3-D Secure for Payflow

Last updated: Sept 18th, 6:58pm

3-D Secure, also known as a payer authentication, is a security protocol created by Visa and Mastercard to help prevent online credit and debit card fraud. Payer authentication is based on the following three-domain (3-D) model:

  • The issuer domain— (Card Issuers and Cardholders): Card issuers enroll and activate cardholder accounts to participate in the buyer authentication programs. The card issuer is responsible for authenticating the cardholder during the checkout process.
  • The acquirer domain— (Acquirers and Merchants): Merchants communicate with Payflow to initiate the authentication process. Once authentication is completed, the authentication data is appended to the financial transaction sent to the gateway or processor.
  • The interoperability domain— (Allows the Issuer Domain to interoperate with the Acquirer Domain): Payflow communicates with the various directory servers to facilitate communication between cardholder and issuer. Once the cardholder is redirected to the card issuer's authentication site, the cardholder is prompted for authentication credentials.

Payflow supports the following 3-D Secure protocols:

  • Visa Secure
  • Mastercard SecureCode
  • American Express SafeKey
  • Discover ProtectBuy, which includes JCB cards

3-D Secure authentication options with Payflow

Using Payflow, you can authenticate cardholders with the 3-D Secure protocol in one of two ways:

  • Enable the Payflow Buyer Authentication service— Recommended for a simpler integration.

  • Use a 3rd-Party Merchant Plug-in (MPI)— Requires you to collect authentication data using an MPI and passing that information to Payflow.

We’ll use cookies to improve and customize your experience if you continue to browse. Is it OK if we also use cookies to show you personalized ads? Learn more and manage your cookies