Using merchant plug-in (MPI) software installed on your web server or the hosted services of your payment gateway, 3-D Secure works with Visa and MasterCard’s authentication services, Visa Secure and MasterCard® SecureCode™ to provide transaction information to the card issuer.
If a transaction is determined to be high risk, an authentication page hosted by the card issuer will appear within your website’s payment page.
3-D Secure-enrolled cardholders use a specific password or phrase for authentication with their card issuer. The issuer can also link the authentication process with the cardholders' SMS security for internet banking. The cardholder simply types in their password or SMS authentication to verify their identity.
If the check fails you should halt the transaction as this is a strong indicator of potential fraud.
Not all transactions will need a verification check. In fact, depending on your business type, most will pass through without a challenge.