3D-Secure: More Security for Your Online Payments

Oliver May 2021 Fintech Content Editor 4 min

Table of contents

In recent years, online purchases have experienced strong growth not only in the private sector, but also in the business world. As a business owner, you will certainly handle numerous payment transactions completely digitally. The steady rise in awareness leads to increased security questions. Major financial institutions have made it their mission to close security gaps and constantly expand requirements. Now, with 3D-Secure, comes a new process that makes digital card payments for online purchases even more secure. At Penta, we have also switched to 3D-Secure. 

What is 3D-Secure? 

3D-Secure is a procedure in e-commerce where merchants send a payment request to Penta via an encrypted connection every time you make an online purchase, which you have to approve. This helps to prevent card fraud on the web. The 3D-Secure procedure is based on a PSD2 (Payment Service Directive 2) of the EU, which is supervised in Germany by the Federal Financial Supervisory Authority (BaFin). What’s new here is the strong focus on your personal authentication, which ensures that only you can pay with your card.

The 3D-Secure procedure is offered by VISA and Mastercard named Verified by Visa and Mastercard Identity Check.

Cards at Penta

In March 2020, we switched from Mastercard to VISA at Penta. Currently, you can get VISA debit cards from us, however many Penta cards from Mastercard are still valid.

How 3D-Secure Works and Increases Banking Security 

With the 3D-Secure procedure, you authenticate yourself either via a mobileTAN or by confirming an in-app push notification. Afterwards, the digital card payment is executed, as it has been ensured that you actually want to initiate this payment. That’s why you have to identify yourself with two independent factors when buying online, also called two-factor authentication. The factors can be the following: 

  • Knowledge: For example, through a password
  • Possession: For example, by owning your smartphone. 
  • Inherence: Via a biometric feature such as your fingerprint. 

You have the option to choose one of the two authentication methods at Penta—either the mobileTAN via SMS or the push notification in the app. If you want to pay online with your Penta card, the online merchant will then redirect you to an authentication screen of the card provider, where you then enter the mobileTAN or confirm the push notification on your smartphone. You will then be redirected back to the online merchant’s site and your payment will be processed. 

By the way, you only have a time frame of 5 minutes for confirmation to increase security. 

How Do I Confirm Payments via 3D-Secure at Penta?

At Penta, there are two authentication methods available to you when making online payments with your card

  • In-app push notifications: With this option, you authenticate by owning your smartphone paired with the account and also by entering your fingerprint or password. Then select “Confirm” and the payment will be executed. 
  • mobileTAN via SMS: With this method, the authentication is done by the possession of your smartphone and the knowledge of the initiated payment.  You receive a 6-digit mobileTAN via SMS and are asked to identify a payment made with the card from a list of transactions.

You then can select the preferred method for 3D-Secure within the payment process.

tax deductions in Germany

Digital business account always at hand

Push Notifications Versus mobileTAN

Both methods at Penta are secure and require two factors to authenticate the online payment with your card. Confirming push notifications via the Penta app is usually the fastest method. All you have to do is unlock your paired smartphone, click on the push notification and confirm the payment. This requires an internet connection and an active device binding between the Penta account and your smartphone. 

The mobileTAN method requires a phone connection, so you can receive the SMS. The 6-digit TAN must then be entered. After that, you will be asked to identify a payment from a transaction list that you have actually made. This method is certainly not the fastest. However, the device binding is not required here. 

Why This Method Is Important for the Security of Your Company’s Finances 

You may have been thinking a few times: wait, this just adds complexity to the online payment process. You are right, and yet several financial institutions have chosen that security is at the top of the priority list when it comes to digital payments—and Penta is no exception. 

We try to implement current security standards in the most seamless and user-friendly way possible without risking security gaps. The security of your company’s finances should be guaranteed at all times. 

Do you already know our product roadmap? Here we keep you up to date on new products and features. We also keep you posted on improvements and new methods for your security. Of course, you also have the opportunity to ask us questions or tell us your wishes. Or do you want to become a tester? Our research team is looking forward to testing the latest product developments with you. Please, register here. 

business banking laptop cards

Secure banking for your business

Back to top