×

Ecommerce authentication gets a major makeover

By Mark Nelsen, Senior Vice President, Risk and Authentication Products • Visa

October 21, 2016

New industry specification sets the stage for smarter products and services

To encourage the continued growth of ecommerce, merchants and issuers around the globe need intelligent tools to distinguish between good and bad transactions, all while minimizing disruption to consumers at checkout. Without data-driven insights into the riskiness of a transaction, confidently approving ecommerce payments—now originating from a variety of platforms and form factors, each with their own unique security attributes—is becoming more difficult.

The good news is that change is coming. EMVCo[i] is expected to release a new and improved 3-D Secure specification soon. The new specification, referred to as 3-D Secure 2.0, includes updates and enhancements to address the need for a more seamless online payment experience for consumers, while accommodating new devices and ways to pay. By facilitating a greater exchange of data between merchants and issuers, 3-D Secure 2.0 will enable increased use of risk-based and dynamic authentication—today’s gold standard for online authentication.

In anticipation of EMVCo’s specification, Visa has begun internal development to enhance the Verified by Visa (VbV) program and the Visa Consumer Authentication Service (Visa’s issuer 3-D Secure support provider) for 3-D Secure 2.0. Visa expects that early industry adoption will begin in mid-2017 in markets around the world.

Verified by Visa for 3-D Secure 2.0 will bring benefits for everyone. Merchants will have the ability to better integrate the authentication process into the shopping experience, providing a more user-friendly authentication experience, which can translate to higher conversion rates and increased sales. Issuers will have access to more data, helping them to make more informed transaction decisions. For consumers, paying online will be as fast, simple and convenient as ever. And as always, Visa’s Global Zero Liability policy guarantees that cardholders won't be held responsible for unauthorized charges made with their account, online or offline.

To ensure that stakeholders in each market have a reasonable amount of time to implement the solution once certified products and services are available, certain rules—such as fraud chargeback protection on merchant-attempted 3-D Secure 2.0 transactions—will not take effect until the program activation date. In Europe, a region that is already relying heavily on risk-based authentication, Visa expects a program activation date of April 2018. The program activation dates for other markets will be announced separately.

As the industry moves collectively to adopt and implement the 3-D Secure 2.0 protocol, Visa will partner with stakeholders around the globe to deploy pilots in advance of the program activation date.


________________________


[i] EMVCo exists to facilitate worldwide interoperability and acceptance of secure payment transactions. It accomplishes this by managing and evolving the EMV® Specifications and related testing processes. This includes, but is not limited to, card and terminal evaluation, security evaluation, and management of interoperability issues. Today there are EMV Specifications based on contact chip, contactless chip, common payment application (CPA), card personalisation, and tokenisation.

This work is overseen by EMVCo’s six member organisations—American Express, Discover, JCB, MasterCard, UnionPay, and Visa—and supported by dozens of banks, merchants, processors, vendors and other industry stakeholders who participate as EMVCo Associates

Share this post

Like this post

Related Articles

Visa Inc. and Visa Europe reunite as one global company

June 21, 2016

Visa Inc. and Visa Europe have reunited! The two companies originated from the same Visa that started as a pilot program in 1958, but have operated as separate entities since Visa Inc. became a public company in 2008.

Charlie Scharf Read More

Could new payments authentication rules scupper European Digital Single Market?

September 20, 2016

We are only a few weeks away from a decision that could have significant impact on the future of e-commerce in Europe.

Peter Bayley Read More

Unblocking e-commerce

May 25, 2016

The European Commission has unveiled proposals to address geo-blocking, with measures to remove unjustified barriers to online cross-border trade. Tackling unjustified geo-blocking will help consumers across the EU to reap the benefits of e-commerce.

Sue Basu Read More

Look! No PIN!

June 08, 2016

This week, Visa Europe presents a three-part series on a subject that is dominating the headlines: biometrics. We have invited Safran, the leading supplier of technology for security as well as aerospace and defence, to give us its perspective on why biometrics is such a hot topic today and where they see the industry heading.

Philippe Le Pape Read More

Cybersecurity and the road to biometrics

June 06, 2016

This week, Visa Europe presents a three-part series on a subject that is dominating the headlines: biometrics. We have invited Safran, the leading supplier of technology for security as well as aerospace and defence, to give us its perspective on why biometrics is such a hot topic today and where they see the industry heading.

Philippe Le Pape Read More

How strong should customer authentication be?

February 16, 2016

Offering payment solutions is high risk. Moving money always was and always will be. The development of card payments 55 years ago started with an embossed card and paper slips. It didn’t have great security, but it was fit-for-purpose.

Peter Bayley Read More

A subtle but important shift

April 18, 2016

Risk tends to be thought of as a negative concept, but aren’t risks and opportunities inextricably linked? After all, you can’t have one without the other. Risk isn’t inherently bad – It’s how you manage risk in the context of opportunity, and balance the two, that’s important.

Mark Austin Read More