Preventing fraud is an integral part of any eCommerce store. Not only does fraud cause loss of business revenue, but if a merchant’s fraud prevention strategy is lacking, they become a target for criminals looking for an easy score.
As a merchant, you need to develop new and tougher anti-fraud strategies to combat fraud in your online business. Every time banks, merchants, or card networks find a new way of preventing fraud; criminals are also working on new ways to hack your systems. That is why merchants must stay on top of their fraud prevention game as much as possible. While numerous fraud prevention mechanisms are available, one of the most effective ones merchants should try is 3D secure technology.
What is 3D Secure?
3D Secure technology is a 3-domain structure that helps prevent online fraud with debit or credit card transactions. It can also be referred to as payer authentication. The security protocol for 3D Secure provides additional protection for the merchant and the cardholder.
When the customer gets to the checkout page, 3 D secure provides an additional layer of authentication to prevent fraudulent card use. The information is collected through a challenging step to the customer. The challenge step then collects information given by the cardholder and their device or extra information collected through the issuing bank through biometrics, a one-time SMS code, bank app, or other processes. This security protocol is crucial because it protects your business from chargeback fraud, and the liability of those chargebacks shifts to the card-issuing bank.
The three domains of 3D secure
3D secure works with the exchange of data between the different domains. What are the three domains of 3D Secure?
Issuer domain
The issuer domain is from the customer’s bank that issues their card. It’s the account where the money is debited for the transaction. The issuing domain consists of several components such as;
Cardholder browser and software – where the customer enters their initial information that triggers the security protocol
Enrollment server – the user enrolls in the authentication process on the server.
Access control server – here, the server checks the authenticity of the cardholder and the card authenticity
Acquirer domain
The bank holding the merchant’s account is the acquirer domain. It’s the account receiving money from the transaction. The acquirer’s domain consists of;
Merchants plug-in – after the cardholder finalizes the transaction. The merchant plug-in creates and processes the customer’s authentication messages.
Signature validation server – the server validates the digital signature on an authentication order.
Interoperability domain
This domain decides which card network is required for the transaction. It is made up of two parts;
Directory server – here, the server validates if an account number is associated with a credit network and forwards that request to the access control server.
Certificate authority – the certificate authority server generates ad distributes the SSL server, card network, digitally signed and the public root certification across the different domains.
What is 3D secure 2.0?
3D Secure 2.0 is a security protocol that allows merchants to securely send detailed transaction data to issuing banks allowing the merchant to take advantage of the bank’s advanced anti-fraud tools.
It was developed in 2016 and updated in 2017 by Arcot Systems and Visa. The aim was to support improved transmission security throughout the different card networks.
The first version created was the 3D Secure 1.0, which came with limitations. The major one was the system confirming the customer’s identity when the bank’s fraud analysis was showing the transaction could be risky. The system was clunky and caused most customers to abandon the transaction at checkout.
How did the 3D Secure 1.0 work?
With 3D Secure 1.0, customers had to opt-in to the program with their issuing bank and a pin assigned to the customer to use. Doing this created two significant issues.
- Transactions would be declined if a customer forgot their pin
- Customers were redirected to the card scheme websites from the merchant checkout page to approve the transaction increasing the time needed for an order to be approved.
Essentially 3D Secure 1.0 was not functional, and the features frustrated most customers. The good thing is that the creation of 3D Secure 2.0 came to correct some of the issues making the checkout process seamless. Here are some of the features that 3D Secure 2.0 has:
Improved shopping experience – with more customers opting to shop through apps, the security protocol improves their shopping experience by authenticating the transactions shopping apps quickly and seamlessly.
Enhanced data sharing – 3D Secure 2.0 provides enhanced data sharing between the issuer and merchant acquiring banks allowing the issuing bank to make better and improved risk decisions.
Improved authentication – The new protocol gave the customer improved authentication options in risky transactions like using a one-time password and biometrics.
Single authentication – instead of clicking-through redirection to another page for authentication of the transaction, 3D Secure 2.0 allows users to go through a single authentication process. The streamlined checkout process improves customer experiences even for customers using their mobile devices.
The Benefits of Implanting 3d secure 2.0 or your eCommerce store
Using 3D Secure offers numerous benefits for your online business. Here are some of them;
Reduces the risk of fraud – with extra layers of security authentication, it’s harder for fraudsters to breach your network. You can assure your customers that they are shopping with a legitimate business and secure their information from credit card fraud.
Improves customer experience – happy customers will increase your sales. If customers have an easier time flowing through your site and the payment process, they are likely to come to shop on your site often.
Encourages more international transactions – your customers can feel more secure transacting with your business even when making international transactions. If customers worldwide are confident in buying from your site because of assured security, it expands your business reach to other countries and offers them more buying options.
