PSP / Credit Card Payment service TOP > Services > Online Payment Service > Payment options > Identity authentication service (EMV 3-D Secure)

Personal authentication service (EMV 3-D Secure)

What is the identity authentication service (EMV 3-D Secure)? Features Details Regarding mandatory authentication items

From April 2025 onwards, it will be mandatory for all e-commerce sites to implement EMV 3-D Secure.

Personal authentication service (EMV 3-D Secure)

Identity authentication services are services that make Credit Card Payment on the Internet more secure. The 3-D Secure identity authentication service is a service that authenticates the identity of the cardholder by entering the password registered in advance with the card issuer in addition to information such as the credit card number and expiration date at the time of payment. In addition, since September 2021, we have provided EMV 3-D Secure, which allows only those who are suspected of unauthorized use to authenticate themselves with a one-time password.
In addition, according to the Credit Card Security Guidelines [version 6.0], it is mandatory to introduce EMV 3-D Secure to all e-commerce sites in principle from April 2025.

How to install EMV3-D Secure

Our Credit Card Payment

Features

Prevents identity theft by unauthorized users

The number of fraudulent credit card transactions on the Internet is increasing.
The identity authentication service authenticates cardholders using a password or one-time password that only they know, thereby preventing fraudulent users from making "spoofed" payments using stolen cards, etc.
We also offer other fraud prevention solutions.

AI Fraud Detection

Reduces risk of chargebacks

When a credit card is used by a third party, the card company will refuse to pay the merchants for the sale (a chargeback).
In principle, card companies do not issue chargebacks for payments that have gone through personal authentication. (There are some exceptions and rules for each brand)

(EMV 3-D Secure) Only verifies those suspected of fraudulent use

EMV 3-D Secure analyzes multiple data points in real time to determine possible unauthorized use, including credit card usage history, the device used by the person making the card payment, as well as the delivery address for the product at the time of purchase. Authentication will only be performed on cardholders suspected of fraudulent use.
Cardholders not suspected of fraudulent use can save the trouble of verifying their identity, making for smoother transactions.

Details

Supported brands

The EMV 3-D Secure brands (service names) supported by our company are as follows.
・VISA (VISA Secure)
・MasterCard (ID Check)
・JCB (J/Secure)
・American Express (SafeKey)
・Diners (ProtectBuy)

Supported devices

Available from PC and smartphone.

Connection methods

Available in Link Type and API type.

How to install EMV3-D Secure

Usage Examples

This is an example of how to use identity authentication. If the card company determines that the risk is low, the card company screen may not be displayed.

EMV 3-D Secure

Regarding mandatory authentication items

Regarding the use of EMV 3-D Secure (3-D Secure 2.0), some items that were previously considered optional are now mandatory due to changes in international brand regulations.
The addition of linkage items is necessary to increase the accuracy of 3-D Secure authentication and improve the customer experience.
For the time being, it will be authenticated even if the items are not linked, but there is a possibility that an error will occur in the future. Since this is an item that requires cooperation in principle from the perspective of countermeasures against unauthorized use, please respond as soon as possible in conjunction with the mandatory introduction of EMV 3-D Secure.

Required Field Details

1. Member name (in Roman letters on the card)
2. Phone number or email address (either one)

Usage procedures for each connection method (Link Type / API type)

Link Type usage procedure

Link Type purchase procedure

① The customer selects Credit Card Payment on merchants 's payment methods selection screen.
②The customer enters their personal information on merchants 's customer information input screen.
③The merchants uses our identity authentication service to obtain a "card user payment information token."
When obtaining a "Card User Payment Information Token", please provide the following information 1 and 2 as "Personal Authentication Information".
1. 1. Member's name (in Roman letters on the card)
2. 2. Phone number or email address (either one)
④ The customer confirms their personal information on merchants 's customer information confirmation screen.
⑤ merchants sets the "card user payment information token" obtained in ③ and makes Link Type purchase request to our company.
⑥ If merchants applies for the new screen (※), the customer will be asked to enter the following information 1 and 2 on our Link Type payment information input screen (in this case, there is no need to set the "Card User Payment Information Token" in ⑤ above).
1. 1. Member's name (in Roman letters on the card)
2. 2. Phone number or email address (either one)
If merchants has not applied for the new screen (※), they will be asked to enter the information excluding 1 and 2 (in this case, it is necessary to set the "Card User Payment Information Token" in step ⑤ above).
(※)The new screen is currently being prepared.
⑦Our company extracts information 1 and 2 using the “card user payment information token” and sends information 1 and 2 to the card company (the card company performs authentication processing).

Get items on a Link Type new screen

When merchants use the new screen, customers will be asked to enter the following information 1 and 2 on our Link Type payment information input screen (⑥ above).

1. Member's name (in Roman letters on the card)
2. Phone number or email address (either one)

API type usage procedure

API type purchasing procedure

① The customer selects Credit Card Payment on merchants 's payment methods selection screen.
②The customer enters their personal information on merchants 's customer information input screen.
③The merchants uses our identity authentication service to obtain a "card user payment information token."
When obtaining a "Card User Payment Information Token", please provide the following information 1 and 2 as "Personal Authentication Information".
1. 1. Member's name (in Roman letters on the card)
2. 2. Phone number or email address (either one)
④ The customer confirms their personal information on merchants 's customer information confirmation screen.
⑤ merchants sets the "card user payment information token" obtained in ③ and makes an API type payment request to our company.
⑥ Our company extracts information 1 and 2 using the “card user payment information token” and sends information 1 and 2 to the card company (the card company performs authentication processing).