You want to add these domains to Analytic's Referral Exclusion List, otherwise your Acquisition and Ecommerce data will be associated to these domain rather than AdWords, Organic etc.
This list is very incomplete and heavily biased towards the United Kingdom. If you're in the UK this probably covers enough to reasonably consider the problem solved.
TODO: Find a better way that doesn't rely on having to add every bank's own 3D secure domain... (possible solution - investigate Fix2 Actually, this looks like the bees knees)
- securesuite.co.uk
- arcot.com
- verifiedbyvisa.barclays.co.uk
- secure.barclaycard.co.uk
- clicksafe.lloydstsb.com
- acs.sia.eu
- cap.attempts.securecode.com
- netsafe.hdfcbank.com
- 3debspay.boc.cn
- 3ds.jccsecure.com
- geschuetzteinkaufen.commerzbank.de
- sas.sermepa.es
- acs1.swedbank.se
- lbp.wlp-acs.com
- acs1-3dsecure.cic.fr
- bbva.cardinalcommerce.com
- vcas2.visa.com
- 3dsecure.cartasi.it
- aacsw.3ds.verifiedbyvisa.com
- acsclient.credecard.com
As above, if you use a Paypal option that takes your user off to Paypal, add paypal.com to the Referral Exclusion List so you can better track acquisition rather than all the traffic being Acquisation = Referrer paypal.com (otherwise you don't know if it came from AdWords etc.)
- paypal.com
- checkout.stripe.com