EMV 3DS Bridging Message Extension for 2.3.1
EMVCo Updates EMV® 3DS Specifications to Help Issuers and Merchants Combat Growing CNP Fraud Risks
EMV 3DS version 2.3.1 introduces new data and features to streamline consumer authentication and enhance card-not-present (CNP) fraud prevention
29 September 2022 – Global technical body EMVCo has released an update to the EMV® 3-D Secure (3DS) Specifications to help issuers and merchants combat growing card-not-present (CNP) fraud risks. EMV 3DS 2.3.1 builds on earlier versions of the specifications with new data elements and flows that streamline consumer authentication and enhance card-not-present (CNP) fraud prevention. To maximise efficiencies and continue to promote a seamless payment experience, EMV 3DS 2.3.1 is effective immediately and replaces EMV 3DS 2.3.0.
Key enhancements in EMV 3DS 2.3.1 include:
- New data elements to support Secure Payment Confirmation (SPC), that issuers and merchants can use within the EMV 3DS flow to better determine the legitimacy of a transaction in order to reduce the risk of fraud.
- New data elements to support out-of-band (OOB) authentication, which offers a simpler, easier-to-use way for consumers to confirm a transaction when an authentication method through a separate channel is required.
- User interface (UI) enhancements to enrich the user experience and additional features to improve the functionality of server components.
- New data elements and flows to enhance the options for the challenge process, an additional authentication step required for higher risk transactions.
EMVCo has also developed an EMV 3DS Bridging Message Extension that enables current 2.1 and 2.2 products to utilise selected features introduced in version 2.3.1.
Rich data and flexible authentication methods can help issuers and merchants better determine the legitimacy of a transaction, reduce the risk of fraud and improve the payment experience for consumers. EMV 3DS 2.3.1 brings further collaboration with FIDO Alliance and the World Wide Web Consortium (W3C), to further enhance the EMV 3DS Specifications to help issuers and merchants mitigate card-not-present (CNP) fraud and increase the security of online payments.
Endeavour is one of the very first companies to have already completed the Version 2.3.1 certification. While this version will not be supported by the payments ecosystem for a few more years yet, Endeavour is now supporting the Bridging Message Extension to bring the benefits of the new specification earlier.
Be in the know
Industry news, events and major releases.
Let's talk payments in Amsterdam!
Visa Token Service, a new security technology from Visa, replaces sensitive account information, such as the 16-digit account number, with a unique digital identifier called a token. The token allows payments to be processed without exposing the actual account details that could potentially be compromised.
The Visa Digital Authentication Framework (DAF) Program brings frictionless authentication, enhanced customer experience and higher transaction security.
