Beginning with the 2015 liability shift, mass issuance of EMV® (chip) cards made a lasting impact on reducing counterfeit card fraud for card-present transactions. However, card fraud associated with card-not-present (CNP) transactions continues to grow at a rapid pace and shows no signs of slowing down. The explosive growth of ecommerce during COVID-19 puts additional strain on the system as more consumers shop digitally as a socially distanced alternative to face-to-face commerce.
What is EMV 3-D Secure 2.0?
EMVCo®, the organization behind EMV chip card technology, also offers messaging protocol for CNP transactions to help identify and prevent fraud. The protocol, called EMV Three-Domain Secure (3DS), was recently updated to version 2.0. EMV 3DS 2.0 allows merchants and issuers to exchange enhanced data to help make informed decisions when approving or declining ecommerce card transactions due to suspected fraud.
Which data is available in version 2.0 that wasn’t there before?
EMV 3DS 1.0 only allowed 15 data elements to be exchanged, while version 2.0 allows ten times that amount of data to be shared. Enhanced data includes merchant country code, IP address, EMV payment token indicator, device information, merchant risk indicator, and 3DS requestor URL. This enhanced flow of data allows issuers to make more informed decisions for each transaction, helping approve legitimate transactions in a timely manner and decline potential fraud before it becomes a problem.
How does EMV 3DS 2.0 impact the consumer experience?
The enhanced data available in EMV 3DS 2.0 doesn’t require additional input from consumers during checkout, so the process is transparent to the end user. However, it does offer additional protection from fraudulent transactions and disruptions to cardholder accounts that can result from fraud.
EMV 3DS 2.0 also supports new payment channels including digital wallets and app-based payments in addition to traditional browser-based transactions supported by version 1.0.
Finally, when further authentication is required, consumers no longer need to rely on static passwords. Two-factor and biometric authentication are now available via EMV 3DS 2.0.
Contact us to learn more about EMV 3DS 2.0.