Does Your Industry Need 3DS? Tailored Strategies by Vertical

3D Secure (3DS) has become one of the most important tools in online payments. Designed to reduce fraud and shift liability, it sits at the intersection of security, regulation and customer experience. But does every business really need to use it? And if so, how should it be applied to avoid adding unnecessary friction at checkout?

The answer depends heavily on the vertical you operate in. Some industries face higher fraud exposure and stricter compliance requirements, while others need to prioritise frictionless checkout to maintain conversion rates. In this article, we will break down how 3DS applies to different industries, such as eCommerce, travel, SaaS and iGaming and explore how merchants can tailor their approach.

What Is 3DS and Why Is It Important?

At its core, 3DS is an authentication protocol that adds an extra layer of verification when customers pay online. Instead of relying solely on card numbers and CVV codes, 3DS prompts users to verify their identity via methods like one-time passcodes, biometric checks or bank app confirmations.

The benefits are clear:

• Reduced fraud and chargebacks.
• Compliance with regulations like PSD2 and Strong Customer Authentication (SCA).
• A liability shift from merchants to issuers.

But there’s a trade-off. More authentication steps can increase checkout friction, leading to cart abandonment and lost sales. This tension between security and conversion is exactly why a tailored strategy is so important.

Regulation and Compliance Pressure

In regions like Europe, 3DS is not optional. PSD2 requires strong customer authentication for most online transactions. However, exemptions exist. Low-value transactions, recurring subscriptions and transactions deemed “low risk” can bypass 3DS if merchants use advanced fraud monitoring and smart payment routing.

Outside of Europe, 3DS adoption is uneven. In the US, it’s optional but increasingly used by high-risk merchants. In the Asia-Pacific region, regulators and card schemes are pushing adoption to fight growing fraud levels.

The key point? Compliance may force some industries to implement 3DS more broadly but the smartest strategies use a combination of exemptions and risk-based authentication to minimise unnecessary friction.

3DS for eCommerce Merchants

For online retail, 3DS can be a double-edged sword. On one hand, it protects merchants from fraud, particularly with high-value orders, cross-border sales or first-time customers. On the other hand, overusing 3DS can slow down the checkout process and cause shoppers to abandon their purchase.

So when should eCommerce merchants apply 3DS? 

Typically, the best results come from a selective approach: Using it for higher-risk transactions while keeping repeat customers and low-risk orders frictionless. A customer buying a £15 T-shirt probably doesn’t need the same level of scrutiny as someone purchasing a £2,000 laptop.

The challenge lies in getting this balance right. Apply too little authentication and you face fraud losses. Apply too much, and you lose conversions. That’s why orchestration platforms with smart routing and exemption handling are becoming essential.

3DS in Travel and Hospitality

The travel industry is one of the most fraud-prone verticals. Airline tickets, hotel bookings and package holidays are high in value, attractive to fraudsters and often purchased across borders. Chargebacks are common and the costs of fraud are significant.

For this sector, 3DS provides a strong shield. Customers booking expensive flights may even feel reassured when extra security steps are applied. However, timing is critical. Travel merchants need to minimise delays at checkout, especially when customers are comparing multiple sites.

Dynamic strategies can help. 

For example, 3DS can be applied to high-value international bookings while allowing domestic, low-value reservations to flow through frictionlessly. Risk-based authentication ensures that only suspicious transactions are challenged.

3DS for SaaS and Subscription Models

Subscription businesses face a unique challenge: Recurring billing. 

Once a customer has subscribed, subsequent payments are typically merchant-initiated transactions (MITs), which are often exempt from SCA requirements. That means 3DS should only be required at the point of sign-up, not for every monthly renewal.

The risk here is failing to implement exemptions correctly, leading to unnecessary declines or customer frustration. Imagine being asked to re-authenticate every time your music streaming service charges you, it would quickly drive cancellations.

For SaaS providers, the best 3DS strategy is to authenticate strongly at the beginning of the relationship, then use exemptions and orchestration to ensure seamless billing thereafter. This keeps fraud low without disrupting the customer experience.

3DS in High-Risk Verticals: iGaming and Digital Goods

Few industries face as much fraud pressure as iGaming. Fraudsters target gambling and betting platforms with stolen cards, testing them with small deposits before cashing out winnings. Regulators are strict, players expect instant payments and chargeback rates can be high.

Here, 3DS is both a shield and a challenge. On one side, it is essential for compliance and fraud prevention. On the other side, adding friction can drive players to competing platforms that offer smoother onboarding. The risk of losing high-value customers due to slow or complicated checkout is very real.

Digital goods, from streaming subscriptions to in-game purchases, face similar issues. Fraud rates are high but user expectations for instant delivery leave little tolerance for delays. This is where payment orchestration becomes critical. By applying exemptions intelligently, merchants can maintain speed while keeping fraud in check.

The bottom line? In iGaming and digital goods, 3DS is non-negotiable but how it’s implemented will make the difference between high approval rates and frustrated players.

How Merchants Can Tailor Their 3DS Strategy

So, does every industry need 3DS? Yes, but not in the same way. The right approach is dynamic and tailored. Merchants should consider factors like transaction size, geography, customer profile and industry risk when deciding when to apply 3DS.

Payment orchestration platforms play a key role here. They enable merchants to:

• Route transactions intelligently to acquirers that support exemptions.
• Apply 3DS only when required, reducing unnecessary friction.
• Leverage risk-based authentication to challenge only suspicious transactions.

After all, why treat every transaction the same when the risks are clearly not equal? A £5 subscription renewal doesn’t need the same scrutiny as a £500 cross-border booking.

Does Your Industry Need 3DS?

The short answer is yes but with nuance. Every industry benefits from the fraud prevention and liability protection of 3DS but applying it universally can hurt conversion and customer experience. The most successful merchants are those who implement tailored, risk-based strategies that balance security with convenience.

At Finera, we help businesses do exactly that. Our payment orchestration solutions apply 3DS intelligently, ensuring compliance and fraud protection without unnecessary friction. Want to see how this could work for your industry? Get in touch with our team today.

‍