3DS Authentication

This section explains 3DS authentication and how to leverage it for enhanced security in your PayU payment processing.

If you are already familiar with 3DS, check our integration methods:

What is 3DS?

3DS (Three-Domain Secure) is a security protocol that adds an extra layer of verification during online payments. It works by securely communicating with the cardholder’s issuing bank to confirm their identity before authorizing the transaction. This significantly reduces the risk of unauthorized card usage and fraud.

The diagram below describes the protocol flow:

Below, an example of the authentication process:

John purchases a cellphone from an e-commerce shop using his personal computer.

The cellphone shop, integrated with PayU's authentication service, wants to verify that John is making the purchase. They send the transaction for authentication.

Through 3DS communication, the issuer receives the authentication request and begins reviewing the shared data.

The issuer successfully authenticates John. As the risk was low, the authentication was silent without contacting him.


For higher-risk transactions, John may receive a simple challenge, such as an OTP sent to his phone.

John receives the confirmation of his purchase and later on, he receives the cellphone at home.

Benefits of 3DS Authentication

  • Increased security and reduced fraud: By verifying cardholder identity, 3DS helps prevent fraudulent transactions. Additionally, in case of a fraudulent chargeback, the liability often shifts to the issuing bank.

  • Improved user experience: Modern 3DS implementations ensure a smooth authentication process with minimal disruption to the user’s shopping experience.

  • Regulatory compliance: 3DS adheres to EMVCo standards and regulations in many markets, ensuring compliance for merchants and payment processors.

Leveraging 3DS with PayU

PayU Latam offers 2 options to integrate 3DS authentication into your payment processing:

  • PayU-handled 3DS authentication: If you don’t have your own 3DS service, PayU can manage the authentication process on your behalf.

  • External 3DS authentication: This method allows you to leverage your existing 3DS service provider. You’ll handle the authentication process and send the response directly to PayU within the payment request.

Choose the option that best suits your existing infrastructure and preferences.


Topics in this Section

PayU-Handled 3DS Authentication

PayU-handled 3DS authentication prevents the need for you to manage the 3DS integration process. PayU takes care of everything, from communicating with the issuing bank to handling the authentication flow.

External 3DS Authentication

Leverage your existing 3DS service to enhance payment security with PayU’s passthrough integration.

Last modified July 26, 2024: Documentation updates (e5a4165f4)