# VGS Collect and 3DS

**3D Secure** is an additional authentication layer that helps build a secure checkout experience and make online credit and debit transactions safer. It has been used since 2001 and remains the most popular protocol for online purchases.

It is important to note that the industry introduced the next-generation **3D Secure 2** (aka EMV 3D Secure) solution, which included flow improvements. For those in the European Economic Union (**EEU**), the standards set by 3DS2 can be used to satisfy strong customer authentication (**SCA**), a set of 2FA requirements that went into effect in September 2019 as part of the latest implementation of the Payment Services Directive (**PSD**).

## Advantages

* Helps prevent unauthorized [CNP](https://en.wikipedia.org/wiki/Card_not_present_transaction) transactions
* Reduces fraud and chargeback risk
* Increases spending online

## How does it work?

This security protocol functions on a 3-domain model, in which the domains are:

* Acquirer domain - who’s going to get the money
* Card issuer domain
* Interoperability domain - allows the acquirer domain and the card issuer to exchange data.

In order to authenticate a user and complete a transaction, the cardholder is asked to provide unique information such as a password, code, or temporary PIN. The full 3DS authentication process would look like this:

1. Collect card information
2. Redirect to 3D Secure page provided by the card issuer
3. Additional Security Authentication
4. Redirection to the merchant's site
5. Payment confirmation

## 3D Secure 1 vs 3D Secure 2

With **3DS version 1**, the merchant leads users to the authentication page on their bank’s website, where they should require additional security measures for access (e.g. password or code sent to the user’s phone). Experiencing the friction that these operations cause undermines the product’s user experience, making it less smooth while leaving a bad impression - especially for native applications.

The main goal of **3D Secure version 2** is to build an effortless checkout experience and add support for innovative authentication on mobile devices (using fingerprint or face recognition). Moreover, 3DS2 collects from more data points to evaluate access, which means you can pass 10X more information such as shipping information, device ID, history, etc. The more information you have, the higher chances of successful authorization.

## Does VGS Collect support 3DS?

[VGS Collect ](/vault/developer-tools/vgs-collect.md)allows you to securely collect data from your users without having to have that data pass through your systems. Our secure field solution is a “middleware” between your apps’ client-side and server. Data from the secure form will be submitted to your vault URL endpoint or CNAME, but not to the payment processors’ API directly. This way, 3D Secure is handled on your side as a transaction request and it will be configured on your end. 

<figure><img src="/files/4Oa2mfGSn7ePQRsE2Fj6" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.verygoodsecurity.com/vault/developer-tools/vgs-collect/collect-3ds.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.