How Data Impacts 3-D Secure and the Payment Eco-System

Slides:



Advertisements
Similar presentations
Zenith Visa Web Acquiring A quick over view. Web Acquiring Allows merchants to receive payments for goods and services through the Internet Allows customers.
Advertisements

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Electronic Transaction Security (E-Commerce)
Verified by Visa and MasterCard SecureCode – or, How Not to Design Authentication Steven Murdoch and Ross Anderson Cambridge.
Geneva, Switzerland, 4 December 2014 Evolving Payments into The Digital World Richard Smith, Vice President, MasterCard Customer Fraud Management
Copyright © 2015 Criteo State of Mobile Commerce Apps and cross-device lead mobile business Q
Electronic Payment Systems
Confidential – For Discussion & General Information Purposes Only EMV to Card Not Present Fraud Gavin Levin, CTP eReceivables Consultant.
The Digital Agenda for Payment Services
PSD2 and W3C Impact for account and payment processing.
/RestaurantDotOrg /NationalRestaurantAssociation Restaurant.org.
Managing Risk and Growing Sales 24 th March 2016 Chris Lomax, Senior Director, EMEA Solutions Management.
Commercial Card Expense Reporting (CCER) The Trustees of Roanoke College An internet solution Accessed via Wells Fargo’s secure Commercial Electronic Office.
Measuring and Increasing Profit
Mastercard® Automatic Billing Updater
SAM Baseline Review Engagement
Making card acceptance work for you
Mastercard Identity Check Mobile
Business for Health Business Skills for Private Medical Practices
Multichannel Retailing
The Payment Processing System
Mobile trends in the gaming industry
A catalyst for mobile contactless payments adoption?
Make This Document Your Own
Conversion Optimizations Before the Holidays
Decrypting Tokenization What is it and why is it important?
Regular Payments First and Subsequent Payments
Best Practices in Utility Billing and Payments
Fraud Prevention Solutions Make it secure, keep it simple!
3-D Secure 2.0 What Merchants Need to Know
Consider cards over cash
How to Work Through the PTE Form with Your Client
Consider cards over cash
Making card acceptance work for you
EMV® 3-D Secure - High Level Overview
How Smart Networks are Changing Corporate Networks
The Payment Services Directive 2 (PSD2)
Speaker’s Name, SAP Month 00, 2017
E-COMMERCE Learning Unit 8: Electronic Commerce Strategy
Create Your Own Cryptocurrency Exchange – Know These Benefits.
Microsoft 365 Business Customer Targeting 2/6/18
FinTech
The Payment Processing System
SOCIAL MEDIA MARKETING
October 27, 2016 EMV 3DS Seizing the opportunity to enhance security and deliver a great consumer experience September 22, 2018.
Top Emerging E-commerce Magento trends. The progress of E-commerce industry is changing year by year, this evolution has made super easy for the online.
Chapter 9 e-Commerce Systems McGraw-Hill/Irwin
Consider cards over cash
The Evolution of Money and Biometrics
11/19/2018 4:38 AM Microsoft 365 Business Customer Targeting Janine Brittain - EXEED 2/6/18 © Microsoft Corporation. All rights reserved. MICROSOFT.
Your gateway to cloud innovation
Third-party Payment options, PayPal Implementation
Best Practices in Utility Billing and Payments
TruRating: Mass Point-of-Payment Customer Rating System Uses the Power of Microsoft Azure to Store and Analyze Millions of Ratings for Business Owners.
Chip & Pin and Apple Pay: Vulnerabilities of the Changing Payment Systems Jay Isaacson.
Bricks and Mortar analytics
DieboldNixdorf.com Tokenization Roman Cinkais |
Introduction to e-Business Chapter 1
INTEGRATED PAYMENT PROCESSING 101
Mastercard® Automatic Billing Updater
Online Payment Options for Government
Operator Based Authentication
ACH to Credit Card Conversions A Merchants Perspective
How to Approach Subscription Payments
The Regulatory Ripple Effect – GDPR & Beyond
Your source for payments education
Leveraging Analytics to Maximize Updater Efficiency
Increasing approval rates in the digital world
It Runs In The Family Fraud
Presentation transcript:

How Data Impacts 3-D Secure and the Payment Eco-System Your source for payments education How Data Impacts 3-D Secure and the Payment Eco-System Maggie Bodak, Director, Business Strategy & Operations- Global Product, CardinalCommerce Arby Melikian, Director, Solutions Engineering, BlueSnap Cory Siddens, Sr. Director, Risk Solutions, Product Management, CyberSource Lauren Rossi, Product Management, Director, Visa

Key Takeaways Why Authentication Matters Why EMV® 3-D Secure How data can have a positive impact How the eco-system works together

Why Authentication Matters Improving the Shopper Journey Authentication matters more today than ever. It’s all about an improved shopper’s experience.

