It’s a quiet dinner in New York City between the President and First Lady. When he attempts to use his credit card to pay for dinner, he finds that his card was denied after suspicion of fraud due to inactivity. It turned out that since the President hadn’t used his credit card in a while, the credit card company flagged the dinner as a fraudulent transaction according to an article on CNN. This is an example of a fraud screening practice that IS NOT sensitized to the consumer experience.
Next on the scene, the President issued the Buy Secure Executive Order and asked the National Security Council, the Office of Science and Technology and the Office of Management and Budget to investigate.
Over the next 90 days, these committees will begin investigative research projects with organizations in the eCommerce space to determine solutions around effective means of authentication in the card-not-present (CNP) marketplace. We will also see some of the big players in the industry like Visa, MasterCard, and American Express provide opinions on EMV, authentication, and their roles within all sales channels.
What is EMV and why should I care if I sell products online?
I’m sure you have heard that “EMV is coming” but why is it important for Card-Not-Present transactions? EMV microchips will virtually eliminate Point-of-Sale (POS) fraud; it will make it almost impossible to steal credit cards and use them in person.
So if fraudsters can’t steal card numbers and counterfeit them, how are they going to commit fraud? The answer is simple: they’ll go online. We’ve seen this pattern occur in the EU and UK after the implementation of EMV there, and everyone is starting to brace themselves for the flood of online fraud that is a common counterpart to any regional EMV transition. We’re starting to see fraud rates increase already, as many issuers begin to issue EMV cards. Obama’s Buy Secure Executive Order is only going to speed up the entire move to EMV, and likewise, the shift of fraud to the online marketplace. Thankfully, EMV has an online equivalent through Cardinal’s Consumer Authentication (CCA) solution that leverages the various 3-D Secure (3DS) authentication protocols, which the US market needs in order to prepare for the EMV fraud migration. Buy Secure, the executive order, addresses all commerce, including the CNP channel, and provides us with some direction when looking to protect it from fraud.
Why is it important to act soon?
One of the most important takeaways from the Executive Order is that anyone who handles sensitive consumer data in the digital space will have to protect that consumer using multiple forms of authentication. This applies to merchants, PSPs, Acquirers, the Associations (Visa/MC), and all issuers.
If history repeats itself, we should expect the US market to follow the pattern of every other region that has moved to EMV, where fraud has jumped to the less secure channel, eCommerce. The perfect complement to EMV is Cardinal’s Consumer Authentication, which can prevent fraud AND sensitize the consumer experience so that the President and First Lady can order online.
What does this all mean?
The Card Not Present world will have new terms of authorization with Buy Secure Points. Cardinal has created Consumer Authentication, which leverages what banks know about their Customers, what merchants understand about their Consumers, leverages the 3-D Secure protocols, and in real-time, reconciles the information to yield the best results. As an industry leader, we look to be a source for information about this process, especially when it comes to compliance of regulations. If your business does not comply, you can be subject to negative attention from the government in the form of an audit.
If you would like to FutureProof™ your business and want to learn more, Contact Cardinal!