3D Secure

Rules Manageranchor

Introducing the 3D Secure Rules Manageranchor

To further enhance 3DS2, Braintree now offers merchants 3D Secure Rules Manager, a built-in offering that enables deep customization of when and how to invoke 3DS. With 3D Secure Rules Manager, merchants can create business specific rules for when and how 3DS is invoked directly from the Braintree Control Panel.

3D Secure Rules Manager gives merchants the flexibility to customize when they want to skip or apply 3D Secure and apply business-specific rules. Merchants can use 3D Secure Rules Manager to:

  • Take advantage of chargeback liability shift, especially in markets like the UK and Ireland where frictionless 3DS is more broadly supported by issuers
  • Apply SCA exemptions as much as possible, such as in markets like France or Denmark with lower issuer coverage
  • Enable 3DS globally (i.e. beyond EEA) for certain transactions, like for high-value items
  • Apply 3DS based on issuing country, device channel, BIN range etc

3D Secure Rules Manager does not require any developer work to set up once integrated with Braintree 3DS 2.

Learn more about how 3D Secure Rules Manager works

Value to Merchants and Consumersanchor

3DS2 enables a more frictionless checkout experience compared to 3DS1. By using device and browser data to make authentication decisions behind the scenes, 3DS2 helps protect customers and merchants without interrupting the checkout flow, and may help to reduce card abandonment.

3D Secure Rules Manager can help merchants optimize 3D Secure for their specific business needs. For example, merchants who sell affordable products at a high volume might want to maximize the amount of frictionless transactions, while a merchant with higher ticket items might prefer to maximize liability shift and will present 3D Secure challenges as often as possible. With this capability, merchants can customize their 3DS behavior without any additional development work.

3DS2 provides merchants and their customers with the following:

  • Shift chargeback liability for eligible transactions: using 3DS provides merchants with a chargeback liability shift, meaning that issuers may be responsible for any fraudulent transactions that do occur
  • Simplify Strong Customer Authentication (SCA) requirements: 3DS2 meets the EU’s PSD2 / SCA requirements, helping merchants stay in compliance
  • Help boost authorization rates: Issuers may approve more transactions when using 3DS, helping drive approval rates
  • Reduce cart abandonment: 3DS2 works behind the scenes and provides a more frictionless experience, keeping customers at checkout, potentially reducing the chance for cart abandonment
  • Streamline mobile checkout: 3DS2 offers native SDKs for iOS and Android, helping merchants create an uninterrupted mobile checkout experience

Additionally, 3D Secure Rules Manager can enhance the value added to merchants, including:

  • Customize 3DS: With 3D Secure Rules Manager, merchants can customize how 3DS or exemptions are invoked through rules based on their individual needs, geography/region, card type, ASP ranges, BIN ranges, and more
  • Create and modify 3DS rules: merchants can create, modify, or remove rules through the Braintree Control Panel UI, removing the need to code rules in the back end, helping reduce engineering effort and leading to a more optimized checkout experience for customers
  • Take advantage of exemptions: 3D Secure Rules Manager helps merchants take a nuanced approach to 3DS to offer a more seamless checkout experience to their customers while maintaining a compliant approach

How 3D Secure Rules Manager Worksanchor

3D Secure Rules Manager is automatically enabled for all merchants in both Sandbox and Production.

Merchants can create rulesets with multiple rules, then assign priority to each rule. A ruleset may be associated with one or more merchant accounts. Each merchant account can be associated with only one ruleset. The merchant accounts associated ruleset will be automatically evaluated during verifyCard.

  1. Log in to the Control Panel
  2. Click on the gear icon in the top right corner
  3. Click Fraud Management from the drop-down menu
  4. Next to 3D Secure Rules, click the Options link

Rulesetsanchor

3D Secure Rulesets are a set of rules that can be applied to merchant accounts. We recommend creating rulesets based on the geographical region. Nevertheless, it's important to note that this is not the only method of grouping rules within a ruleset and can be adjusted to align with your specific requirements. Rulesets will help merchants stay organized with their 3D Secure rules. Rulesets can have multiple rules assigned.

Creating Rulesetsanchor

  1. Log in to the Control Panel
  2. Click on the gear icon in the top right corner
  3. Click Fraud Management from the drop-down menu
  4. Next to 3D Secure Rules, click the Options link
  5. Click the New Ruleset button
  6. Fill in the Name field with your desired criteria
  7. Click the Save button
3DS Rulesets

Rulesanchor

3D Secure Rules are the prescribed instructions you choose to apply that define how 3DS is applied to specific transactions scenarios related to Country, Transaction Amount, and more.

Creating Rulesanchor

  1. Log in to the Control Panel
  2. Click on the gear icon in the top right corner
  3. Click Fraud Management from the drop-down menu
  4. Next to 3D Secure Rules, click the Options link
  5. Click on the name of the Ruleset you’d like to add the Rule to
  6. Click the New Rule button
  7. Fill in the fields with your desired criteria
  8. Click the Save button
3DS Rules

If multiple rules are matched for a given transaction, the higher priority rule will be applied, and other rules will be ignored. We recommend that merchants consistently monitor and adjust their rules based on transaction activity, performance, and industry trends.

If the request parameters challenge_requested or requested_exemption_type are provided during verifyCard then it will override any matched rule.

Prioritizing Rulesanchor

  1. Log in to the Control Panel
  2. Click on the gear icon in the top right corner
  3. Click Fraud Management from the drop-down menu
  4. Next to 3D Secure Rules, click the Options link
  5. Click on the name of the ruleset that you’d like to adjust
  6. Drag any rule up or down the list
  7. Click the Save Rule Priority button

Rule Criteriaanchor

You can define the following rule criteria for each 3DS rule:

  • Action
  • Transaction Amount
  • Payment Method Type
  • Issuer Countries
  • Card BIN Range
  • Client Platform
  • Rule Name

Available Actionsanchor

  • Apply 3DS: Always trigger 3DS authentication, even when exemptions are possible. This can trigger both friction and frictionless challenges.
  • Apply 3DS and request a challenge: Always trigger 3DS authentication and request an 3DS challenge. The act of requesting a challenge does not guarantee that the customer will actually get it, as the decision to present a challenge is controlled by the issuing bank.
  • Apply Low Value exemption: Request to bypass 3DS for low-value transactions (transactions below 30 EUR or GBP). Merchants will not get a liability shift if the exemption is granted.
  • Apply Transaction Risk Analysis exemption: Request to bypass 3DS with TRA exemption. Merchants will not get a liability shift if the exemption is granted. Note: Merchants must qualify with TRA. Contact us for more details.
  • Skip 3DS wherever applicable: Does not apply 3DS authentication for transactions outside of PSD2 region. In a regulated market (PSD2), this setting has no effect and 3DS will still occur. When 3DS is skipped, the merchant will not get the benefits of 3DS such as liability shift.

Conditionsanchor

  • Amount (range or greater/less): Apply rules based on the transaction amount, either within a range or greater/less than a specified value.
  • Payment Method Type: Apply rules to specific payment method types (e.g., credit card, debit card, prepaid debit, prepaid credit etc.).
  • Card Country of Issuance: Apply rules according to the cardholder's country of issuance. You can select multiple issuing countries per rule.
  • Card BIN Range: Apply rules based on the Bank Identification Number (BIN) range of the card.
  • Client platform: Apply rules based on whether the requests are coming from iOS, Android or Web

Custom Fieldsanchor

3D Secure Rules Manager provides several fields that can be used to build conditional filters. However, you may have a specific set of fields pertaining to your business that you want to use in certain scenarios to optimize 3D Secure. Using Custom Fields, you can add such specific fields to the tool and then use them in building filter conditions.

3D Secure Rules Manager allows you to set 3D Secure Rules on your predefined custom fields within the Braintree Control Panel. When the fields you pass in the verifyCard call align with the custom fields defined in the 3D Secure Rules manager, the rules will be triggered.

Assigning Merchant Accounts to Rulesetsanchor

  1. Log in to the Control Panel
  2. Click on the gear icon in the top right corner
  3. Click Fraud Management from the drop-down menu
  4. Next to 3D Secure Rules, click the Options link
  5. Click Assign Merchant Accounts to 3DS Rulesets
  6. Drag merchants accounts (right) to the appropriate ruleset (left) to assign the account to the ruleset
3DS Rulesets Assignment

Example 3D Secure Rulesets for Business Objectivesanchor

Example 1anchor

Business Objective: To capture more revenue and less cart abandonment, you want to generate higher conversion. This may help you get a higher conversion trading off liability shift as SCA exemption will not give you liability shift.

Example Rules:

  1. Request Low Value on all transactions below $30 EUR
  2. Request TRA for all transactions between $30 and $250 EUR
  3. Skip 3DS wherever applicable.

Expected Outcome: Higher revenue with less 3D Secure friction

Example 2anchor

Business Objective: To balance high approval rates and chargebacks, you want to optimize conversion and liability shift.

Example Rules:

  1. Request Low Value on all transactions below $30 EUR
  2. Apply 3DS in UK and IE for transactions between $30 and $250 EUR
  3. Request TRA in all markets for transactions between $30 and $250
  4. Apply 3DS on transactions above $250

Expected Outcome: Higher revenue by optimizing frictionless 3D Secure and optimized chargeback protection

Example 3anchor

Business Objective: Your primary goal is to protect your business from chargebacks, so you want to maximize liability shift.

Example Rules:

  1. Request Low Value on all transactions below $30 EUR
  2. Apply 3DS on transactions above $30

Expected Outcome: Liability shift on all transactions over 30 EUR and decreased chargeback liability

Maintaining your Rulesanchor

As the industry evolves and changes, you may want to modify your rules to achieve your goals related to 3D Secure. It is recommended to monitor your rules and adjust accordingly.