3D Secure 2.0
3D Secure 2.0 is a security protocol that provides an additional layer of protection for electronic payments.
The protocol is part of the Strong Customer Authentication (SCA) regulations and standards, which mandate additional authentication steps for electronic transactions.
3D Secure is designed to verify cardholder identity to help prevent fraudulent activity and increase the security of online payments— making it a crucial tool for merchants, issuers, and consumers to reduce fraud and build trust in electronic payments. While 3D Secure is widely supported by payment providers and is obligatory for electronic transactions within the European Economic Area (EEA), more countries outside the EEA choose to adopt the protocol as well.
PayU supports multiple 3D Secure authentication flows, as listed below.
Which Flow to Choose
The flow you choose depends on your provider. To see whether your provider supports a specific flow type, first find the provider
you’re integrated with (you can sort by Transaction Type Cards
and then filter by Features
followed by the relevant flow name to see only those providers supporting the specific flow).
Topics in this Section
The PaymentsOS-handled Flow is a single-call Internal flow that allows you to perform 3D Secure authentication within your API request. This flow automates the authentication process for you, according to rules that you pre-configure in advance via your control center.
The Provider-handled Flow is where the 3D Secure authentication process is handled by the provider you transact against after invoking the API request.
In the Self-handled flow, you must implement the 3D Secure flow logic yourself. There are three types of 3D Secure Self-handled flows: Data Collection, Data Collection and Challege ,and Challenge only flow.
You should implement an external 3D Secure flow if you use an MPI (merchant plug-in) that handles the 3DS authentication for you.
Last modified March 1, 2023