3D Secure 2.2. - Issuers guide
How do issuers start the update process?
The protocol, specs, certification and more are regulated by EMVCo so they are the ones who announce the specifications to networks.
Here are the lists of steps that are needed to be done for updating:
- EMVCo announces new version and specs
- Networks create their program rules
- Providers of Access Control Server and 3DS Servers design solutions to accommodate these rules
- The solution is tested and certified by EMVCo
- EMVCo issues Letters of Acceptance showing the providers finished their solution design, development, testing and certification with EMVCo
the certification process is the most important part. In order to use the new version to process transaction, EMVco and then networks need to certify their providers.
Do issuers have to upgrade to version 2.2 and what is the deadline?
Schemes and networks are approaching this individually. Visa's deadline for European issuers switching to EMV 3DS 2.1 and 2.2 was September 14, 2020 and is now
prolonged for March 2021, while Mastercard still has no clear deadline for this.
It is important to have in mind that the future versions of 3DS (expected to come early 2021) will mean previously adopting versions 2.1 and 2.2 so issuers are advised start the update process immediately.
Why is 3DS 2.2. great for users - Authentication process
3DS 2 allows businesses and their payment provider to send more data elements on each transaction to the cardholder's bank. This includes payment-specific data like the shipping address, as well as contextual data, such as the customer's device ID or previous transaction history.