Top Online Payments Security Trends
Learn about the latest approaches when it comes to assessing security risks, and find out more about the latest authentication trends in the online payments industry.
The release of 3D Secure 2 was motivated by reducing fraud in card-not-present transactions as well as improving the user experience during cardholder's online checkout process. Find out how 3D Secure 2 improved effectiveness both by introducing new features and bringing the security standards to a higher level without tampering with customer experience.
3D Secure 2 is an improved version of the 3D Secure authentication protocol from 2001 by VISA as an interoperable three-domain solution for online card authentication. As opposed to card transactions that occur in brick-and-mortar retail, which use chips and PIN authentication methods, there was no presented solution for eCommerce until 3D Secure stepped in.
3D Secure is an additional process that occurs before a transaction becomes authorized. The three domains are namely:
1. Merchant: The seller that requires payment.
2. Customer: The Card owner and purchaser of goods.
3. Interoperability: Card scheme (Visa, MC, Amex, Diners, JCB, etc.)
For a number of years, eCommerce and other online payment systems have proven to be lucrative and presented constantly growing business opportunities, accompanied by an ever-present and rising threat regarding online fraud and theft.
Below are some figures (via eMarketer) to consider comparing the annual percentages of total sales conducted online when compared to all sales that also include brick and mortar retailers, as well as the comparison of change annually within this sector and the growth that occurred from the year 2017 until the projected year 2023.
The data shows that the global eCommerce market had sales reaching $3.5 trillion by the end of 2019 and represented 14% of the global sales figures. Projections show that eCommerce sales will reach 22% of global retail figures by 2023, with total sales reaching around $6.5 trillion.
Considering the ever-growing trend in eCommerce, security issues need to be taken care of, and significant changes regarding the authentication process are being implemented. Static passwords are untrustworthy and should be replaced by dynamic passwords and biometrics. This resulted in an improved user experience for both merchants and cardholders as well as more secure online payment processes.
Main changes included the following:
Strong Customer Authentication (SCA) came into play as a PSD2 requirement. Its main goal is to reduce fraud and bring online payment security to a higher standard. Static passwords caused a variety of inconveniences for online shoppers, thus resulting in high cart abandonment rates. On the other hand, biometric authentication (e.g., face or voice recognition) is not only more secure than conventional static passwords. It contributes to a smooth user experience during online checkout, which cuts down cart abandonment rates. Another method within 3D Secure 2 is risk-based authentication, a setting stone for frictionless transactions. This means that transactions that are ''low-risk transactions'' do not require further authentication. This method is based on data from previous transactions and cardholder behavior information.
Bringing the security standards to a higher level without tampering with user experience presented a real challenge when it comes to 3D Secure 2. Alongside introducing new authentication methods such as biometrics, this upgrade eliminated pop-up windows and redirects which occurred during online payment, making cardholders more confident in the security of their purchase and consequently causing cart abandonment rates to drop.
3D secure 2 enables authentication on a wide variety of devices. 3D Secure transactions are now available in application and browser-based solutions.
EMVCo continues to enhance 3D Secure protocol aligning it with eCommerce trends. This also refers to the buyer and stakeholder's needs to ensure the best UX and ultimate security. 3D Secure v2.1 brought frictionless authentication which resulted in a faster and more convenient checkout process. At this moment, there is actual 3DS v2.2, which brought new authentication methods; like decoupled authentication, and Trusted Merchant Listing to give additional control to buyers in managing transaction security.
Learn about the latest approaches when it comes to assessing security risks, and find out more about the latest authentication trends in the online payments industry.
To find out more about Trides2 portfolio, contact us or visit our blog section.
