Fortunately, merchants and banks have realized that requiring 3-D Secure results in an abandoned shopping card.
I rarely use my CC online. Asking me for my 3-D Secure password means asking me to log into my bank and use a physical second factor to set a new password.
Likewise, requiring 3-D Secure on my credit card makes me much more likely to pick a different payment method since I don't feel like doing the above. (Or rather, I might not even be carrying the phone/token needed for it.)
Seems like someone has figured this out. I haven't seen a 3-D Secure prompt in a while.
There's also no reason for me to like it: Without 3-D Secure, fraud is a minor hassle and I'll get my money back. With it, the bank may try to put the responsibility on me, even though I can't distinguish a real 3-D Secure page from a phishing page because they're all IFRAMEd per their official recommendations.
I rarely use my CC online. Asking me for my 3-D Secure password means asking me to log into my bank and use a physical second factor to set a new password.
Likewise, requiring 3-D Secure on my credit card makes me much more likely to pick a different payment method since I don't feel like doing the above. (Or rather, I might not even be carrying the phone/token needed for it.)
Seems like someone has figured this out. I haven't seen a 3-D Secure prompt in a while.
There's also no reason for me to like it: Without 3-D Secure, fraud is a minor hassle and I'll get my money back. With it, the bank may try to put the responsibility on me, even though I can't distinguish a real 3-D Secure page from a phishing page because they're all IFRAMEd per their official recommendations.