Streamline Cardholder Authentication Avoid being the target of online fraud
Streamline Cardholder Authentication helps protect your business and your customers Streamline Cardholder Authentication shifts the liability for fraud away from you, the merchant, and could save your business a great deal of money. It turns online into the frontline in the fight against fraud by combining the strengths of two of the world s leading e-commerce protection systems: MasterCard SecureCode and Verified by Visa. Simply put, both systems enable an online shopper to prove that they are the genuine cardholder by inputting a unique password at the shopping cart stage. The process only takes a matter of seconds and your customers experience no significant interruption to the usual progress of the sale. As the majority of chargebacks are most commonly the result of customers denying a purchase, the password mechanism goes a long way towards negating this. Streamline Cardholder Authentication therefore provides a cost-effective, hassle free way to give your website the state-of-the-art fraud protection your customers deserve. While a sizeable reduction in the incidence of chargebacks leaves you and your staff free to focus on other more productive areas of your business to grow your profits. The Streamline Cardholder Authentication process enables the Card Issuer to confirm to you that they have checked the cardholder s identity while the transaction is taking place. This process is controlled by a piece of software installed on your website known as a Merchant Plug-In (MPI), which communicates directly with MasterCard and Visa for all the Card Issuers who participate in this process. Once the secure authentication has been received from the Card Issuer, the payment transaction proceeds in the usual way. You must also ensure that additional security data is included in your request for authorisation (to indicate the status of the transaction). This will ensure you are protected from liability should the transaction be denied by the cardholder.
Streamline Cardholder Authentication step by step 1 Cardholder enters the card number at the online checkout in the normal way and selects Buy Now. 2 Your Merchant Plug-In (MPI) contacts either the MasterCard or Visa Directory to check for Streamline Cardholder Authentication participation. 3 Directory now responds either YES (and space on your website appears for the card issuer to authenticate cardholder) or NO (skip to Step 6). 4 Cardholder inputs password online or cardholder enrolled during shopping. 5 Card Issuer validates password and sends authentication response back to your Merchant Plug-In (MPI). 6 Your system requests authorisation from Streamline in the usual way but with the additional security data included. Please visit streamline.com/cardholder_authentication for further details.
How the process works Your customers register online to take part In order for your customers to be protected by the Streamline Cardholder Authentication process, they must first register a password and a secondary Personal Assurance message, both of their own choosing, with their Card Issuer. It only takes a few seconds and only needs to be done once. The registration can be undertaken either before shopping by visiting the Card Issuer s website, or during the shopping experience this is known as Activation During Shopping (ADS). MasterCard and Visa are ensuring that ADS is only used to register cardholders and not to carry advertising or other messages. Those cardholders who choose not to register by either method will have their transactions authorised in the usual way but without the added security of the new system. The Authentication Window Registered cardholders will see the Card Issuer s online Authentication Window appear at the checkout stage an example of which is shown below: Please enter characters from your RBS Secure password as asked below. I am not enrolled in RBS Secure Merchant: TestMerchant Amount: 6.73 Date: XX/XX/XX Card Number: XXXX-XXXX-XXXX-0312 Personal Message: Welcome to RBS Secure Login: Another55 Enter the first, third and thirteenth characters of your Password: Forgotten your Password? Submit? Help Cancel The cardholder is prompted, within this window, to enter their password. This confirms that they are the person to whom the card was first issued.
Password verification All passwords are verified electronically by the Card Issuer within a fraction of a second and you, as the Merchant, receive confirmation from the Issuing Bank that the cardholder is genuine. Once the secure authentication has been received from the Card Issuer, the payment transaction proceeds in the usual way. This whole process occurs seamlessly and contains steps that cardholders will already be familiar with, and indeed be expecting, as part of an electronic card authentication procedure. Cardholders do not need to install additional software on their PC in order to make use of this service. The process is controlled by a piece of software installed on your website known as a Merchant Plug-In (MPI), which communicates directly with MasterCard and Visa on behalf of all of the Card Issuers who participate in this process. The liability shift is in your favour As we have said, in order to promote systems such as Streamline Cardholder Authentication, powered by MasterCard SecureCode and Verified by Visa, the Card Issuers are supporting a liability shift. This means that once you have implemented these services, you will no longer be liable for most e- commerce cardholder denied transactions and this is regardless of whether your customer (the cardholder) has enrolled with their Card Issuer or not. For further information about particular exclusions please refer to streamline.com Although you will still be potentially liable for other forms of chargebacks we strongly recommend that your business continues to be vigilant in the fight against fraud. Important Please Note: Streamline Cardholder Authentication is a way to augment and strengthen your existing fraud prevention procedures and does not replace your existing safeguards. You should still adhere to the operations and measures you have in place against fraud and continue to follow the procedures for a Request for Further Information (RFI), as set out in Section 8 of your Merchant Operating Instructions (MOI).You can also view this section online at streamline.com after inputting your Merchant Number.
Why now is the right time to adopt this service Customers are keen Research undertaken by Visa in the UK, Spain and Germany concluded that 84% of people currently not shopping online and 71% of those already shopping online would be encouraged to either start shopping online or shop online more frequently, with a service that aims to protect cardholder identity such as Streamline Cardholder Authentication in place. Source:visaeurope.com/merchant More than 26.4 million people now shop online The Association for Payment Clearing Services (APACS) released a report in November 2006 showing that more than 26.4 million people now shop online in the UK. Online fraudster activity is on the increase The success of chip and PIN technology in face-toface, cardholder present transactions has resulted in criminals turning their attention to the cardholder not present environment of the internet instead. The most significant trend is the obtaining of genuine card details in the real world in an attempt to make fraudulent purchases online. Your customers will appreciate that you want to protect them As customer confidence in their online shopping experience with you increases, so will their brand loyalty, as your business will be seen to be actively taking steps to safeguard their card details and personal identities against fraud.
Take a positive step Take up Streamline Cardholder Authentication today! If you feel that Streamline Cardholder Authentication could be just what your business needs to help protect your customers and your profits in the fight against fraud, please contact your existing software supplier or Payment Service Provider. We also have our own suite of esolutions products that support cardholder authentication and can help make it a reality for you. Please visit streamline.com or contact your Streamline Helpdesk for further information on 0845 7 61 62 63. Also, many third party suppliers and software vendors can now supply this service, powered by MasterCard SecureCode and Verified by Visa. Once contacted they are well placed to advise you of the next steps required to activate the system on your website.
Have you heard about Streamline Online? Streamline Online is a secure, password-protected Management Information tool held within streamline.com It s updated overnight and enables you to view all transactions and card payment data to do with your Merchant Account at your convenience and requires no special software. Using the ultimate convenience of the internet, you gain greater control of your business by logging into your account online at any time and from anywhere, saving you time and increasing efficiency. Features include: Adding the benefit of Streamline Online to your Merchant Account costs only 12 per month per company plus VAT. Easy to navigate and use, why not view the online demonstration of this invaluable service at streamline.com/online You can also download an application form at the same address. Alternatively, please speak with your Streamline Account Manager or call our Helpdesk on 0845 7 61 62 63 for further details. Downloadable data to assist you in compiling financial reports Automatic email alerts to help you beat the 14-day Request For Information deadline and defend chargebacks in time The ability to view your transaction data instantly and act on the information instead of waiting for statements to arrive in the post. Streamline is a service provided by National Westminster Bank Plc. National Westminster Bank Plc. Registered in England, No. 929027. Registered Office: 135 Bishopsgate London EC2M 3UR. Authorised and regulated by the Financial Services Authority No. 121878 SMS8752 March 2007