Increased use of data, biometrics in 3D Secure v2 praised by Regula, Entersekt
With the deadline for upgrading to 3D Secure 2.0 passed, merchants can now offer a better user experience for payment processing with biometrics for step-up authentication replacing constant one-time passwords, Regula writes in a commentary sent to Biometric Update.
EMV 3D Secure version 1 was deprecated on October 15, 2022, and replaced by the 3DS 2.0, which complies with the Strong Customer Authentication (SCA) requirement of the EU’s Payment Services Directive 2 (PSD2).
Regula explains that the new protocol also provides a higher level of security by allowing merchants to transmit 10 times as many data elements to the cardholder’s bank with each transaction. Information about shipping address, the customer’s device ID, and previous transaction history can provide improved security while skipping the OTP step.
In the case of a discrepancy or unmet confidence threshold, the transaction can be authenticated with a password or biometric verification through a banking app.
“Online identity verification is now a crucial and indispensable part of most online transactions, and the global volume of online transactions continues to rapidly grow,” says Regula Executive VP of Identity Verification Solutions Henry Patishman. “The success of online identity verification is typically a balance between fraud prevention and user experience and relies on the intersection of document authentication and biometrics expertise. The more we know about the documents – the more countries we cover, the more document varieties we have, the more checks we run to detect compromised documents – the better we identify potential issues.”
Businesses catching up
As of late-September, nearly one in three local transactions in South Africa was being carried out through 3D Secure version 1, Entersekt Product Manager for Payments Jonathan van der Merwe writes for TechCentral.
This is despite ecommerce fraud and card-not-present transactions accounting for 80 percent of credit card fraud and 53 percent of fraudulent debit card transactions.
Transactions using the sunsetting protocol were decreasing by 5 to 7 percent each month, suggesting that some have been left behind as the update was implemented.
Van der Merwe writes that 3D Secure version 2.2 provides not only better security, but an improved user experience, echoing Regula’s comments.