EMV® 3DS – paving the way for seamless authentication

EMV® 3DS – paving the way for seamless authentication

Jean Fang

Product Manager at FIME

Views 486

EMV® 3DS – paving the way for seamless authentication

11.02.2020 10:45 am

The growth of e-commerce, m-commerce and remote commerce transactions is showing no signs of slowing down. In 2021, over 2.14 billion people worldwide are expected to buy goods and services online, up from 1.32 billion in 2014. The growth of card-not-present (CNP) transactions has driven a new age of consumer convenience but in parallel, a new age of fraud.

As EMV®* chip card adoption gathers momentum, with 76.7% of card-present transactions being EMV, fraudsters are looking for an easier way in. And the stats speak for themselves – digital fraud rates now account for 60-70% of all card fraud in many developed countries. In fact, it was even estimated that the gains made from savings in card-present fraud were eclipsed in 2018 by the losses from CNP fraud. This is not only affecting approval rates but also all-important consumer trust. So, what can be done? EMV 3-D Secure – EMV 3DS for short – is one solution that’s leading the way in the CNP ‘catch up’.

What is EMV 3-D Secure?

EMV 3DS is a messaging protocol used to identify and verify cardholders for CNP transactions. The specification improves communication between the issuing bank, the acquirer and the merchant. By doing more work ‘in the background’, it’s able to streamline the user experience, improve approval rates and reduce fraud. These features allow it to offer a frictionless online authentication solution.

The first version of the messaging protocol was initiated by Visa and was quickly followed by other international payment schemes. This was a fragmented and complex solution for the industry, however. Now, industry body EMVCo has taken ownership and is managing the evolution of the specifications.

What’s new?

The latest version of the EMV 3DS specifications includes new features to address the pain points of the old protocol. These improvements aim to deliver consumers a much smoother experience and keep transactions safe from new techniques employed by fraudsters. Let’s take a look at the new features and how they can improve the digital retail experience.

More authentication options

One of the new features set to enhance the consumer experience is the support for biometric technology that consumers have gained access to recently. Many shoppers are now familiar with a variety of biometric authentication methods, such as facial and fingerprint recognition. For some it is still a novelty to pay using your face, but this doesn’t mean it’s not a priority; it’s predicted that we’ll see nearly 90% of businesses using it by 2020.

The act of replacing ineffective static passwords with more complex authenticators is much more secure and user-friendly. Implementing support for these methods of authentication can help merchants with their aims to reduce cart abandonment. 28% of U.S. online shoppers have previously admitted to quitting orders due to checkout processes being too long or complicated and 17% said that they have abandoned checkout because they didn’t trust the website with their credit card information. Therefore, striking the right balance between convenience and security is fundamental.

More choice

The increase of choice isn’t just limited to more authentication options than before. Another new feature of the latest version of EMV 3DS enables both customers and merchants to have greater input. Customers will be able to ‘whitelist’ merchants with their issuer when setting up, say, a recurring purchase. This lets banks know a full review is not required, reduces customer prompts and can help support banks in risk ‘scoring’ merchants.

By feeding more data elements collected from the shoppers to the issuers, merchants can further improve the frictionless transaction experience. This increase of choice for customers, merchants and issuers benefits all parties, as it gives customers an easier experience and provides valuable customer data that can be used to inform the development of new services.

Non-payment categories

Another feature that has been added to the latest version of EMV 3DS is the support for new use cases, including identification and verification applications, as well as payments. While these use cases are still being explored and defined, they could include features such as being able to add a new payment card to a mobile wallet and open a new account online. And it’s not just consumer use-cases that are being explored. In the future, EMV 3DS could even be used by governments to authenticate citizens.

Alignment with new regulation

Simplifying alignment with regulatory requirements is another major bonus of EMV 3DS, especially with an increasing number of countries mandating multifactor authentication in CNP environments. Take Europe’s PSD2 and the strong customer authentication (SCA) mandates, for example. Implementing EMV 3DS offers banks an opportunity to utilize the same infrastructure to process SCA as well as EMV 3DS transactions. With more data included in the message requests, indications such as whether Acquirer SCA or a transactional risk analysis (TRA) have already been performed, or if a customer utilized a FIDO authenticator, can simplify the authentication process.

Next steps to implementation

Wherever in the online payments chain you sit, EMV 3DS is a compelling authentication solution fit for the omnichannel age, especially now it includes these new elements. But, as with any major system upgrade, implementation does not come without its challenges and testing requirements.

Before embarking on an EMV 3DS project – whether an entirely new system or upgrading a legacy system – there are three key stages of testing to consider: functional, security and integration with payment schemes.

Understanding what scope of testing falls to each stakeholder and navigating the three stages quickly and cost-effectively can be a challenge. And it’s here where support from a reliable testing and consulting expert on EMV 3DS can be invaluable.

Latest blogs

Shuvo G. Roy Mphasis

Reboot 1.0: How financial services technology can enable the supply chain to support a post-lockdown boom

Ground control and Captain Tom When veteran Captain Tom Moore decided to walk one hundred laps of his garden before his 100th birthday to raise funds to support NHS heroes battling Covid-19 from the frontline, he never imagined that he would Read more »

Lisa Gutu Salt Edge

Building a PSD2 compliant channel: challenges and opportunities for financial institutions

PSD2 obliges ASPSPs including banks, e-wallets, prepaid cards and other companies that offer payment accounts to provide at least one channel for secure communication with third party providers (TPP). Even neobanks or e-money institutions, including Read more »

Thomas Pintelon Capilever

Credit origination - A lot of innovation on the horizon

While consumer credits are becoming more automated and user-friendly to request, all other credits are often still very manual and labor intensive to originate. In this (relatively long) blog I will try to give a description of the (potentially Read more »

Kelly Kearsley Hourly.io

Time Card Theft is a Big Problem. Here's How to Stop It.

Trust is at the core of every employer-employee relationship. You trust your people to do their jobs, and they trust you to compensate them for their work. Most of the time, it works. However, there's always the person looking to bend the rules or Read more »

Daria Afanasyeva UTP Merchant Services Ltd

Cybersecurity – Online payments are getting more secure

Ever since we've been able to buy anything we need with just a click of a button on our laptops or phones, online sales have been consistently increasing each year. Just last year, the total value of UK retail sales was £394 billion, with an average Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel