A 3D payment gateway is a service that allows merchants to integrate 3D Secure enabled credit cards into e-commerce transactions. It’s not the same as an SSL certificate since it provides more than just encryption, but rather a full complement of services all rolled up into one package.
3D Secure is the global standard for online authentication. It is a multifactor authentication program that ties together an online merchant and a customer’s credit card.
All 3D Payment Gateways include:
The gateway is the part of the 3D Secure standard that allows merchants to enable customers to securely pay for goods or services online using their online banking password. This password is referred to as a “3D Password”, because it consists of three parts: something you know, something you have and something you are.
The “something you know” component is your usual password. The “something you have” part is a Verified by Visa or Mastercard SecureCode electronic token, which can be something you carry on your keychain or an electronic device such as a mobile phone. Lastly, the “something you are” component of 3D Secure is biometrics:
Merchants can choose which of these methods they wish to support on their sites, but all products must offer at least one secure authentication method when using the 3D Secure standard. Customers also have the option to use none of these methods if they prefer not to do so.
3D Secure adds a significant level of security to online payments. It is estimated that fraud losses with 3D Secure averaged around 10 percent in 2005, compared to losses from non-3DS transactions running at about 30 percent. This is because merchants check the customer’s identity before processing payment and the card issuer has a better opportunity to detect fraud.