What are our financial and technological news?

Banking services
November 3, 2023

3D Secure: Everything You Need to Know

To meet the security requirements imposed by the second European Payment Services Directive (PSD2), the authentication of your payments made online with your credit card has been hardened. As simple authentication by sending a code by SMS has proven insufficient over time, your online payments must be authenticated by first receiving a one-time code by SMS and second entering a password.

What is 3D Secure?

3D Secure is a technology used to secure online payments made by credit card.

Faced with the resurgence of fraud on the Internet, 3D Secure will serve as a shield against potential attacks on bank cards, requiring the issuer of the card to perform an additional control with customers at the time of payment.

The customer will be directed to his Web Banking, where he will have to confirm the operation by entering a password.

How Does This System Work?

The term 3D highlights, in this context, the three areas of consumer protection when making an online purchase:

  1. At the origin of the transaction, for the benefit of the card issuer;
  2. During the operation, by ring-fencing the interoperability phase between the customer's and the seller's systems;
  3. At the end of the transaction, by securing the bank and the merchant to whom the funds are paid.

Matter-of-factly, when you want to buy a product online, the 3D Secure System will ensure your legitimacy to use your credit card by nesting two controls.  You will first be redirected to an authentication page that will ask for your PIN. At the same time, your bank will generate and send a one-time password (OTP) that you, as the cardholder, will need to enter in order to validate the transaction.


The 3D Secure system was created by Visa and MasterCard and introduced in France in 2008. At launch, it was a mere personal information requested from the customer to validate a transaction, such as his date of birth or the name of his pet.

As this technique has obvious security flaws, a first evolution was to authenticate the customer by sending a text message containing a one-time code.

As an answer to multiple online frauds, a strengthening of the European directive on payment services requires since May 15, 2021 the combination of two authentications to validate a transaction. The single-use code has been replaced by a more robust security feature, implemented for all payments over 30 euros.

And in the Case of a Dispute?

Purchases made with 3D Secure are therefore subject to a transfer of responsibility, i.e. if you dispute a payment because you consider it fraudulent, you, as the cardholder, will not be held responsible. This responsibility will be borne by your bank as the issuer of the card, on the grounds of a lack of sufficient consumer protection.

In other words, in the event of an undue debit from your bank account due to the absence of a strong authentication system set up by your bank, you will suffer no financial consequences. However, you must inform your bank of this dispute immediately. The judge nevertheless provided for a maximum period of 13 months after the debit for neglectful persons. The bank will have to reimburse the amount without delay and then launch its investigations.

Always More Cautious in the Face of Fraud

In a context where cyberattacks and phishing attempts are increasingly present, 3D Secure is a safer way to protect your money.

However, hacking and inventiveness often go hand in hand and fraudulent emails flourish, some of them even bearing the mention "Verified by Visa".

Please note that your bank will never ask you to provide your 3D Secure PIN for any reason.

How to detect them?  Carefully scrutinize the complete email address, not limited to the simple name of the sender. A single deviation character identifies a fake. Track any spelling mistake, also common in this type of email.

What to do?  First, do not respond or share any information, neither your PIN nor any other data. Do not click on the links provided with such emails. Alert your bank.


If you live in France you can report the violation on : https://www.service-public.fr/particuliers/vosdroits/N31138.

In this case, remember to keep the evidence, especially the "phishing" message received.

To be quickly advised in case of hacking, dial 0 805 805 817, toll-free number in France.

Is 3D Secure Available on all Sites?

More and more merchants are using the 3D Secure system to protect online purchases. However, some platforms do not yet integrate it.

To be sure that the site on which you wish to place an order is compatible with this security standard, look for the following logos: "Verified by VISA", "CB Secure Payment" or "MasterCard SecureCode".

Activate 3D Secure with OlkyPay

At OlkyPay, we are uncompromising when it comes to the security of our customers' payment methods. That's why we decided to include this service in our MasterCard offer for free.

To take advantage of it, you must register your card on the 3D Secure portal: https://OlkyPay.portal.worldline-solutions.com/OlkyPay/

Doing so, wherever you are, your credit card will always be protected!