The content of this article is provided for informational purposes only. You should always obtain independent business, tax, financial, and legal advice before making any business decision.
3D Secure (3DS) was introduced in the early 2000s as a groundbreaking payment authentication protocol to combat online fraud. Developed by EMVCo in collaboration with credit card networks like Visa and Mastercard, 3DS adds an extra layer of identity verification during ecommerce transactions, typically through two-factor authentication (2FA).
When 3DS is successfully applied to a transaction, the Issuer is responsible for verifying and authenticating the transactions. If the Issuer authenticates the 3DS transaction and it results in fraud, liability will be absorbed by the Issuer. If 3DS is not successfully applied to a transaction and fraud occurs, the merchant is responsible for any loss and fees.
As of August 2025:
While not required, the following countries do require additional customer authentication which are similar to SCA requirements:
Fast forward to 2025, 3DS has proven to be a powerful tool in mitigating fraudulent online activity in the UK and EEA. Recent data demonstrates that 3DS has successfully reduced $13.2 billion in fraudulent volume year-to-date. With ecommerce landscapes experiencing heightened threats, 3DS plays an instrumental role in safeguarding transactions worldwide.
That said, this enhanced security can come with trade-offs, especially in the US. Some shoppers can find the authentication process cumbersome, which can lead to cart abandonment . To address these concerns, 3DS 2.0 was introduced, offering streamlined authentication methods and frictionless experiences for trusted customers.
Even so, Issuers decision US 3DS volumes compared to their EEA counterparts. On average, when sending 3DS traffic to US Issuers, PayPal saw:
Increased Fraud Declines:
Increased Issuer Declines:
The right approach depends on your business model and strategy. Some merchants may prioritize the protection that comes with issuer liability shift, while others may focus on keeping checkout as frictionless as possible or having more customization over fraud rules. The table below compares PayPal’s fraud and authorization tools, highlighting the capabilities they share and the unique benefits each provides.
What it does: AI driven Chargeback Protection decisions risk on your behalf with full authorization and dispute reporting visibility via a merchant dashboard. Similar to 3DS, as PayPal is decisioning the risk if any disputes or chargebacks do result, PayPal will waive fees up to a % of monthly transaction volume.
How it works: PayPal’s AI driven fraud intelligence and mitigation tools use digital identifiers to recognize customers and decades of learnings from suspected fraud events across its dual sided network to decision risk. No filter management or manual trend analysis required. Instead, your teams can focus on growing your business and serving customers.
Learn More: https://www.paypal.com/us/cshelp/article/what-is-chargeback-protection-help608