fbpx
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • COVID-19
  • News
  • Events
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • COVID-19
  • News
  • Events
No Result
View All Result
PaymentsJournal
No Result
View All Result

A Credit Union’s Guide to 3D Secure 2.0

PaymentsJournal by PaymentsJournal
March 19, 2019
in Featured Content, Security, The PaymentsJournal Podcast
0
A Credit Union’s Guide to 3D Secure 2.0

A Credit Union’s Guide to 3D Secure 2.0

2
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

Unlike a rose, 3D Secure by any other name might not smell as sweet.

Verified by VISA (VBV), Mastercard SecureCode, American Express SafeKey, Discover ProtectBuy, Secure Online Transactions (SOT), EMV 3-D Secure, and Mastercard Identity Check are just a few of the monikers this security protocol has worn since its inception in 1999.

The protocol first came into being before in-app purchases grew into a $37 billion channel, before devices like Amazon Alexa learned to do consumers’ shopping before them, before mobile commerce existed at all. Heck, 1999 – that’s even before the smartphone itself. 20 years later, it’s only natural that a new and improved protocol would be needed.

Enter 3D Secure 2.0.

This, according to PSCU Senior Fraud Product Manager David Ver Eecke, will finally empower credit unions and other issuers to strike the balance between security and convenience – a Holy Grail among any and all in the payments space. With 3D Secure 2.0 on their side, Ver Eecke says credit unions now have a fresh opportunity to make their way to the top of customers’ wallets – and stay there.

What is 3D Secure?

One of the biggest misconceptions about the original 3D Secure (and its many monikers) is that it covers all types of eCommerce transactions. But, being conceived before mobile and voice transactions, how could it? That’s why 3D Secure 2.0 was (and is) so needed today.

At its most basic level, 3D Secure stands for “Three Domain Secure,” which refers to the three parties involved in any secure payment: the issuer, the acquirer, and the network processing the transaction. Visa was the first to develop and introduce the standards. Later, other major global networks also adopted them to support effective security and authentication in the growing eCommerce space.

3D Secure 1.0 relied on features like static passwords, pop-up boxes, and user registration to verify and authenticate cardholders. However, this created barriers for legitimate customers, leading to frustration and cart abandonment. Credit unions and banks ramped up their fraud strategies, but this led to higher rates of false declines, which only added to customer frustration.

It also didn’t stop the fraudsters. Sometimes, these criminals even had enough information (and patience) to impersonate a member and complete the 3D Secure registration – which is more than we can say about many of the members themselves.

What makes 2.0 different?

3D Secure 2.0 does away with these onerous user requirements. Say goodbye to pop-ups and hello to Risk Based Authentication. Static security keys are being swapped out for one-time passwords (OTPs). And no longer will legitimate customers bear the burden of registering their card with Visa or MasterCard to receive the benefits of the security protocol.

Another key difference with the new version is the amount of data behind each decision. 3D Secure 2.0 pulls information like IP address, shipping address, device information, and more info about customers themselves, allowing issuers to improve risk scores and make better authentication decisions.

This, in turn, reduces transaction friction for valid members. A friction-free member is a happy member, and in today’s market, a happy member is more than half the battle.

As 3D Secure 2.0 continues adding features, the user experience will no doubt become even more seamless and secure, driving top-of-wallet status for credit unions and issuers who choose to participate. The real question is: Why wouldn’t they?

Key takeaways for credit unions

According to Ver Eecke, there are two important takeaways that credit unions can glean from the 3D Secure 2.0 conversation. Here’s his advice – and it’s a simple one-two hit:

  1. Make sure your credit union is participating in the 3D Secure solution. With the growth of digital commerce has come growth in digital fraud, and as EMV matures in the U.S., the market follows the same path as other global markets that went there first. Fraud has largely shifted to CNP, driving increased losses for merchants. On the flip side, customers are not so quick to abandon their carts now that the 3D Secure registration requirements are gone, so merchants are more willing and eager to send transactions via 3D Secure.
  2. Focus on the member experience. It is important to mitigate fraud losses, yes, but don’t neglect your credit union’s brand reputation. It may be tempting to crank up fraud strategies to deal with CNP fraud, but this can make the problem worse instead of better by increasing false decline rates – and with them, customer frustration. Today’s consumers and members expect seamless experiences everywhere they go. If the card issued by their local credit union doesn’t work in CNP settings, or leaves them vulnerable in some way, it will not take long for another card to replace it as the top-of-wallet choice.

