3DSecure Transaction Code - 3DSecure allows transactions to be conducted in safety online, greatly reducing the risk of fraud and chargebacks. (Better to take a little extra time staying safe than to have a lot of time to grieve over loss!)
How to register with your card supplier
To find out more go to - http://www.3dsecurempi.com/3DSecureMPI/web/Home.htm#1
The Case for 3DSecure - 3DSecure allows a card holder to authenticate himself while making an online payment. It allows 3 domains to work elegantly together.
Domain 1: The card holder has the peace of mind that his card is not used without his authorization.
Domain 2: Merchants are protected from fraud and can provide the product and sevice without delay or extra costs.
Domain 3: Banks see that the transaction has been authenticated and are more likely to approve the transaction, to the convenience of the card holder.
Verified by Visa - 3DSecure by Visa is called Verified by Visa
Mastercard Secure Code - 3DSecure by MasterCard is called Secure Code
Amex SafeKey - 3DSecure by Amex is called SafeKey
How it works:
When a payment request arrives at the merchant or paymment gateway, the Merchant Plug in (MPI) component is activated. The MPI talks to Visa or MasterCard to check if the card is enrolled for 3DSecure. If the card is not enrolled, this means that either the bank that issued the card is not yet supporting 3Dsecure or it means that the card holder has not yet been registered for the service. If the card is enrolled, the MPI with redirect the card holder to the 3DSecure authentication web page for the issuing bank: the card holder will then identify himself. The MPI will evaluate the reply from the bank and if successful, allow the transaction to proceed for authorization. The transaction could still fail for lack of funds or other reasons but is more likely to be approved because of the authentication.
*Cardholder Authentication, creating the Paradigm Shift in USA and around the world!
In a traditional credit card transaction, a payment request is presented to the issuing bank for authorization. The issuing bank authorizes the trasaction based solely on the funds available to the card holder.
With card present, the magnetic strip on the card can be read and a signature collected. This process has now been largely superseded by Chip and PIN which gives the card holder the opportunity to identify himself via a secret PIN code.
An Ecommerce transaction is conducted online, without the possibility to access the card physically. Un-authorized usage and fraud are therefore more likely.
3DSecure allows transactions to be conducted in safety online, greatly reducing the risk of fraud and chargebacks.
The introduction of 3DSecure in the USA is still in it's infancy despite the fact that the technology is now over a decade old and the technology is widely used in Europe, Africa, Russia and Australia and even mandated in many countries. This situation is paralleled also with card present, where Chip & Pin is only now being introduced, even when the rest of the world has moved to Chip & Pin for many years.
A discrepancy between the U.S. and the rest of the world exists and is not without consequences. Any traveler to the U.S. will soon find all his Chip & Pin cards blocked when the issuer Bank back home detects non authenticated transactions. It's also a fact that many card number stolen around the world are likely to be used in the USA. Ecommerce also faces major problems with payments being rejected when 3DSecure is not detected. Major US companies get around these problems by setting up shop (and pay their taxes) in Europe and other countries but thousands of other business in the US simply loose out to their international competitors.
3DSecure requires the consent of the card holder before funds are taken; in most places around the world, it would be inconceivable that funds could be taken without consent. The ability, in the USA, for a merchant to take money at any time is called Friction Less Payments. Not to be confused with contact less payments - frictionless payments conjures up images of a pick pocket slipping out a wallet so smoothly, the owner never feels a thing!
3DSecure is exceptionally important in that it creates a framework for security and it is a distributed system of security, making it very resilient and very hard to compromise. Again and again massive cyber security breaches continue to happen in the U.S.A., causing untold havoc and financial damage; beyond the financial losses, these security breaches are a clear threat to national security. 3DSecure ensures that the information is not concentrated in one vulnerable target but distributed amongst the stake holders in the payment process - the banks, the merchants and the card holders.
Now what could be more American than the idea that citizens are empowered with control over their lives and especially their own security? Surely the time for 3DSecure is now and its natural home is the USA.