Mastercard Identity CheckExploring Mastercard's Latest Big Move Against Fraud

September 26, 2023 | 9 min read

This image was created by artificial intelligence using the following prompts:

A collage of biometric-related images, such as fingerprints, faces, facial recognition, smartphones and text messages interconnected by a network of short groups of numbers. Smart and creative composition. In the style of red and teal.

Mastercard Identity Check

In a Nutshell

What is Mastercard doing to help merchants fight back against chargebacks… and do they work? In this post, we’ll talk about how Mastercard Identity Check functions, how the product has evolved since its inception, and just what type of protection it offers.

Mastercard Identity Check: A Crucial Component of a Multilayered Fraud Management Strategy

Online shopping has seen unprecedented growth over the last few years. Unfortunately, the same could be said of online fraud.

Data from Mastercard themselves show that global chargeback volume reached 615 million in 2021. Something needs to be done to stem the rising tide of fraud. Mastercard Identity Check may provide an answer.

Mastercard Identity Check (sometimes referred to simply as Identity Check or MCID) offers an extra layer of protection against fraud. It’s designed to defend cardholders and merchants from the growing threat of online fraud. This global solution makes it a lot harder to use a Mastercard payment card that's been reported lost or stolen. 

Identity Check provides crucial protections. But is it enough for complete fraud mitigation? Let’s take a look.

What is Mastercard Identity Check?

Mastercard Identity Check

[noun]/ī • den • tə • tē • chək/

Mastercard Identity Check is the Mastercard-branded deployment of 3-D Secure 2.0 technology. The technology helps authenticate purchasers as authorized cardholders.

Mastercard Identity Check is an advanced security feature available from Mastercard. In simple terms, you can think of it as a more advanced version of an earlier tool known as Mastercard SecureCode.

Identity Check was created to make online Mastercard transactions as safe, fast, and convenient as purchases made in a store. This extra layer of verification helps protect both cardholders and merchants during checkout.

Learn More About 3-D Secure technology

The program works by verifying a customer's identity at the checkout stage, ensuring that transactions come from only authorized Mastercard card users. This 3-D Secure Mastercard deployment is the same technology used by other card networks like JCB, American Express, and Discover. Visa, for instance, refers to their 3DS product as Verified by Visa.

What's the Difference Between Identity Check and SecureCode?

As mentioned above, Identity Check is generally a more advanced version of SecureCode. While SecureCode was the Mastercard-branded 3DS 1.0 product, Identity Check is the Mastercard-branded version of 3DS 2.0.

The most noticeable difference is in the depth of their security measures. While SecureCode essentially gives you a private code for transaction validation, it doesn't offer much else.

Given the ever-evolving skills of cybercriminals, security solutions need to be equally adaptive and sophisticated. In response, the new tool goes beyond a single verification code, employing multiple data points for user identification. The system often validates the cardholder behind the scenes, making the process almost transparent to the user.

Rather than focusing solely on what the user knows — such as passwords — Identity Check emphasizes what the user has in their possession. It allows for more secure protection through two-factor biometric authentication like fingerprint or facial recognition. Moreover, it employs one-time passwords sent via SMS, streamlining the verification process without requiring you to remember complex codes.

How Does Mastercard Identity Check Work?

The updated protocol uses risk-based analysis to assess transaction risk. That means instead of a static password, the system compares over 100 different data points to verify shopper identity in real-time. In 95% of cases, buyers can be authenticated with no additional input, eliminating friction tied to older versions of 3DS technology.

Here’s a quick breakdown of how Identity Check typically works:


Transaction Initiation:

A cardholder makes an online purchase at a participating retailer, The Mastercard Identity Check service activates automatically during the payment stage of the transaction.


Identity Verification:

Mastercard Identity Check will ask for additional verification. This usually comes in the form of a one-time password (OTP), a fingerprint, or facial recognition.



The cardholder may receive an alert on their registered mobile device or email address. They’ll be prompted to provide a second factor of authentication to verify the transaction.


User Input:

The cardholder enters a one-time passcode (OTP), or confirms their identity using biometric data. The specifics will depend on the options available and what the customer has set up beforehand.


Transaction Completion:

Once the buyer’s identity has been verified, the payment will be authorized. The cardholder will receive confirmation, and the transaction will proceed as normal.

3DS is a great tool... but it’s not foolproof. Get help today to see rapid chargeback reduction.REQUEST A DEMO

Mastercard Identity Check only asks for secondary identification in about 5% of cases. This “frictionless flow” is faster, more accurate, and easier to use than SecureCode and other 3DS 1.0 technologies. It also reduces the risk posed by false positives if a Mastercard Identity Check authentication fails.

Why Should Merchants Use a 3-D Secure Solution?

Mastercard Identity Check delivers a smoother transaction process and higher security. That alone makes the product worth considering. However, there are additional features and benefits to consider.

Strong Customer Authentication (SCA), for instance, is an online payment security mandate integral to the Payment Services Directive (PSD2). SCA requires transactions in the European Union to have two forms of customer identification. Validating a customer’s identity using Identity Check (or another 3DS tool) fulfills this requirement.