When false declines happen, everyone loses. When we think about authentication, the first thought is often reducing fraud. But, lately we hear a lot about false-declines. What exactly are false-declines and how do they impact CNP sales? Can’t the shopper just use another card? In this scenario everybody loses… The merchants may not sell their products and services The issuers’ payment cards may not be used to buy the products and services The consumer gets hassled trying to make a legitimate purchase and either has to use another card or shops elsewhere -------------------------------------------------- Shoppers want to shop, whenever and wherever they want without any friction. We’ve all been there, and there’s nothing worse than having funds available, and getting a decline for no apparent reason. When a false decline happens, the shopper often follows one of two paths- both of which introduce friction The shopper can select another card to complete the purchase. They might decide to purchase elsewhere with a different merchant. Regardless, many stakeholders can lose with either scenario- Merchant could lose the shopper, the issuer could lose status as preferred payment choice and the card network could lose the cardholder’s future purchases if the preferred payment method is switched to a new network! I will let my colleagues provide additional insight from their perspective and experience.

+3.2% 67% 26% The impact of tokenization is clear Average Authorization rate lift1 67% Average Fraud count reduction2 26% Average Fraud PV($) reduction2 Support for Cory’s response. Already approved by legal per Chantell Ferrin Authorization approval rate lift for Card Not Present transactions processed as a Token vs. as Non-Tokenized credential. 3.2% average lift (3.2 percentage point increase) across sample of top U.S. merchants accepting Token transactions. Lift calculated by averaging auth rate improvement seen across samples of top merchants accepting Token transactions via third party Token Requestors with lifts seen by merchants acting as own Token Requestor. (In total, sample included 22 merchants across 6 different Token Requestors.) Source: VisaNet, Jan-March 2019, Brand: Visa. US-Issued Cards at US Merchants. Transactions deduped and controlled to credentials linked to a provisioned Token and Token auth attempted. Auths excluding Condition Code 51. Auth rate defined as approved count of unique transaction authorizations, divided by total unique transaction auths attempts. Auth rate includes first attempt, as well as subsequent retries on same credential type. Fraud Rate Reduction: Source: VisaNet, Jan-Dec’18, U.S. Issued Cards at all U.S. merchants, Gross Fraud only. Fraud reduction for Card Not Present transactions processed via Token vs. PAN. Fraud reduction calculated across all Token Requestors. Weights for PV($) and Tran Count(#) for TRs was adjusted in accordance with Visa’s data confidentiality obligations by reducing weight of any TR contributing to more than 50% weight (if any) to 50% and then distributing remaining weight (50%) into other TRs based on their original relative weights. Note - Authorization and Fraud rate improvement can vary from merchant to merchant due to a variety of factors (including merchant’s existing performance, merchant’s usage of other tools etc.), which could result in a merchant’s auth or fraud benefit being higher or lower than average from this sample.

EMV 3-D Secure delivers rich data sets for better decision-making. Moderator: So, how is EMV 3DS different and why is it needed? Lauren, can you tell us from a Network perspective?   Lauren response: (respond and then turn over to Maggie for MPI and ACS viewpoint) Maggie: talking points – building upon Lauren’s response (all bulleted below if needed): There are what I refer to as 4 main buckets that are different. First, is the Shopper/Consumer Experience – this is reducing friction that previously existed with 1.0. The networks have taken a stance and ACS solutions have adopted even before EMV 3DS – by eliminating static passwords, activation during shopping and issuers shifting to RBA about 4 years ago, and this offers shoppers a better experience that can be practically seamless in unregulated markets. In addition, more US banks have shifted to a risk-based model with authentication and only a small percentage of transactions (the highest risk) are asked to step-up with a challenge. The second bucket is Device Friendly – whether it’s a browser, through a merchant mobile app, to future and ongoing development in the IoT realm – authentication should be delivered seamlessly and contained in the same experience the shopper is used to. The third, is Regulation friendly – there are many areas around the globe that require 2FA, or 3DS to perform an online transaction and we’re seeing a major introduction with PSD2 SCA in Europe. But the most important, which we’re focusing on today is Data, data data. These data elements, from the merchant’s website, to the device they are using, to previous merchant authentication and also shopper/merchant account history is visibility an issuer has been dying to see. (Cory can add to that from a Gateway/fraud provider) Cory: response – EMV supports multiple device channels including mobile – larger set of transactions that can be authenticated to provide additional data to the fraud tool. Segway to Arby’s input and how the changes have impacted their merchant base

