Difference between 3DSecure attempted and 3DSecure
3DSecure attempted - Card is not enrolled, 3DSecure was applied
3DSecure - Card is enrolled, 3DSecure was applied
See more here on ECI Flag values and meanings
Issuing banks may or may not enroll their customers' cards for 3DSecure.
Either way, our systems will process an initial once-off transaction through 3DSecure (if no tokenisation or card storage enabled).
We can configure a setting for fully authenticated 3DSecure, so that only cards that are enrolled are processed on your profile.
A few points to note if we implement this :
- Many legitimate cards are not enrolled for 3DSecure ; If we enable this setting these transactions will also be declined and this will affect your conversion rate.
- Even if a card is not enrolled, it will go through 3DSecure all the same. If the transaction is fraudulent, you will still benefit from the liability shift because 3DS was applied
- You can blacklist any card on your side by clicking on the transaction, adding to blacklist and selecting a reason.