Find out about fraud prevention and your responsibilities as a merchant
01 3D Secure security protocol
3D Secure is an online payment security protocol that helps merchants lower the risk of fraud. It’s used to confirm cardholder authenticity, ensuring that only the real cardholder can use the card to make purchases online.
Verified by Visa* service
The Verified by Visa (VbV) service, based on the 3D Secure protocol, is a global program designed to make online shopping more secure for both consumers and merchants. Cardholders register for VbV through the financial institution that issued their card and select a personal password to authenticate their identity online.
Mastercard SecureCode, based on the 3D Secure protocol, is a confidential code associated with the cards of consumers who make purchases online. This code is only known by cardholders and their financial institution.
3d secure 2.0
The 3D Secure 2.0 protocol offers stronger fraud detection mechanisms while providing a better online shopping experience for your customers.
It will be available will be available on online Monetico solutions early 2020.
Good to know:
- At each transaction, 3D Secure 2.0 allows more data items to be sent to the issuer to authenticats the cardholder. Some of the data, such as the email address or billing address are provided by the customer, while some contextual data will come from the device used by the customer during the purchase.
- The risk level is then established by the issuer. Since more transaction information is disclosed and analyzed, most transactions are approved quickly. In the event that a transaction is deemed fraudulent or high risk by the issuer of the card, the customer will have to provide additional data to authenticate the payment.
- Version 2.0 is designed to work with both web and mobile payment flows without redirecting users to an authentication page like version 1.0 did. This frictionless experience declines the cart abandonment rate.
- CustomerThe customer completes a purchase on the retailer's website.
- Authentication request An authentication request is sent through the payment gateway. Transaction data and contextual data are exchanged. Contextual data example: Mobile device location, customer purchase habit, currency of usual transactions.
- MerchantThe merchant's 3D Secure service provider consolidates the data and sends it to the 3DS servers.
- Issuer The Access Control System (ACS) authenticates the cardholder and evaluates the level of risk using the data received.
- Level of risk If the risk is low, the authentication is successful. If the risk is rated as high, authenfication has failed and additional verification steps will be required.
- Authentication successful or additionnal verification required If authentication is successful, the transaction will be approved. If the authentication has failed, the customer will have to identify himself otherwise. The additional verification methods may vary according to the issuer (eg: notification push, SMS code, validation via the fingerprint / facial recognition function of the mobile device).
For more information, please visit Visa website.
02 Address Verification Service (AVS)
Service offered by Visa and Mastercard
The Address Verification Service (AVS) allows consumers to use their credit card to make purchases online, by mail or by phone, and allows merchants to verify the cardholder's address with the financial institution processing the order.
How does AVS work?
AVS is used to verify whether the person making the purchase with the card is the same person who receives the monthly statement for that card. By checking the billing address indicated in the consumer's financial institution file against the billing address provided during the purchase, merchants and financial institutions are working together to prevent the use of lost or stolen Visa cards for card-not-present purchases.
For all cardholders, AVS means that when making purchases online, by mail or by phone, if the billing address provided to the merchant doesn't match the actual billing address, the transaction can’t be completed, which may prevent a fraudulent transaction.
- Be careful if the same credit card is used for a number of orders in a short period of time.
- Be careful if several orders for delivery to the same address are made in a short period of time.
- Be careful if the customer’s IP address doesn’t match the credit card’s issuing country or is from a high-risk country.
- Be careful if a customer makes a very expensive order or buys a large quantity of an item.
- Always track all your packages and save your proof of delivery. You'll need them in the event of a dispute.
- An order seems suspicious to you, call the customer to confirm with them; fraudsters often use fake phone numbers.