Frictionless Experience with Verified by Visa. Risk-based authentication case study



Similar documents
SOLUTION BRIEF PAYMENT SECURITY. How do I Balance Robust Security with a Frictionless Online Shopping Experience for Cardholders?

Securing Internet Payments. The current regulatory state of play

ADVANTAGES OF A RISK BASED AUTHENTICATION STRATEGY FOR MASTERCARD SECURECODE

Chargelytics Consulting

Cardholder Authentication Guide. Version 4.3 August 2013 Business Gateway

Streamline Cardholder Authentication. Avoid being the target of online fraud

RSA Adaptive Authentication For ecommerce

Global Bank Achieves Significant Savings and Increased Transaction Volume with Zero-Touch Authentication

A multi-layered approach to payment card security.

MASTERCARD SECURECODE ISSUER BEST PRACTICES

Visa Merchant Best Practice Guide for Cardholder Not Present Transactions

April 12, To: Verified by Visa Merchants Verified by Visa Acquirers Verified by Visa Merchant Service Providers

Accepting Ecommerce Payments & Taking Online Transactions

Risk & Fraud Management Solutions

MASTERCARD PAYMENT GATEWAY SERVICES

A new Payments Services Directive and a Regulation on Interchange Fees for card-based transactions Examining key implications for end users

Visa Debit processing. For ecommerce and telephone order merchants

The need for a secure & trusted payment instrument in e-commerce. Ali AlMeshal

Security enhancement on HSBC India Debit Card

Online Payment Process. Name Kathleen Kaye Acosta Nr Course E-Business Technologies SS2008 Professor Dr. Eduard Heindl

OXY GEN GROUP. pay. payment solutions

Sage Pay Fraud Prevention Guide

FAQ on EMV Chip Debit Card and Online Usage

Introduction to Online Payment Processing and PayPal Payment Solutions

DIAMOND NAIRA VISA DEBIT CARD. Your Bank

Frequently Asked Questions (FAQ) on HSBC Chip Credit Cards

E-Commerce payment trends. Petr Polak Senior Sales Manager Czech Republic and Slovakia

Global Visa Card-Not-Present Merchant Guide to Greater Fraud Control. Protect Your Business and Your Customers with Visa s Layers of Security

Elavon Payment Gateway- 3D Secure

MySagePay. User Manual. Page 1 of 48

Verified by Visa. Acquirer and Merchant Implementation Guide. U.S. Region. May 2011

FRAUD PREVENTION IN M-COMMERCE: ARE YOU FUTURE PROOFED? A Chase Paymentech Paper

UPCOMING SCHEME CHANGES

First Data E-commerce Payments Gateway

Electronic Commerce and E-wallet

Credit card: permits consumers to purchase items while deferring payment

A CHASE PAYMENTECH WHITEPAPER. Building customer loyalty in a multi-channel world Creating an optimised approach for e-tailers

PayPoint.net Gateway Guide to Identifying Fraud Risks

Merchant Account Service

My Sage Pay User Manual

A: This will depend on a number of factors. Things to consider and discuss with a member of our ANZ Merchant Services team are:

e Merchant Plug-in (MPI) Integration & User Guide

Enhancing Payment Card Security New Measures to be Phased in from 2 nd Quarter 2010 to 1 st Quarter 2011

A CHASE PAYMENTECH WHITE PAPER. Uncovering Five Myths About M-Commerce

How Online Payments Really Work

Payment Acceptance Strategies in a Global Ecommerce Environment

Fraud Prevention Guide. Version 3.0 January 2013

Visa Debit ecommerce merchant acceptance. Frequently asked questions and flowchart

A Guide to EMV. Version 1.0 May Copyright 2011 EMVCo, LLC. All rights reserved.

