List, An oddity in the 3D Secure protocol is in my opinion that the "final" and "critical" transaction is routed through the user's browser.
Working for years with systems like OBI, Punchout, OCI where the final message is a purchase order, I note that these system are characterized by sending the final transaction server-to-server. This is based on the idea that your purchasing system (or in the case of 3D your bank) is a "business system" helping, and monitoring your business processes which means that it should now about problems before the you do (If a 3D transaction fails, your bank will know nothing, and since a failure can occurr anywhere, there are situations were no one will know what's happened). Interactivity is by no means hampered by this arrangement, it just means one [optional] step more communication-wise but with greatly improved tracibility. Cheers, Anders If you want, you can try out https://buyer.x-obi.com/BuyerASP/buyer and verify that ending a shopping-session in the business-system-end is not at all bad, rather the contrary. Takes some 10-15 minutes to perform.