A "3DS password" isn't the standard or current term used for the authentication methods in 3D Secure (3DS). While historically some early versions of 3DS relied on static passwords, the system has evolved significantly to use more dynamic and secure verification methods.
Understanding 3D Secure (3DS)
Based on the provided information, 3D Secure (3DS) is an authentication method that provides an additional layer of authentication for credit card transactions, protecting against fraudulent actors. Its core purpose is to ask your customers to verify their identity with the card issuer during payment.
This verification step adds security by ensuring the person using the card online is indeed the legitimate cardholder.
The Evolution of 3DS Verification
In the early days, schemes like "Verified by Visa" or "Mastercard SecureCode" often required customers to set up and enter a static password during online checkout. This is likely where the term "3DS password" originated for some users.
However, relying on static passwords proved to have drawbacks, sometimes causing friction in the checkout process or being susceptible to phishing.
Modern 3DS Authentication (3DS2)
The latest version, known as 3D Secure 2 (3DS2), employs a more sophisticated, risk-based approach. Instead of always asking for a password, it analyzes transaction data to assess the risk level.
Verification in modern 3DS typically involves methods beyond a simple password, such as:
- One-Time Passcodes (OTPs): A unique code sent to the cardholder's registered mobile phone or email, which they must enter to complete the transaction.
- Biometric Authentication: Verification through fingerprint or facial recognition via the cardholder's banking app on their smartphone.
- In-app Bank Verification: A push notification sent to the cardholder's banking app, requiring them to approve the transaction within the app.
- Knowledge-Based Authentication (KBA): Asking security questions the cardholder has previously set up with their bank (less common now).
Summary of Verification Methods
| Method Type | Description | Usage in 3DS |
|---|---|---|
| Static Password | Pre-set password created by the cardholder. | Less common in modern 3DS2. |
| Dynamic Methods | OTPs, Biometrics, App Approval – temporary, risk-based verification factors. | Predominant in modern 3DS2. |
In conclusion, while "3DS password" might refer to the static passwords used in older versions of 3D Secure, the modern system (3DS2) prioritizes dynamic and more secure methods to verify a customer's identity with their card issuer during online payments, aligning with the core function of 3DS as an additional authentication layer.
