The transition from 3-D Secure 1.0 to EMV® 3-D Secure (formerly known as 3-D Secure 2.0) may seem like a tricky, complicated change, however, it’s actually the opposite. Since the release of the EMV 3DS specifications, we have been working to make this shift as easy and seamless as possible for our customers and partners. But how is this change really going to affect our industry?
Well, we’re glad you asked!
EMV 3DS is ushering digital commerce into the modern age by bridging the data gap that existed between merchants and issuers. Before, issuers could only use their own data when making authentication decisions on consumers’ transactions. Sometimes, this didn’t go so well for merchants or consumers, as legitimate transactions were declined due to a lack of data, not because they were fraudulent. By allowing merchants to share their data with issuers, EMV 3DS is revolutionizing the game.
Let’s stop for a second. By now, we’ve established that sharing data is good, and will help issuers during the authentication process. But they are also gaining access to many more data fields – hundreds more, in fact – which will ultimately help paint a more accurate picture of the consumer. In this new world, issuers are working with a whole new set of tools in the authentication process, making their lives that much easier.
But the positive changes don’t stop there. The authentication process is not always black-and-white. Sometimes there are gray areas, where issuers are unsure about the consumer, and whether to authenticate the transaction or not. When that happens, a step-up comes into play, which is a way that the issuer can seek additional information from the consumer, to ensure that they are actually the person that they are claiming to be.
Up until now, this step-up process has been primarily reliant on two forms of additional information: answers to knowledge-based questions and static passwords. Over time, these have both proved troublesome, as many legitimate consumers have forgotten them, preventing them from completing the transaction, and frustrating them in the process.
EMV 3DS is using one-time passcodes and biometrics during the step-up process, giving consumers an easier way to prove their legitimacy. Through these new methods, we should also see reduced fraud across our entire industry, as it will be harder for cybercriminals to produce the answer to a one-time passcode or the necessary information to pass the biometric test.
Hopefully you are all starting to see how EMV 3DS is affecting the digital commerce game, through many different avenues. There is a lot more to come in the weeks ahead on this topic. Be sure to come back!
EMV® is a registered trademark in the U.S. and other countries and an unregistered trademark elsewhere. The EMV trademark is owned by EMVCo, LLC.