Authentication happens first in a collaborative process that benefits everyone. Moderator: We hear a lot of all the data exchanged with EMV 3DS. How much data are we talking about and does it really make a difference? Let’s start with Maggie- Maggie, are there more requirements when a merchant is integrating EMV 3DS for the first time or upgrading from 1.0?   Maggie: That can depend on your 3DS Server (formerly MPI) and the implementation solutions offered. First, your provider should support both protocols through this migration effort that’s going on, so you can maximize authentication support. Your provider should also seamlessly route transactions for you, based on compatibly, and market readiness. EMV 3DS not only supports 130+ different data elements that are either required, conditional or optional, but it has other concepts as well. This can include the ability to run javascript on your website, or to collect device data that you (as a merchant) may not store or be able to access. But, your provider should ease some of this pain and complication for you through their solution. If you have 1.0 today, ask for a gap analysis on what it takes to get you where you need to be, so you can prioritize development efforts. The data identified by EMVCo and their participants like Visa and Cardinal, are important to the ecosystem and will aid in creating a better, frictionless, online buying experience for the shopper. The more a merchant can collect and is willing to provide – the better. The data identified however, leads us into new concepts like Data Only solutions provided at a network level. Data only, would be for merchants who have got their fraud handled. (and I mean by low bps) It uses a subset of EMV 3DS fields that go to the directory server for scoring. Though authentication is not being performed, and fraud liability shift would not be afforded – data only can help provide the necessary elements a network or an issuer needs to gain a better chance for approvals – helping the false decline barrier that exists. (Cory- are there additional points you would like to add?) Maggie covered well, Cory may talk about how the integration is more complex and the end result is worth it because more transactions are passively authenticated. Arby: (From a merchant perspective, is the revised protocol changed enough for broader merchant adoption?) suggested: absolutely! The elimination of static passwords, activation during shopping and the ability to authenticate a customer from any device are tremendous improvements that now becomes a valuable asset for merchant to remove friction from online purchase making the customer experience much better. Merchants who’s transactions heavily originate from in-app purchases, now have the added ability to authenticate, or support a data-only solution to add to their suite of fraud tools. This is huge as we see remote purchases continue to grow, and in the future as purchasing from devices such as gaming consoles, wearables and voice activated devices are becoming more popular due to convenience and ease of purchase. EMV 3DS is an important advancement in an effort to accelerate digital commerce with fast, secure authentication. Authentication happens before Authorization in a collaborative process between the merchant and the issuer. Authentication verifies the cardholder’s identity. Authentication with EMV 3DS complements authorization to strengthen issuer confidence with approving transactions. EMV 3DS also supports network level data only solutions, in the event you are not adverse to fraud. A merchant could use a portion of the data rich set to strengthen the issuer’s confidence with authorization.

Authentication is an integral part of your process 3DS doesn’t replace fraud tools; it complements them. This layered approach helps decrease fraud while increasing approvals 3DS MPI Moderator: So, does this mean that merchants can use this as their only fraud solution?   CYBS: Not at all. It works in conjunction with your fraud screening. The additional level of confidence that the authentication can provide might be used to reduce manual review. EMV 3DS is an added layer to mitigate fraud. With the improvements to the protocol and all the potential merchant benefits (decreased fraud, decreased false-declines and increased authorizations) EMV 3DS should be an integral part of a merchant’s overall fraud strategy that works with other tools and solutions. (Arby: any color to add to Cory’s response?) (Lauren: - Can you explain how authentication is becoming more a more integral part of payment processing?) Maggie: (answer only based on if there’s more after Lauren)

3-D Secure helps improve the ecosystem as a whole Questions?

Thank you Don’t forget to submit your session evaluation! Maggie Bodak, Director, Business Strategy & Operations- Global Product, CardinalCommerce Arby Melikian, Director, Solutions Engineering, BlueSnap Cory Siddens, Sr. Director, Risk Solutions, Product Management, CyberSource Lauren Rossi, Product Management, Director, Visa