The best of both worlds: Security and User Experience

By Ali Raza, Head Business Development US Region

Globally e-commerce is booming. According to industry estimates digital commerce is projected to grow at a 20% CAGR to reach $5.8 trillion by 2022.  At the same time fraud losses are mounting. According to Juniper Research, global online fraud losses from e-commerce and various online commerce and banking services is expected to increase from $22 billion in 2018 to $48 billion in 2023.

This sets up a massive challenge for the industry – as consumers grow accustomed to a mobile and digital-first payments world they also need a secure ecosystem of merchants and providers, and minimal inconvenience and friction.  The same can be said for merchants – they want better security but not at the cost of a poor customer experience.  In essence no one wants to tradeoff security, convenience, and a great user experience.

This is where 3D Secure 2.0 comes in. Introduced to address ‘card-not-present’ (CNP) transactions in a world where online and mobile payments are increasingly more important, this new security specification and standard improves cardholder authentication and satisfaction and helps merchants grow sales and revenue.

Broadly speaking, 3D Secure 2.0 is an additional security layer that facilitates the exchange of 150+ data elements between the merchant and card issuer for more robust authentication, better digital security, and more complete transactions.

At FSS, we have optimized the balance between security and user experience. FSS Secure3D is a secure real-time risk-based authentication solution built on EMVCo 3DS 2.0 specifications. Using a combination of location, merchant, transactional and device related attributes, it examines rich data streams exchanged between merchants and card issuers to risk-score transactions and authenticate and validate cardholder identity.

For high risk transactions, FSS Secure3D dynamically provisions additional verification checks such as biometric-based identification or a one-time passcode. This renders 100% challenge rates obsolete, enabling issuers and merchants to strike the right balance between security and customer convenience. A select list of high-risk scenarios supported are:

• Implausible travel velocity (a user logs in from New York, within 10 minutes of logging in from Mumbai, India) Repeated log in attempts by same device at multiple sites within a brief time span
• A mismatch between the user’s home and the shipping addresses
• Merchant risk score based on business category, transaction patterns, chargeback volumes, and refund history
• Transactions originating from high-risk countries – and from cancelled cards
• Suspicious combinations of computer locale settings (e.g., a browser’s locale set to the US with the OS locale set to an Asian country and a device’s IP address physically located in Latin America)

Across Europe, Africa, Middle East, and Asia, FSS Secure3D As-a-Service offering has enabled banks, card issuers, merchants, and processors to efficiently address security, risk-assessment, interchange and regulatory compliance, and reporting. Card issuers and merchants can accurately detect fraud patterns and make better informed authentication decisions without inconveniencing cardholders.

3D Secure 2.0 is a win-win offering for the industry. Card issuers can make smarter decisions through risk-based authentication using contextual transaction data and the merchant’s and cardholder’s risk profiles. Ultimately this leads to more complete digital commerce transactions, more satisfied cardholders, higher merchant sales, and lower fraud losses.