In this section, we will explore how to maintain the balance between blocking fraudsters and letting legitimate customers pay unhindered.

The next step to tackle in the payment flow is risk. We are at the point when your risk system assesses the transaction to check for fraud.

Fraud is agony for any business

According to the 2019 AFP Payments Fraud Survey conducted by J.P. Morgan, 81 per cent of companies were targets of payments fraud last year, showing that no industry is immune —This is up from 70 per cent in 2018.

As your business grows, the risk only increases. Naturally, you would feel tempted to ramp up your risk settings to keep fraudsters out. But it would not be the best decision, as this comes at the cost of your conversions because it is more probable that the system will block legitimate clients accidentally (this is called a ‘false positive’).

Risk management is not straightforward: it is both a science and an art, and it’s crucial to find the right balance between security and your conversion rates.

You can use data to block fraudsters, not shoppers

The research company Edgar Dunn & Company found that 24 per cent of businesses reported that more than 10 per cent of the transactions they rejected as fraudulent were later found to be from legitimate customers.

How to get the risk/conversions balance right

The best practice is to gather and use data from multiple sources. The more data that is collected, analysed, and linked, the easier it is to spot fraudsters.

How would this work?

It is a common practise for fraudsters to use stolen credentials across multiple businesses. They can test a credit card at a music streaming site in the US and then use it to purchase an airline ticket from France to China. The best approach is to work with a risk management solution that spans multiple markets and industries —that way, a single fraudster can be tracked across multiple accounts on the same platform.

Use Dynamic 3D Secure

3D Secure is the step in the payment process when the checkout redirects you to a ‘Visa Secure’ or ‘Mastercard Secure Code’ webpage.

The major global card networks developed the scheme as an extra security layer. If you use it, the liability moves from you to the card issuers, so you won’t have the economic liability for any fraudulent chargebacks. But the extra step can be a conversion-killer, especially on mobile.

The best practice is to use Dynamic 3D Secure, where the platform assesses transactions in real-time and only those that meet agreed criteria would pass through 3D Secure.

Some other 3D-S best practices:

  • Customize the fraud prevention strategy to your specific business characteristics (industry, business model, countries of operation, sales channels, customer payment preferences, etc.). So, instead of applying 3D Secure to every transaction, you can use it selectively on high-value or high-risk transactions.
  • Educate your costumers on the benefits of this extra layer of security.
  • Regularly examine and re-assess your strategy as market conditions always change.
  • Closely coordinate with your payment partner/s to better understand the impact of 3D Secure in specific countries or for specific issuing banks.

3D Secure 2.0

This latest version of 3DS will legally apply from December 2020. It was created to optimise the processes and adapt to the growth of mobile and the IoT.

3DS v2 comes with many improvements, such as Software Development Kits (SDKs) to support app-based authentication and integration with digital wallets. More importantly, it will eliminate the need for redirection. The idea is to use richer shopper data during the transaction, and fewer password interruptions, so secure shopping is easier than ever.

What is the PSD2 SCA?

The Revised Payment Services Directive 2

The Revised Payment Services Directive is a European regulation that creates a more open, competitive, and secure payments landscape across Europe. SCA requirements are a part of the PSD2.

Strong Customer Authentication

SCA is a requirement of the PSD2. It’s a combination of 3 elements to authenticate a payment:

  1. something you know,
  2. something you own, and
  3. something you are.

I.e., a password, your phone, and your fingerprint.

3D Secure 2

3DS2 is an authentication solution that creates better shopper experiences while reducing fraud. Your customer gets a simple step in the payment process to allow the issuer (bank) to check that they are who they say they are. In some cases, authentication can be skipped due to exemptions.


Our Account managers will support you in the process of integrating Digital Payments Solutions to allow the best experience to your future Chinese Customers.

    I confirm I have read the Privacy Policy*.

    According to the Data Protection Act 2018 UK, we inform you that your data will be processed by PayXpert LTD (“PayXpert”), with registration number 09647756. You can freely and voluntarily provide the information requested in the form except for the fields that appear as mandatory. The non-introduction of the information requested as mandatory may have the consequence that your request can not be addressed. This information has the purpose of managing your request and/or complaints raised before it for which you are giving your explicit consent. We inform you that you may exercise your rights of access, rectification, erasure, object, portability, restriction in processing and to be forgotten by contacting PayXpert at

    Let's talk about payments!

    Scroll to Top