How does 3D Secure work?
The 3D Secure protocol is represented by an additional step during the payment: cardholder authentication.
The authentication occurs after the entry of card details. The user is redirected to the page of their bank in order to enter details that are not related to the card and specific to him or her.
In most cases, it is a one-time use code sent to the cardholder by SMS. The cardholder must enter this code on the secure page of his or her bank in order to definitively validate this step.
The payment gateway takes it upon itself to call the authorization server of the cardholder’s bank and retrieve the result to finalize the payment. In case of Web Services, this call is made by the e-commerce website.