3DS (3-D Secure) is an additional identity verification step that the card issuer triggers after you enter your card number. It commonly takes the form of an SMS code, a push notification inside the issuer’s App, or an email code. Not receiving the code is not a problem with the card itself — it is a verification channel problem. When the channel breaks down, the payment stalls at the 3DS step and is ultimately declined. In cross-border environments (overseas IP + domestic phone number + foreign merchant), the SMS channel is the most fragile link.
First, Identify Which 3DS Method You Are Using
Different issuers use different default verification methods:
- SMS code: Relies on your phone number being able to receive international SMS. Roaming, carrier-level risk controls on your SIM, or messages being filtered as spam can all prevent delivery.
- App push notification: As long as the issuer App is online and notification permissions are enabled, you receive a pop-up and tap to confirm. This is currently the most reliable method.
- Email code: Used by a small number of issuers. Make sure to check your spam or junk folder.
Not sure which method you are using? Check under “Security Settings” or “Payment Verification” in the issuer App — you can usually switch freely between methods.
Troubleshooting Steps When You Do Not Receive the Code
Work through this checklist in order. Most issues can be resolved within 5 minutes:
- App notification permissions: Go to System Settings → Notifications → issuer App, and confirm that push notifications are enabled. iOS users should also check whether a Focus Mode is blocking notifications.
- App background activity: Some Android ROMs aggressively kill background processes. Add the issuer App to your “auto-start whitelist” to prevent this.
- Linked phone number: In the App, verify that the phone number on file is still the one you currently use. Failing to update the linked number after changing SIM cards is one of the most common mistakes.
- Network environment: When making cross-border payments through a VPN or proxy, the App’s persistent connection may drop. Try briefly switching to a direct connection or restarting the App to re-establish the push channel.
- SMS filtering: Check your phone’s built-in spam filter or any third-party security apps, and whitelist the issuer’s sender number.
- Resend and expiry: 3DS codes typically expire in 60–180 seconds. Once expired, you must click “Resend” at the checkout — the old code is invalid.
If all of the above checks out and you still do not receive the code, switching your verification method is the fastest fix: change from SMS to App push. The vast majority of issuers support this. MPCard products use App push with biometric secondary confirmation by default — see MPCard card details for configuration guidance.
Situations Where the Code Is Never Sent in the First Place
- The merchant is using a non-3DS payment channel: No verification code will be triggered. If the payment still fails, the problem lies elsewhere — see Why Was My USDT Card Payment Declined.
- The card is under a temporary issuer risk hold: In some cases, the risk control system rejects the transaction outright without sending a code. Check the App for any risk alerts or messages from customer support.
- Severe BIN-to-IP mismatch: For example, a US BIN card used with a Southeast Asian IP may trigger a hard risk block with no code sent. See our compliance and regional matching recommendations.
Editorial Recommendations
Do: On the day you receive your card, switch the 3DS verification method to App push and enable notification permissions. Whenever you change your phone number or device, update your linked information in the App immediately.
Don’t: Do not rely on a domestic phone number to receive SMS codes from a foreign card issuer for routine overseas subscription payments. This is the combination with the highest failure rate, and it tends to break down at the worst possible moment — such as a critical subscription renewal.