Credit unions aren’t bank issuers. Bank issuers deal with cardholders; credit union people deal with members. There’s a much closer and more personal relationship, and it’s one that Ver Eecke believes can be enhanced and strengthened by the adoption of 3D Secure 2.0. The new protocol lets credit unions offer seamless security – the best of both worlds – the payments Holy Grail.

Other considerations

Not convinced yet? Ver Eecke noted a few other reasons it’s worth getting into the 3D Secure game now that 2.0 has arrived.

  1. Making up for increased dark web vulnerability: Not all stolen card credentials can be bought or sold on the dark web for the same price. There’s always a premium for, say, the American Express Black Card – but did you know that the pricing also varies at the other end of the spectrum? Because credit unions are smaller banks, fraudsters may assume they don’t have the same protective tools in place. This makes them (and their members) more vulnerable.
  2. Increasing agility to respond to new fraud threats: It’s always a catch-22 making things easier for cardholders because it also tends to create new opportunities for bad guys to poke holes in the system. But the smaller size of credit unions makes them more agile and able to respond to evolving attacks. Keeping the fundamentals covered with 3D Secure 2.0 allows institutions to focus on countering those new attacks rather than plugging holes in a sinking ship.
  3. Empowering members: Without 3D Secure 2.0 in place, credit union members who experience a false decline must call the credit union to resolve the issue. With it, they become empowered to self-resolve that problem. This excellent customer experience can contribute to helping credit unions stay competitive.
  4. Satisfying new requirements: While 3D Secure 2.0 is not required in the European Union, there is a lot of pressure to adopt it because it helps financial institutions meet many of the new rules and regulations around security and data protection. It does this by tokenizing transactions all the way through the channel. There’s even less pressure to adopt outside of the EU – but that doesn’t mean it’s a bad idea to follow their lead today instead of playing catch-up tomorrow.

In conclusion, said Ver Eecke, “I’m excited for 3D secure 2.0 because it’s really going to help improve the checkout experience for members, but will also help protect our credit unions in ways that we can’t with the current protocol.”

Subscribe to our podcast via:

Tags: 3D SecureCredit UnionsPSCUSecurity
2
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily
    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Mercator Advisory Group analysts and industry professionals.

    Must Reads

    Report: Preventing Social Engineering Attacks with Behavioral Biometrics

    Report: Preventing Social Engineering Attacks with Behavioral Biometrics

    April 21, 2021
    Unpacking the Need for Financial Institutions to Offer Deposit-Based Liquidity Solutions

    Unpacking the Need for Financial Institutions to Offer Deposit-Based Liquidity Solutions

    April 20, 2021
    How Banks Are Seizing Opportunities to Move Beyond Traditional Bank Products

    How Banks Are Seizing Opportunities to Move Beyond Traditional Bank Products

    April 19, 2021
    On the Heels of the Insurrection, the Payments Industry Needs Clear Definitions of Hate and Harm

    On the Heels of the Insurrection, the Payments Industry Needs Clear Definitions of Hate and Harm

    April 16, 2021
    Report: Recurring B2B Payments are Driving Payment Modernization

    Report: Recurring B2B Payments are Driving Payment Modernization

    April 15, 2021
    AI is the Future, and the Future is Now

    AI is the Future, and the Future is Now

    April 14, 2021
    Your Customer’s Bank or Credit Card Details Are Being Sold On the Dark Web. What Can You Do to Stop It?

    Your Customer’s Bank or Credit Card Details Are Being Sold On the Dark Web. What Can You Do to Stop It?

    April 13, 2021
    There’s No Disputing It: PSCU’s New Initiative Will Create a Better Disputes Management Experience for Credit Unions and Their Members

    There’s No Disputing It: PSCU’s New Initiative Will Create a Better Disputes Management Experience for Credit Unions and Their Members

    April 12, 2021

    Connect With Us

    • Advertise With Us
    • About Us
    • Terms of Use
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • COVID-19
    • News
    • Events

    © 2021 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result