What is Decoupled Authentication?

Posted On: Monday, September 13th, 2021

Decoupled Authentication provides a convenient way to get SCA approval with minimum effort by the merchant or the cardholder. Many use cases benefit from higher approval rate and fraud protection.

What is Decoupled Authentication?

A standard transaction using 3DSecure can require an authentication challenge from the cardholder while the cardholder is shopping.

Decoupled authentication occurs when the a transaction takes place without the cardholder being in session with the Merchant either via their Website or Mobile Application. The cardholder may in fact not be present at all.

With Decoupled Authentication a merchant can verify the customer’s identity and authenticate the transaction through a different channel, such as a mobile push notification inside their banking app or by email or any other way the Issuer bank elects to reach out to the cardholder to informed then that there an authentication (or a payment consent) request from a merchant.

Merchants can set a time limit for the authentication to take place. This can vary from a few minutes to 7 days.

When is Decoupled Authentication used?

There are many scenarios where Decoupled Authentication is the best approach. Here are some of them.

Mobile Payments

A mobile app might opt to do a Decoupled Authentication request rather then render the Issuer Bank’s display elements to provide the Challenge inside the app; this is the approach taken currently taken by the 3DS SDK. Decoupled Authentication is simpler, cheaper and enhances the customer experience.

Merchant Initiated Transactions

Merchants conducting Merchant initiated transactions such as card on file payments, recurring or installments may occasionally get a challenge. In these situations, sending a Decoupled Authentication request to the cardholder who is not in session is an elegant way to perform SCA and complete the payment.

Mail Order or Telephony

Decoupled authentication also has great applications for MOTO (Mail Order Telephony)  transactions. It is especially useful to call centers  or businesses taking payments over the phone.

In the past this opened up an element of risk for the cardholder and the merchant and approval rates are traditionally low. Now thanks to decoupled authentication, these types of transactions can be both secure and cardholder verified – driving up approval rates. 

A business taking a payment over the phone such as for reservation can make use of Decoupled Authentication to get SCA Approval from the Cardholder in real time.

Endeavour is driving innovation in 3DSecure. Our goal is to consistently beat the industry benchmarks. If you’re a merchant that wants to increase transaction approval we should talk. Contact is here

Full support for major card brands and banks

Making eCommerce Safe

Be in the know

Industry news, events and major releases.

Important Updates from MasterCard for September 2021
Posted on: Friday 3rd September, 2021

MasterCard Identity Check Updates. 3DS1 Attempts server to be decommissioned on October 5th, 2021. 

Visa Will Discontinue Support of 3-D Secure 1.0.2 in 2022
Posted on: Friday 3rd September, 2021

Effective 15 October 2022, Visa will discontinue support of 3-D Secure 1.0.2 and related technology. Effective 16 October 2021, Visa will continue to support 3DS 1.0.2 transaction processing, including the 3DS 1.0.2 Directory Server (DS), but will stop support of 3DS 1.0.2 Attempts Server.

What’s new in EMVCo 3DSecure 2.2
Posted on: Tuesday 31st August, 2021

EMVCo 3DSecure 2.2 brings enhanced functionality as the SCA protocol matures and consolidates its experience with over two years of deployment.

Here to help

Questions? We've got answers.

Kindly note that we do not support cardholders wanting to activate 3D Secure on their card. Please contact your bank directly using the phone number provided on the back of your card.