Evolution of Payment Instruments

Decades back when people want to purchase some goods they go to the nearby shop and give hard cash to get the same. In 20th century there was a tremendous growth in technologies of all kind, so eventually payment industry also found its way to cope up with the pace in which the technologies evolve. Banks were computerized and People were introduced with payment cards through which they could make transaction which reduced the burden of standing in long queues to withdraw some bucks from an account. It reduced the risk of carrying cash to make transactions.

After some painful decades, at present we enjoy the luxury of carrying the cards easily to purchase anything-anywhere-anytime. As technologies evolve, now we have so many flavours of payment instruments like chip cards, contactless cards, wallets, mobile apps, etc. This blogger is created with the intention of giving as much possible information on all the possible sections of payment industry.



Sunday, September 24, 2017

What is 3D Secure?


3D secure technology aims to mitigate Card-not-Present (CNP) fraud and meet the scheme mandate to utilise 3D Secure technology. Verified by Visa (VbV), SecureCode by MasterCard, Safekey by Amex, J/Secure by JCB and Pay Secure by RuPay are online programs designed to make Internet purchase transactions safer by authenticating a Cardholder’s identity at the time of purchase, before the Merchant submits an authorization request.

The goal of 3D Secure technology is to create a level of consumer trust and confidence in online shopping like that in the physical shopping environment. It is designed to improve both Cardholder and Merchant confidence in Internet purchases and to reduce disputes and fraudulent activity related to the use of payment cards. Banks can benefit from reduced costs associated with the most common types of Internet disputes.

The key objectives of the having 3D Secure technology are to–

·             Comply with scheme obligations by implementing 3D Secure technology.

·             Address the growing Card-Not-Present fraud.

·             Prevent fraudulent transactions at point of exposure through real time risk based scoring.

·             Increase online spend and have a good customer experience.

3D Secure technology is normally implemented at banks through an external vendor – Arcot.

In a real-world transaction, purchases require cardholders to present their payment cards to the merchant. The fact that a cardholder holds the card authenticates the cardholder. The merchant may read the magnetic stripe on the back of the card, and the cardholder may be asked to sign a receipt. These measures help reduce fraud. Criminals must steal a card to use it, and cardholders cannot easily deny purchases when their signature is on a charge receipt. Internet purchases, however, only require the cardholder to supply the card number, the expiration date, and sometimes the billing address during a purchase transaction. Thus, fraud rates are much higher for Internet purchases than for real-world purchases.

Criminals can obtain cardholder information, and cardholders can deny having made transactions (friendly fraud). Many cardholders are uncomfortable with this lack of security and do not make Internet purchases.3-D Secure aims to solve this problem by sending a cardholder a real-time one time Passcode for that specific transaction. When shopping at a participating Internet merchant, the cardholder will be required to enter this Passcode to complete a purchase.

3-D Secure is an XML-based protocol used as an added layer of security for online credit and debit card transactions. It was developed by Visa and Arcot to improve the security of Internet payments and offered to customers as the Verified by Visa service. Services based on the protocol have also been adopted by MasterCard, under the name MasterCard SecureCode, and by JCB International as J/Secure.

The basic concept of the protocol is to tie the financial authorization process with an online authentication. This authentication is based on a three-domain model (hence the 3-D in the name). The three domains are:

• Issuer Domain

• Acquirer Domain (the merchant and the bank to which money is being paid)

• Interoperability Domain (the infrastructure provided by the credit card scheme to support the 3-D Secure protocol)

The protocol uses XML messages sent over SSL connections with client authentication (this ensures the authenticity of both peers, the server and the client, using digital certificates).

A transaction using Verified by Visa/SecureCode will initiate a redirect to the website of the card issuing bank to authorize the transaction. Each issuer could use any kind of authentication method (the protocol does not restrict this) including static password, dynamic passwords via token or SMS, and even chip card. The flow is illustrated in the following diagram:




 

 
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)