If a payment card is enrolled in a 3D-Secure program, the cardholder data is “covered” by additional protection level. However, if this mechanism is incorporated into transaction processing, the procedure becomes slightly more complicated, as it involves an additional verification phase. During this phase, card verification through a special module called merchant plug-in (or MPI) should be performed. MPI checks if the card (actually, the card-issuing bank) is enrolled in the 3D-Secure program. In case the card is enrolled, the cardholder identity is additionally verified. The cardholder is redirected to the issuer’s website, where they are required to input a unique card password. If the result of 3D Secure verification is successful, the transaction can actually be processed.
Find more information about 3D-secure program and merchant plug-ins in the respective article on #Paylosophy.