Download presentation
Presentation is loading. Please wait.
1
How Data Impacts 3-D Secure and the Payment Eco-System
Your source for payments education How Data Impacts 3-D Secure and the Payment Eco-System Maggie Bodak, Director, Business Strategy & Operations- Global Product, CardinalCommerce Arby Melikian, Director, Solutions Engineering, BlueSnap Cory Siddens, Sr. Director, Risk Solutions, Product Management, CyberSource Lauren Rossi, Product Management, Director, Visa
2
Key Takeaways Why Authentication Matters Why EMV® 3-D Secure
How data can have a positive impact How the eco-system works together
3
Why Authentication Matters
Improving the Shopper Journey Authentication matters more today than ever. It’s all about an improved shopper’s experience.
4
When false declines happen, everyone loses.
When we think about authentication, the first thought is often reducing fraud. But, lately we hear a lot about false-declines. What exactly are false-declines and how do they impact CNP sales? Can’t the shopper just use another card? In this scenario everybody loses… The merchants may not sell their products and services The issuers’ payment cards may not be used to buy the products and services The consumer gets hassled trying to make a legitimate purchase and either has to use another card or shops elsewhere Shoppers want to shop, whenever and wherever they want without any friction. We’ve all been there, and there’s nothing worse than having funds available, and getting a decline for no apparent reason. When a false decline happens, the shopper often follows one of two paths- both of which introduce friction The shopper can select another card to complete the purchase. They might decide to purchase elsewhere with a different merchant. Regardless, many stakeholders can lose with either scenario- Merchant could lose the shopper, the issuer could lose status as preferred payment choice and the card network could lose the cardholder’s future purchases if the preferred payment method is switched to a new network! I will let my colleagues provide additional insight from their perspective and experience.
5
+3.2% 67% 26% The impact of tokenization is clear
Average Authorization rate lift1 67% Average Fraud count reduction2 26% Average Fraud PV($) reduction2 Support for Cory’s response. Already approved by legal per Chantell Ferrin Authorization approval rate lift for Card Not Present transactions processed as a Token vs. as Non-Tokenized credential. 3.2% average lift (3.2 percentage point increase) across sample of top U.S. merchants accepting Token transactions. Lift calculated by averaging auth rate improvement seen across samples of top merchants accepting Token transactions via third party Token Requestors with lifts seen by merchants acting as own Token Requestor. (In total, sample included 22 merchants across 6 different Token Requestors.) Source: VisaNet, Jan-March 2019, Brand: Visa. US-Issued Cards at US Merchants. Transactions deduped and controlled to credentials linked to a provisioned Token and Token auth attempted. Auths excluding Condition Code 51. Auth rate defined as approved count of unique transaction authorizations, divided by total unique transaction auths attempts. Auth rate includes first attempt, as well as subsequent retries on same credential type. Fraud Rate Reduction: Source: VisaNet, Jan-Dec’18, U.S. Issued Cards at all U.S. merchants, Gross Fraud only. Fraud reduction for Card Not Present transactions processed via Token vs. PAN. Fraud reduction calculated across all Token Requestors. Weights for PV($) and Tran Count(#) for TRs was adjusted in accordance with Visa’s data confidentiality obligations by reducing weight of any TR contributing to more than 50% weight (if any) to 50% and then distributing remaining weight (50%) into other TRs based on their original relative weights. Note - Authorization and Fraud rate improvement can vary from merchant to merchant due to a variety of factors (including merchant’s existing performance, merchant’s usage of other tools etc.), which could result in a merchant’s auth or fraud benefit being higher or lower than average from this sample.
6
EMV 3-D Secure delivers rich data sets for better decision-making.
Moderator: So, how is EMV 3DS different and why is it needed? Lauren, can you tell us from a Network perspective? Lauren response: (respond and then turn over to Maggie for MPI and ACS viewpoint) Maggie: talking points – building upon Lauren’s response (all bulleted below if needed): There are what I refer to as 4 main buckets that are different. First, is the Shopper/Consumer Experience – this is reducing friction that previously existed with The networks have taken a stance and ACS solutions have adopted even before EMV 3DS – by eliminating static passwords, activation during shopping and issuers shifting to RBA about 4 years ago, and this offers shoppers a better experience that can be practically seamless in unregulated markets. In addition, more US banks have shifted to a risk-based model with authentication and only a small percentage of transactions (the highest risk) are asked to step-up with a challenge. The second bucket is Device Friendly – whether it’s a browser, through a merchant mobile app, to future and ongoing development in the IoT realm – authentication should be delivered seamlessly and contained in the same experience the shopper is used to. The third, is Regulation friendly – there are many areas around the globe that require 2FA, or 3DS to perform an online transaction and we’re seeing a major introduction with PSD2 SCA in Europe. But the most important, which we’re focusing on today is Data, data data. These data elements, from the merchant’s website, to the device they are using, to previous merchant authentication and also shopper/merchant account history is visibility an issuer has been dying to see. (Cory can add to that from a Gateway/fraud provider) Cory: response – EMV supports multiple device channels including mobile – larger set of transactions that can be authenticated to provide additional data to the fraud tool. Segway to Arby’s input and how the changes have impacted their merchant base
7
Authentication happens first in a collaborative process that benefits everyone.
