By now, we’ve been through the larger details and the minor intricacies within the Visa Delegated Authentication (VDA) program. We hope that you’ve been able to soak up this information and, more importantly, understand it and what it means for you and for the entire industry going forward.
We’ve gone over the fundamental objective of the program, as well as Visa’s role in the entire process. Today, we’re going to connect those dots and touch on the actual mechanics of a transaction with VDA.
We already know that merchants who are participants in the program need to provide a flag to issuers showing that they’ve successfully performed SCA. There are two ways that merchants can flag to issuers that they’ve completed this step: through 3-D Secure or Tokenization.
3-D Secure is the more common method between the two, and the one that we will be focusing on today.
Within the transaction, the merchant, as a participating entity in this program, performs SCA. The merchant then sends the flag, their Visa Merchant Identifier (VMID) and any other authentication factors to Visa. This is where Visa assesses the VMID and the issuer’s BINs to ensure that both the merchant and the issuer are participating members of the program.
Visa then forwards the authentication information to the issuer, who, in turn, creates a cryptogram which includes the transaction status and the Electronic Commerce Indicator (ECI). The cryptogram is then returned to the merchant to be used during authorization.
If this seems confusing on first glance, don’t worry! This is all relatively new and complex, which is why we’re here to help with any questions you may have regarding this process or anything else with VDA. We hope you enjoyed this informational series, and if you do have any questions or concerns, please reach out! We’re happy to help!