Creating a safer environment that puts your buyers at ease has increasingly become an essential step in sales.

 It’s no coincidence that Hotmart’s payment system, a company specialized in digital products, uses an exclusive anti-fraud system integrated with three of the largest security systems in the world: CSE Security, PCI-DSS, and 3D Secure, which regulate the major companies that deal with personal data and bank details.

We’re here today to talk about 3D Secure 2 (3DS2), an update of the security system widely used in Europe that has been implemented at Hotmart to offer more protection for your buyers and your digital business.

What is 3D Secure 2.0?

It’s an authentication protocol that enables the exchange of data between the seller, the buyer, and the card issuer providing an additional layer of identity verification. This protocol improves customer experience, assesses risks more accurately during a transaction, and prevents possible fraud. All in a matter of seconds!

3DS2 authentication is an evolution of user data protection, as it helps to reduce bureaucracy in the data verification process. 

It supports current and future innovations, making the authentication process more fluid, as it already accepts several authentication methods such as password, PIN, biometrics, or facial recognition. The process is very simple and intuitive, similar to the one we already use to confirm our identities when accessing our email or social media accounts.

It should be noted that it is not a Hotmart initiative but another alternative for regulatory agencies to confirm the authenticity of buyers’ data and prevent fraud.

To make sure everything is clear, we have prepared a Q&A that will help you better understand how it works:

Factors that may affect authentication requests

Some situations may be recognized as unusual purchasing activities, and the cardholder may be required to pass an authentication process. Some possible risk factors may include: the browser and device used to make the purchase, the number of items purchased, the time of purchase, IP address, etc.

How does this authentication work for subscription products?

For subscription payments, the first transaction may be authenticated by 3DS2, and the next ones will be exempt from verification.

Trial period payments will follow the same logic: the transaction may be authenticated during checkout; in this case, at the end of the trial period, there’s no need for another verification.

Can I choose not to use it?

No. The 3DS2 protocol will be mandatory for everyone who wishes to process transactions with cards issued in Europe.

Each purchase made with a European card may request 3DS2 authentication and, if the checkout page is not enabled to perform it, the card issuer will automatically decline the transaction.

Is there a possibility the authentication will not be requested?

Yes. Payments under €30 are considered low risk and may be exempt from 3DS2 authentication. 

However, the bank may also request it within 24 hours if the buyer repeatedly uses the card for small purchases without authentication, and the sum of the purchases exceeds 100 €.

How do you like this innovation? Tell us what you think in the comments!