Interoperable Mobile Payment A Requirements-Based Architecture

... What is USAePay? How does USAePay work? The Basics. Recurring Billing. Developer s Center

Internet Authentication Procedure Guide

BOV e-commerce. your guide to: General Product Information The Benefits Your Checklist Important Information Our Fees and Charges Terms and Conditions

CyberSource Payments & Security ONE POINT OF CONTACT CAN HELP YOU HIT YOUR

ACQUIRER OR ACQUIRING BANK A financial institution (often a bank) where a merchant has an account to process transactions and card payments

Trends in Merchant Payment Acceptance

Managing Recurring Transactions Merchant Best Practice Guide

Visa Easy Payment Service. Merchant Best Practices

Merchant Plug-In. Specification. Version SIX Payment Services

Internet Usage (as of November 1, 2011)

The e-commerce solution

We believe First Data is well positioned to take advantage of all of these trends given the breadth of our solutions and our global operating

Online Payment Processing Definitions From Credit Research Foundation (

VISA EASY PAYMENT SERVICE MERCHANT BEST PRACTICES

FREQUENTLY ASKED QUESTIONS

Tokenization: FAQs & General Information. BACKGROUND. GENERAL INFORMATION What is Tokenization?

Can Fraud Alerts Raise Customer Loyalty?

Online Payment Processing What You Need to Know. PayPal Business Guide

Merchant Business Solutions. Protecting business against credit card fraud.

VISA EUROPE ACCOUNT INFORMATION SECURITY (AIS) PROGRAMME FREQUENTLY ASKED QUESTIONS (FAQS)

EMV EMV TABLE OF CONTENTS

Payment Methods. The cost of doing business. Michelle Powell - BASYS Processing, Inc.

A strategic approach to fraud

PayDollar. Merchant User Guide

WHITEPAPER. Complying with the Red Flag Rules and FACT Act Address Discrepancy Rules

Resource 3.9. A Guide to Online Payment Facilities

NATIONAL BANK s MasterCard SecureCode / Verified by VISA Service - Questions and Answers

BinBase.com REPORT: credit card fraud

CA Arcot RiskFort. Overview. Benefits

E-commerce Shopping Carts Digital Cert. Merchants

a CyberSource solution Merchant Payment Solutions

With the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful.

Managing the card not present fraud environment

Elavon Payment Gateway Integration Guide 3D Secure

Statement of. Mark Nelsen. Senior Vice President, Risk Products and Business Intelligence. Visa Inc. House Ways & Means Subcommittee.

VISA card holders can directly contact the account issuing bank about Verified by VISA to make your credit care even more secure.

Merchant Payment Solutions

Transcription:

Frictionless Experience with Verified by Visa Risk-based authentication case study

How a risk-based approach to Verified by Visa enables issuers to improve the cardholder experience, increase transaction volumes and reduce costs. Many issuers are changing the way they implement Verified by Visa. By evaluating transactions in realtime, and only seeking additonal cardholder authentication for the small proportion that appear to be risky, issuers can remove friction from the online checkout experience. Everyone benefits: the issuer, the retailer and the cardholder. And at the same time, issuer support costs plummet, and fraud losses remain reassuringly low.

About Verified by Visa Based on the 3D-Secure protocol, Verified by Visa is a way to bring additional security to online transactions. When a merchant supports Verified by Visa, the issuer intervenes in the online checkout process. Traditionally, issuers enrol cardholders in their Verified by Visa service. Then, whenever an online transaction is attempted at a merchant that supports Verified by Visa, cardholders are asked to authenticate themselves to the issuer using a passcode. For the issuer, this reduces fraud rates. Meanwhile, the merchant benefits from a liability shift, meaning they are protected from fraud losses. A majority of European e-commerce transactions are now protected by Verified by Visa. However, the cardholder experience has come under criticism and some merchants complain that Verified by Visa can have a negative impact on conversion rates. Consequently, Verified by Visa is evolving and one of the big breakthroughs is risk-based authentication.

What is risk-based authentication? With risk-based authentication, issuers can take a more selective or segmented approach to Verified by Visa. Instead of requiring all online transactions to be actively authenticated, irrespective of their characteristics, issuers can identify the small proportion that look in any way suspicious typically around 5% of the total.

So how does it work? With risk-based authentication, instantaneous checks are automatically run on online transactions. Depending on the vendor who is supplying the riskbased authentication solution used, these may include: Behavioural checks Does this cardholder typically transact online? Do they typically make this type of purchase? Do they typically transact in this currency? Device checks Is this the device typically used by this cardholder? Where is it located? 95% For low-risk transactions typically up to 95% of transactions the issuer can be confident that an authentic cardholder is conducting a genuine transaction, and no further checks are necessary. Merchant checks Does this fit the type of transaction expected from this merchant? Does this merchant typically generate a high proportion of fraudulent transactions? These checks are typically run within a self-learning risk engine. Consequently, as it is exposed to an ever-higher volume of transactions, the more accurate it becomes. Based on these assessments, the issuer determines how best to treat each transaction. 5% 0.2% For higher-risk transactions typically around 5% of transactions the issuer can invoke a step-up or active authentication method. For highest-risk transactions typically around 0.2% of transactions the issuer can deduce that the transaction is very likely to be fraudulent and decline it accordingly.

So how does it work? With such a small proportion of transactions deemed to be higher risk, the issuer can invoke a strong and appropriate authentication method. Depending on their own capabilities and the vendors they work with, this could include dynamic passwords, the type of challenge questions used in their existing online banking solutions, or one-time-passwords delivered via SMS text messages or push messages. Risk-based authentication solutions are available from a number of vendors. As hosted solutions, they can typically be integrated with an issuer s own IT architecture, and/ or they can work in parallel with the services provided by a third party processor. 85% Reduction 70% Reduction 5% of 0% increase 85% Fewer in checkout time when compared to previous 3DS solution in abandonment when compared to previous 3DS solution customers challenged with risk-based approach in fraud when compared to previous 3DS solution inbound calls relating to password resets

What are the benefits of risk-based authentication? Risk-based authentication offers tangible benefits to all parties: 1Issuers benefit The drop-out or abandonment rate of Verified by Visa transactions is significantly reduced which translates to higher transaction volumes, higher e-commerce revenues and more satisfied cardholders The volume of cardholder calls to issuer call centres for Verified by Visa password re-sets sees an even more significant reduction which translates to reduced costs The underlying fraud rate remains consistent for both active and risk-based authentication which means that fraud costs remain low Depending on the way the solution is implemented, there may be no need to enrol individual cardholders into Verified by Visa which, again, brings reduced costs

2Cardholders benefit The speed, simplicity and convenience of the checkout process is improved which translates to a better customer experience For higher risk transactions, step-up authentication is invoked which can bring a sense of reassurance to more cautious online shoppers 3 Merchants and acquirers benefit The drop-out or abandonment rate of Verified by Visa transactions is significantly reduced which translates to more transactions, higher conversion rates, increased sales and more satisfied customers The volume of customer support calls and enquiries is reduced which translates to reduced costs

The UK experience significant, tangible, quantifiable benefits In the UK, several issuers have been using risk-based authentication for a number of years, and the benefits they have experienced are detailed over the next two pages.

Commerce ransaction Real-time Risk Assessment (rare) 5% High Risk (minority) 95% Low Risk (majority) Mandatory Authentication Continue Purchase Abandon rate (%) 7 6 5 4 3 2 Abandonment and Fraud Rates Before risk-based VbV implemented After risk-based VbV implemented 70 60 50 40 30 20 Fraud rate (basis points) Call volume 5000 4000 3000 2000 1 10 1000 7 70 Abandon rate (%) 6 5 4 3 2 Before risk-based VbV implemented After risk-based VbV implemented 60 50 40 30 20 Fraud rate (basis points) Call volume 5000 4000 3000 2000 Fraud Rate Aban. Rate Reduced customer calls for password resets Before VbV im 1 10 1000 '+$,-./0-$102.345$678-$940$:-04;84/.<$=/8<-53.7345$ >?5$@4A/B-$ =C75"$678-$ 172A/0-$678-$$ Fraud Rate Aban. Rate *"!!#$ Before risk-based VbV implemented After risk-based VbV implemented Call Volume )"!!#$ ("!!#$ '"!!#$ Data supplied by CA Technologies and RSA 6000 5000

A better user experience Less friction with only 5% of transactions deemed to be higher risk, 95% of transactions now require no cardholder authentication Faster transactions Increased speed following the implementation, average transaction times reduced from 50 seconds to ten seconds Increased transaction volumes and e-commerce revenues Higher conversion rates following the implementation, abandonment dropped from over 4% to under 1% Cost savings Fewer customer calls following the implementation, customer requests for password resets tumbled by 85% Stable fraud levels Low losses despite the elimination of active authentication on 95% of transactions, e-commerce fraud levels remained reassuringly low

At Visa Europe, we can provide additional advice on how you could implement and benefit from risk based authentication.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information