• Kirsten Saliba
  • 3 June 2022
  • 4.8 mins

Thanks to the increasing popularity of e-commerce platforms, there has been a steady increase in the prevalence of online shopping across the globe. Although card payments have been on the rise for years the global pandemic accelerated online shopping significantly, and now people are more comfortable with it, they are unlikely to go back to shopping in person. The rise in card-not-present (CNP) payments offers more convenience for those making the transaction and requires less from merchants, who no longer need a physical location with employees present to be able to sell merchandise or accept payments.

However, the downside to this is that this advancement in payment use and technology means that payment card fraud is becoming more prevalent and increasingly difficult to stop. In 20129 alone the EU saw €1.55B in credit card fraud, with the UK and France being the leaders in these losses.

Because the cardholder and the card itself are absent from a CNP transaction, it can be difficult to verify the identity of the person making the payment and confirm the legitimacy of the transaction. Whereas chip readers and PIN devices can authenticate a card-present transaction, those measures are not available when it comes to CNP. As a result, CNP transactions need to use other authentication techniques during the payment process that are specific to the channel through which they are being made.

To reduce the risk of fraud, identity theft, and other illegal practices associated with these types of payments, additional authorisation technologies have been introduced. One method for ensuring the authenticity of CNP payments is a technique called strong customer authentication (SCA). SCA is the standard established by the EU Revised Directive on Payment Services (PSD2) that requires a form of multi-factor identification (MFA) to be used to successfully complete a CNP transaction.

Originally passed in 2007 as the Payment Services Directive (PSD), PSD2 regulates payment service providers across the European Economic Area. The PSD2’s SCA control is particularly concerned with using MFA to protect customers, merchants, and banks from fraudulent transactions and is commonly fulfilled via the use of 3-D Secure (3DS) technology.

What is 3D Secure Authentication

3DS is a security protocol used to authenticate users. This provides an extra layer of protection for card transactions in CNP scenarios. It was designed to allow a cardholder to authenticate their identity to prevent payment fraud and unauthorised transactions and to reduce chargebacks.

As a result of PSD2’s SCA requirement, this security protocol is used throughout Europe, but it’s also used in countries outside of the EU, places like South Africa and India. Versions of the protocol have been adopted by many leading card brands, including Visa, Mastercard, Discover, American Express and more. This led to the creation of 3DS 2.0

How 3DS 2.0 Works

Introduced in 2015, the latest version of this protocol promotes a less intrusive authentication process to stymie customers abandoning purchases at checkout, a common occurrence during the original 3DS protocol when users would be redirected to their bank’s website to authenticate transactions.

Now, merchants are required to send authentication data along with the payment card data to verify the authenticity of the transaction. This process occurs invisibly to the user and authenticates the payment unless the issuer finds a reason to question whether or not the transaction is legitimate.

If suspicious behaviour or an unknown device causes the transaction to be flagged up, the user can then receive a text message or confirmation code via app to verify their identity, as opposed to being redirected to the bank’s website and entering relevant passwords and codes etc. This is a much less disruptive experience for the purchaser and makes it a lot quicker as well.

The Benefits of 3DS 2.0

There are many advantages to the 3DS protocol that make it an ideal system for CNP transactions.

Reduced Risk Fraud

With the advent of this new technology, the misuse of cards and loss of payments is significantly reduced. It is harder for scammers to commit online fraud and customers and businesses are better protected.

Increased Protection

Customers are provided with additional layers of authentication to protect their card information. All transactions are protected by SSL encryption to protect the data as it changes hands, making it as safe as possible for all involved.

Customer Satisfaction

Using a 3DS protection such as Verified by Visa or MasterCard SecureCode, provides greater customer satisfaction as clients find it easier and safer to shop online. This makes it more likely they will return and shop again.

International Transactions

Increased security means that it is safer to accept international card transactions. This, in turn, leads to businesses being able to expand their reach to new areas of the world and offer customers more buying options, at very little trouble or cost to themselves, especially if they are an online business.

Look After Your Customers

Here at Sekuritance, our own unique 3DS2 Authenticator is our 3D Secure MPI tool. A 3D solution for merchants to validate and process 3DS checks before taking payment, allowing you to protect yourself further.

With Frictionless Flow, Non-Payment Authentication and Mobile Native capabilities, this module is a seamless and effective way to keep your business secure and look after your customers.

To find out more about this, and all of the other services we have to offer, visit www.sekuritance.com today.

About Sekuritance

The Sekuritance RegTech platform provides a single platform for every eGRC need, including end-to-end AML/CTF, CECL, FCPA, vendor management, beneficiary onboarding, investor check, card processing MFA checks, blockchain wallet checks, cyber-risk assessments, and other RegTech or Business Process Management requirements.

Stay tuned for more info and follow us on:

Twitter: http://twitter.com/sekuritance

Telegram: http://t.me/sekuritance

Website: https://sekuritance.com

Back to Blog