BLOG
(425) 522-4110
info@rpgc.com
logoRPGClogoRPGC
    • Services
      • Payment Operations
        • Payments
          Workshop
        • Authorization Analysis
        • Payment Fee Analysis
        • Fraud Rules Analysis
        • RFP and Vendor Management
        • Chargeback Management Evaluation
        • Project Support & Acceleration
      • Developing a Global Payments Strategy
        • Payment Product Review
        • Design and Review: Payments Infrastructure
        • Market Research
        • Go-To-Market Strategies
        • Compliance Support
        • Payments Due Diligence for Investments, Mergers & Acquisitions
        • Payment Systems Vendor Report
      • Payments Education
        • 101: Introduction to Payment Processing
        • 201: Economics of Payment Processing
        • 301: Global/Xborder Payments
        • 302: Mobile Wallets & Mobile Payments
        • 400: Order Your Own Course!
      • Close
    • Resources
    • Stories
    • About Us
    • Contact

3D Secure & Consumer Authentication

July 3, 2020Daniel PelegeroUncategorizedNo Comments

Now, risk reduction thinks two steps ahead.

Guest Post by our partners at Paladin Fraud Group

It’s a push-and-pull as old as time (well, as old as eCommerce, anyway): merchants need more assurance that a customer is who they say they are—and the customer desires a frictionless transaction process without too many verification speedbumps. Despite the common security measures merchants take, credit- and debit-card transactions are still at risk of fraud. So some sort of further authentication is often needed—and the trick is doing it without chasing the customer away.

To help address this issue, card networks implemented the first version of 3D Secure (3DS) back in 2001. Through 3DS, the user would enter card details to confirm a payment and would then be redirected to another page where their bank prompts the user for a code or password to approve the purchase. 

Requesting this additional information added an extra layer of fraud protection and helped ensure that payments are only accepted from legitimate customers. As an added incentive for merchants, authenticating a payment with 3DS shifted the liability for fraud-coded chargebacks to the customer’s bank. 

However, the initial version of 3DS did have some drawbacks: these additional steps and redirects add friction to the checkout and could lead to abandonment—obviously not the outcome the merchant was looking for.

Fortunately, today, a newer and even better version of 3DS is available—3D Secure 2.0 (3DS 2.0). It aims to address many of the shortcomings of the original 3DS with less disruptive authentication and a better user experience.

Through a near-frictionless form of user authentication, 3DS 2.0 allows businesses and their payment provider to send more data elements on each transaction to the cardholder’s bank. This includes payment-specific data like the shipping address, as well as contextual data, such as the customer’s device ID or previous transaction history.

The cardholder’s bank can use this information to assess the risk level of the transaction and select an appropriate response:

  • If trust levels are high enough, the transaction goes through the “frictionless” flow and the authentication is completed without any additional input from the cardholder.
  • If further proof is needed, the transaction is sent through the “challenge” flow and the customer is asked to provide additional input to authenticate the payment.

3DS 2.0 is designed to embed the challenge flow within the normal checkout flow—which helps avoid full page-redirects. If a customer authenticates on your site or webpage, the 3DS 2.0 prompt now, by default, appears in a pop-out on the checkout page. 

In addition, unlike the first version of 3DS, 3DS 2.0 was designed with the ubiquitous use of mobile devices in mind, which makes it easier for banks to offer a more seamless authentication experiences through their mobile banking applications. Instead of entering a password or just receiving a text message, the cardholder can authenticate a payment through the banking app by just using physical biometrics. 

The enforcement of Strong Customer Authentication (SCA) (which is slated to be rolled out through 2020 and into 2021) is a very important requirement of 3DS 2.0—and all the more important if you are doing business in Europe. The new regulation will require merchants to apply additional levels of authentication to European payments. Luckily, the improved user experience of 3D Secure 2 can help reduce the negative impact on conversion for those payments.

In our 2020 edition of the Paladin Vendor Report, we featured the 3DS solution offered by CardinalCommerce (A Visa Company):

For over two decades CardinalCommerce has been bringing merchants, issuers, and shoppers together. In February 2017, Cardinal became a Visa solution. They put authentication first and believe digital commerce should be as safe, trusted, and engaging as possible.

Navigating the ever-changing payments landscape can be complex – local regulations, different network mandates, and frequent EMV® 3-D Secure updates. Which is why their dedicated success teams work closely with clients from integration through ongoing optimization to make the process as frictionless as possible for both clients and their customers.

Their primary focus is about creating an engaging experience for both clients and their customers. They work continuously to help optimize authentication strategy to increase approvals while decreasing fraud – all to improve the customer journey. 

More key facts about Cardinal:

  • Offers merchant and issuer authentication solutions
  • Certified by EMVCo for four EMV 3DS components – ACS, 3DS Server, SDK (iOS and Android), and were the first to have certified for all four (Source: https://www.emvco.com/approved-registered/approved-products/)
  • Focused on authentication, supported by a team of more than 200 people 
  • Can help merchants and issuers prepare for the next round of Visa activation dates for EMV 3DS – April 2020 in AP and CEMEA, August in NA

Intelligent Security, using the Visa family of risk solutions, can help your digital commerce business reduce false declines and fraud rates and increase authorization rates, with a streamlined consumer experience:

  • CardinalCommerce – for 3-D Secure/authentication
  • CyberSource – for fraud management
  • Verifi – for chargeback dispute resolution
  • And more

With this suite of solutions, Visa can help merchants, acquirers, and issuers manage PSD2’s Strong Customer Authentication requirement, as well as exemptions to SCA and deliver seamless secure transactions.

The 2020 Paladin Vendor Report not only covers 3DS and Consumer Authentication technologies—it spans the full spectrum of current technology and solutions in the fraud prevention landscape today. Download the full Paladin Vendor Report here: http://paladinfraud.com/mrc-trends-2020/  And stay tuned for upcoming posts highlighting even more fraud-fighting technologies that organizations are turning to today.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Cracking Open the Payments Orchestration Layer
  • The Forgotten Element of Payment Orchestration: Real-Time Ledgers
  • Fraud prevention platforms: An evolution from rules engines to one-stop shop.
  • An ID fraudsters can’t shake: Device identification & reputation
  • Fitting 3D-Secure with payments architecture

Recent Comments

    Archives

    • May 2022
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • March 2020
    • December 2019
    • August 2019
    • July 2018
    • March 2018
    • November 2017
    • October 2017

    Categories

    • Merchant Payments
    • Uncategorized

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org

    MENU

    • About
    • Blog
    • Contact Us
    • Resources
    • Stories
    • Legal Notice
    • Privacy

    Services

    • Payment Operations
      • Payments
        Workshop
      • Authorization Analysis
      • Fraud Rules Analysis
      • Payment Fee Analysis
      • Chargeback Management Evaluation
      • RFP Management
      • Project Support & Acceleration
    • Developing a Global Payments Strategy
      • Payment Product Review
      • Design and Review: Payments Infrastructure
      • Market Research
      • Go-To-Market Strategies
      • Compliance Support
      • Payments Due Diligence for Investments, Mergers & Acquisitions
      • Payment Systems Vendor Report
    • Payments Education
      • 101: Introduction to Payment Processing
      • 201: Economics of Payment Processing
      • 301: Global/Xborder Payments
      • 302: Mobile Wallets & Mobile Payments
      • 400: Order Your Own Course!
    108 2nd Ave. S. #504, Kirkland, WA, 98033-2626 U.S.A.
    +1 425 522 4110
    info@rpgc.com
    LinkedIn
    Copyright © 2019 RPGC Group, LLC. All rights reserved.

    Access RPGC Content