined to tackle this and improve approval rates, one feature you can benefit from is step up authentication with step up authentication, if a transaction is soft declined the customer can be prompted to provide additional information such as an otp this sends additional data to the issuer to help prove that the cardholder is legitimate, allowing the transaction to proceed successfully tips for step up authentication offer multiple authentication methods provide customers with a variety of authentication options, such as sms, otp etc this flexibility ensures that customers can complete the authentication in a way that is most convenient for them optimise the step up flow ensure that the step up flow is as seamless as possible this means optimising the ui for mobile devices, reducing load times, and providing clear instructions to the customer optimise for mobile with the rise of mobile and app commerce, it is critical that your 3ds2 flow is optimised for mobile devices this isn’t just about making sure that your payment page is responsive, it is ensuring that the entire authentication flow is smooth and user friendly on smaller screens considerations for mobile optimisations include in app authentication do you have a mobile app? consider implementing in app 3ds2 authentication this approach keeps the customer within the app during the authentication process, reducing the risk of drop off test across multiple devices ensure that the 3ds2 flow works smoothly across a wide range of devices and operating systems monitor and optimise performance it is crucial to continuously monitor performance and make updates as and when needed tips for optimising your 3ds2 flow include monitoring approval rates keeping an eye on your approval rates will be a key indicator if your flow is working well or needs adjusting a / b testing it can be tricky to find that balance between security and user experience a / b testing can help determine which authentication methods and flows give the best conversion rates while keeping your transactions secure stay compliant with regulations regulations regarding online payments and customer authentication are regularly updated, and can vary region by region to remain compliant understand local requirements ensure that your 3ds2 implementation meets the specific requirements of the regions where your business is operating update, as and when, regulations evolve it is important to stay informed and update your flows accordingly work with a payment provider that will keep you up to date with regulatory changes and ensure that you stay compliant