Moderator: We hear a lot of all the data exchanged with EMV 3DS. How much data are we talking about and does it really make a difference? Let’s start with Maggie- Maggie, are there more requirements when a merchant is integrating EMV 3DS for the first time or upgrading from 1.0? Maggie: That can depend on your 3DS Server (formerly MPI) and the implementation solutions offered. First, your provider should support both protocols through this migration effort that’s going on, so you can maximize authentication support. Your provider should also seamlessly route transactions for you, based on compatibly, and market readiness. EMV 3DS not only supports 130+ different data elements that are either required, conditional or optional, but it has other concepts as well. This can include the ability to run javascript on your website, or to collect device data that you (as a merchant) may not store or be able to access. But, your provider should ease some of this pain and complication for you through their solution. If you have 1.0 today, ask for a gap analysis on what it takes to get you where you need to be, so you can prioritize development efforts. The data identified by EMVCo and their participants like Visa and Cardinal, are important to the ecosystem and will aid in creating a better, frictionless, online buying experience for the shopper. The more a merchant can collect and is willing to provide – the better. The data identified however, leads us into new concepts like Data Only solutions provided at a network level. Data only, would be for merchants who have got their fraud handled. (and I mean by low bps) It uses a subset of EMV 3DS fields that go to the directory server for scoring. Though authentication is not being performed, and fraud liability shift would not be afforded – data only can help provide the necessary elements a network or an issuer needs to gain a better chance for approvals – helping the false decline barrier that exists. (Cory- are there additional points you would like to add?) Maggie covered well, Cory may talk about how the integration is more complex and the end result is worth it because more transactions are passively authenticated. Arby: (From a merchant perspective, is the revised protocol changed enough for broader merchant adoption?) suggested: absolutely! The elimination of static passwords, activation during shopping and the ability to authenticate a customer from any device are tremendous improvements that now becomes a valuable asset for merchant to remove friction from online purchase making the customer experience much better. Merchants who’s transactions heavily originate from in-app purchases, now have the added ability to authenticate, or support a data-only solution to add to their suite of fraud tools. This is huge as we see remote purchases continue to grow, and in the future as purchasing from devices such as gaming consoles, wearables and voice activated devices are becoming more popular due to convenience and ease of purchase. EMV 3DS is an important advancement in an effort to accelerate digital commerce with fast, secure authentication. Authentication happens before Authorization in a collaborative process between the merchant and the issuer. Authentication verifies the cardholder’s identity. Authentication with EMV 3DS complements authorization to strengthen issuer confidence with approving transactions. EMV 3DS also supports network level data only solutions, in the event you are not adverse to fraud. A merchant could use a portion of the data rich set to strengthen the issuer’s confidence with authorization.
8
Authentication is an integral part of your process
3DS doesn’t replace fraud tools; it complements them. This layered approach helps decrease fraud while increasing approvals 3DS MPI Moderator: So, does this mean that merchants can use this as their only fraud solution? CYBS: Not at all. It works in conjunction with your fraud screening. The additional level of confidence that the authentication can provide might be used to reduce manual review. EMV 3DS is an added layer to mitigate fraud. With the improvements to the protocol and all the potential merchant benefits (decreased fraud, decreased false-declines and increased authorizations) EMV 3DS should be an integral part of a merchant’s overall fraud strategy that works with other tools and solutions. (Arby: any color to add to Cory’s response?) (Lauren: - Can you explain how authentication is becoming more a more integral part of payment processing?) Maggie: (answer only based on if there’s more after Lauren)
9
3-D Secure helps improve the ecosystem as a whole
Questions?
10
Thank you Don’t forget to submit your session evaluation!
Maggie Bodak, Director, Business Strategy & Operations- Global Product, CardinalCommerce Arby Melikian, Director, Solutions Engineering, BlueSnap Cory Siddens, Sr. Director, Risk Solutions, Product Management, CyberSource Lauren Rossi, Product Management, Director, Visa
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.