image description

3D Secure

Securing your internet business from card fraud

30% of all payment card transactions on cards issued in Ireland are now carried out via the internet. This growing trend continues while consumers become more and more familiar with shopping on the Internet.

  • Unfortunately as ecommerce activity increases, so also does the associated fraud risk. Card Not Present (CNP) fraud is now the biggest fraud in payments in Europe. In Ireland during 2015, over 60% of all fraud was on debit card and over 80% of all fraud on credit card occurred due to card information being compromised in a card not present environment (online, phone or mail order).
  • Shops and retailers face unique challenges when accepting cards for payment in the growing ecommerce environment.  Unlike face-to-face sales there is no opportunity to obtain a PIN or a signature at the time of the transaction and as such ecommerce merchants are required to put measures into place to ensure that the customer using a payment card is the bona fide cardholder. This is required in the event that a cardholder claims to have fraud on their account and the shop needs to prove otherwise by showing that they authenticated the customer.

What is 3D Secure?

3D Secure is a tool developed by Visa (Verified by Visa) and MasterCard (SecureCode) to provide ecommerce merchants with greater security for their payment card transactions when the cardholder is not present in person. With 3D Secure, the card issuer authenticates the cardholder online and thus protects Internet retailers against fraud-related chargebacks. Where fraud occurs, if an Internet shop is registered for 3D Secure at the time of the transaction, the card issuer is liable for the fraud and not the merchant.

To facilitate your use of ‘Verified by Visa’ and ‘MasterCard SecureCode’ talk to your card payment processor or acquiring bank.

3D Secure is launched through your shop website and interacts with both the cardholder and their card issuer. When your customers are checking out, a window appears asking them to enter a unique, personal code that has been registered with their bank or card issuer. The bank then authenticates the cardholder and provides the shop with evidence of the online purchase.

Do I need 3D Secure for my Internet business?

If you accept card payments online via the internet then you can benefit from 3D Secure.  It is a tool used to protect your ecommerce business from unauthorised purchases and from costly fraud-related chargebacks. It also provides your customers with comfort when making their online purchases.

More than 65% of all chargebacks relating to ecommerce sales are due to cardholders claiming they don’t recognise a transaction on their payment card statement or bank account or the customer simply denies authorising a given sale. 3D Secure protects shops from these types of chargebacks, even when the cardholder is not themselves enrolled in 3D Secure.

In addition, research shows that consumers are more likely to shop at your website and may potentially spend more when 3D Secure is included as part of the sale process.

What is the benefit of using 3D Secure on my website?

With 3D Secure the benefits to your business are as follows:

  • You are protected against fraud-related chargebacks
  • Consumer confidence in your shop or products is increased
  • 3D Secure provides more secure access to a wider market so accepting cards from abroad is made safer

Is 3D Secure easy for online shoppers to use?

Yes. It is quite straight forward. Customers, when checking out on your site, see a pop up screen from their card issuer in which they are prompted to fill in pre-registered security details. First time users of 3D Secure fill in specific details which authenticate them as the actual cardholder. The card issuers are responsible for validating and safekeeping the security information used by the cardholders here.

How to get 3D Secure into your business

In the first instance you should talk to your payment card processor (acquirer). They will confirm your next steps which will include:

  • Installation of a compliant plug-in application on your site
  • A test run between your site and the card schemes MasterCard and Visa
  • Inclusion of the 3D Secure logos on your site, to let your customers know that you are working to secure their internet shopping experience
  • Facilitating the transmission of transaction authentication values to card issuers via your normal authorisation process using the universal Cardholder Authentication Value (UCAF / CAVV).