I'm a developer for a leading UK PSP.
Echoing what the bike chain are saying. A 3-D Secure transaction, while a touch more difficult to implement on your website, means the liability shifts from yourself to the bank.
The customer has authenticated themselves, or has been careless with authentication details, so usually the bank will chase them (I think). Same idea with chip and pin I think (which is why one of my friends flatly refuses cards containing chips.
Additionally, most decent PSP's will offer some form of fraud screening service – might be worth looking into for large value transactions?