3-D Secure represents the latest standard in global payment security, and the protocol is a requirement in order to accept credit cards in Europe. The technology involves such a robust transaction analysis that most transactions may be deemed SCA-compliant even without secondary identification.

Other benefits include:

Liability Shift

Using Identity Check shifts the liability for chargebacks to the issuing bank. Merchants should note, however, that this protection only applies if authentication was successful; and a chargeback was issued using a “fraud” reason code.

Frictionless Flow

Identity Check authenticates most customers in real-time. In 95% of cases, no additional action needed on the part of the cardholder, making for frictionless, roadblock-free transactions.

Less Cart Abandonment

Frictionless transactions lead to more conversions and less churn. More combined data points also mean fewer false positives. Merchants can accept more orders, assured that fraud is not a concern.

Cross-Device Compatibility

Payments can be performed in both application and browser-based solutions on mobile and other consumer-connected devices. Also, Identity Check works with mobile, in-app, and digital wallet payment methods.

Better Risk Analysis

Identity Check gathers and analyzes a considerable amount of transaction data for more accurate assessments. The abundance of information provides a high level of security and lowers the risk of criminal fraud.


The Mastercard Chargeback Guide specifies that successful transactions using Identity Check are not eligible for a chargeback involving any of the following reason codes:

4837: No Cardholder Authorization

4849: Questionable Merchant Activity

4863: Cardholder Does Not Recognize—Potential Fraud

Even with chargebacks using other reason codes, the use of Identity Check could still be used as compelling evidence.

Getting Started With Mastercard Identity Check

Merchant enrollment in Mastercard Identity Check is handled at the acquirer level. It is not something individual merchants can do on their own.

There are two methods that acquirers can use to enroll merchants in Mastercard Identity Check. First, they can use the bulk file load that is available through Mastercard Connect. Another option is to use the Merchant Enrollment API, which is a more efficient and streamlined option.

The Merchant Enrollment API from Mastercard lets acquirers manage merchant participation in the program. Acquirers can send enrollment data through API interfaces to add or delete merchants directly via Mastercard Identity Solutions Services Management (ISSM). Acquirers will also be notified about any activity that occurs tied to any of their registered BINs (bank identification numbers).

Common QuestionDoes Identity Check make a transaction “chargeback-proof?”No. As mentioned above, Identity Check protects against chargebacks involving “fraud” reason codes (4837, 4849, or 4863). However, transactions are still susceptible to chargebacks filed using any other Mastercard reason code.

Learn more about bank Mastercard reason codes

MCID: One Part of an Overall Strategy

Using MCID may lower a merchant's overall number of chargebacks. The technology is by no means “perfect,” though.

The underlying software was not designed to combat chargebacks. It is only aimed at detecting and preventing criminal fraud. So, while it's certainly a step in the right direction, Identity Check's chargeback prevention capabilities are limited in several areas:

  • It can only be used for online transactions.
  • It only prevents chargebacks associated with Mastercard transactions.
  • A transaction can be authenticated, even if it was not authorized.
  • It can deter unauthorized transactions, but has no effect on first-party fraud.

That last point is very important. Our research suggests that only a small portion of chargebacks are the product of genuine criminal fraud. Most chargebacks are the result of friendly fraud. Mastercard Identity Check has no effect on chargebacks resulting from merchant error or friendly fraud.

Mastercard Identity Check authentication does offer valuable protection against fraud. It works best, however, as part of a multi-level fraud and chargeback management strategy.

Merchants need a customized, end-to-end solution that employs the most effective tools where they will do the most good. If you’re interested in learning the role Identity Check can play in your overall chargeback management strategy, contact Chargebacks911® today.


What is Mastercard Identity Check?

Mastercard Identity Check is the Mastercard-branded deployment of 3-D Secure technology. The technology helps authenticate purchasers as authorized cardholders. In simple terms, you can think of it as a more advanced version of an earlier tool known as Mastercard SecureCode.

Why do I get a Mastercard ID Check?

Cardholders receive Mastercard ID Check requests because they’ve previously enrolled in the program. Some banks may require enrollment in Identity Check in order to make Mastercard purchases online.

What is the difference between Mastercard Identity Check and SecureCode?

Rather than focusing solely on what the user knows— such as passwords— Identity Check emphasizes what the user has in their possession. It offers a more secure layer of protection through two-factor biometric authentication like fingerprint or facial recognition. Moreover, it employs one-time passwords sent via SMS, streamlining the verification process without requiring you to remember complex codes.

Is Mastercard Identity Check mandatory?

Mastercard Identity Check is generally not mandatory for all transactions, but it may be required by certain merchants or financial institutions or for specific types of high-risk transactions. Its use can also depend on the policies of the card-issuing bank. Opting in for the service is usually at the discretion of the cardholder, although it's recommended for enhanced security.

Like What You're Reading? Join our newsletter and stay up to date on the latest in payments and eCommerce trends.
Newsletter Signup
We’ll run the numbers; You’ll see the savings.
Please share a few details and we'll connect with you!
Over 18,000 companies recovered revenue with products from Chargebacks911
Close Form
Embed code has been copied to clipboard