3D Secure Payment Authentication
3D Secure payment authentication provides additional fraud protection by challenging a user’s identity when they make a credit or debit card payment. Typically, the user is required to enter a 2FA code sent to or generated by their mobile device. We verify the code when your customer processes a transaction in your web store.
Support for 3D Secure 1 ended on October 15, 2022. See End of Support for 3D Secure 1 to learn more, including information about migrating your website from 3D Secure 1 to 3D Secure 2.
3D Secure 2 is supported on the following flows of your Commerce website:
-
Make a payment, quotes, and reorder items: SuiteCommerce MyAccount (SCMA), Suitecommerce, and SuiteCommerce Advanced (SCA) versions 2023.1.1 and later.
-
Checkout, make a payment, and quote to sales order: SuiteCommerce and SCA versions 2022.2 and later.
-
Checkout flow only: SuiteCommerce and SCA versions 2020.1, 2020.2, 2021.1, 2021.2, and 2022.1.
See 3D Secure Authentication Process for details on how your Commerce website supports the use of 3D Secure payment authentication.
The following topics provide additional information about 3D Secure payment authentication:
Before you enable 3D Secure authentication, you’ll need to set up payment processing profiles for each payment gateway you use. See Setting Up Payment Processing Profiles in NetSuite.
Setting up 3D Secure payments on your Commerce website depends on your implementation:
|
Implementation |
Type of 3D Secure Supported |
Refer to |
|---|---|---|
|
SuiteCommerce SuiteCommerce MyAccount SuiteCommerce Advanced 2020.1 and later |
2.0 |
|
|
SuiteCommerce Advanced 2019.2 SuiteCommerce Advanced 2019.1 SuiteCommerce Advanced 2018.2 SuiteCommerce Advanced Aconcagua SuiteCommerce Advanced Kilimanjaro |
2.0—External checkout only. Customization may be required. |
|
|
SuiteCommerce Advanced Elbrus SuiteCommerce Advanced Vinson SuiteCommerce Advanced Mont Blanc SuiteCommerce Advanced Denali Site Builder |
2.0—External checkout only.
Note:
Whether 3D Secure 2 is available depends on your setup and requires customization. |
Configure 3D Secure Payments for Native 3D Secure
This topic explains how to enable native 3D Secure payments for your SuiteCommerce, SCMA, or SCA (2020.1 or later) website.
You only need to follow these steps if you’re using native 3D Secure. See 3D Secure Authentication Process for information about native 3D Secure and external checkout.
To enable 3D Secure payments for your website:
-
Go to Commerce > Websites > Configuration.
-
Select your website and domain and click Configure.
-
Go to the Advanced tab.
-
Check the Enable 3D Secure Payments box.
-
Click Save.
3D Secure Authentication Process
There are two typical ways to adopt 3D Secure 2 technology as part of your customers’ shopping experience: natively or by using an external checkout.
Not all SuitePayments solutions that integrate with NetSuite support 3D Secure 2. See Payment Gateway Support for 3D Secure 2 for a list of payment gateway partners who support 3D Secure 2.
Native 3D Secure 2
With native 3D Secure 2, an identity challenge displays to cardholders when they use your web store checkout. The challenge usually pops up right on the page as an iframe or as a separate step during checkout.
Your website needs specific 3D Secure 2 code and support for payment instruments to use native 3D Secure 2.
If you’re using SuiteCommerce or SCA versions 2020.1 or later, your web store checkout already includes native 3D Secure 2 support.
If you’re using SuiteCommerce, SCMA, or SCA versions 2022.2 or later, native 3D Secure 2 is included for making a payment, reordering items, and converting quotes to sales orders.
SCA sites running 2019.2 or earlier, and all Site Builder versions, don’t support native 3D Secure 2. See Migrating from 3D Secure 1 to 3D Secure 2.
To confirm that your web store already processes payments with native 3D Secure 2:
-
Go to Lists > Search > Saved Searches > New.
-
Click Cardholder Authentication.
-
Click Preview without setting filters.
-
If cardholder authentication search results are returned, your web store is using native 3D Secure 2.
External Checkout
External checkout (also called hosted payment pages) means you use an external payment page from your payment gateway partner.
External checkout occurs when a user is redirected to an external web page that accepts and processes the their payment details. After they finish, they’re sent back to your web store to complete the order.
If your web store uses Site Builder or SCA 2019.2 or earlier, you need a payment gateway partner that supports 3D Secure 2. See Payment Gateway Support for 3D Secure 2.
Your website must be able to support external checkout. Support for external checkout is as follows:
-
All SCA versions support external checkout, but you might need to patch or customize your code if you’re on SCA Kilimanjaro or earlier. See Migrating from 3D Secure 1 to 3D Secure 2.
-
Site Builder sites with SiteBuilder Extensions for checkout provide varying support for 3D Secure 2, depending on your extension version. See Migrating from 3D Secure 1 to 3D Secure 2.
-
Site Builder sites using Reference Checkout or the classic built-in checkout don’t support 3D Secure 2. See Migrating from 3D Secure 1 to 3D Secure 2.
After 3D Secure authentication is enabled for your Commerce website, the following logic is applied to each payment card transaction using external checkout:
-
A user selects their payment method as a credit or debit card.
-
The user attempts to submit their order.
-
The web store redirects the user to the third-party payment processor’s external checkout or hosted payment page.
-
The user enters their card details and submits them.
-
The payment processor decides if a 3D Secure challenge is needed and shows it if required.
-
If everything works, the payment goes through and the user comes back to your web store to finish the order.